TryPoint — AI Virtual Try-On
Last Updated: April 2, 2026
This Privacy Policy describes how TouchPoints Inc. ("Company," "we," "us," or "our"), a Delaware corporation, collects, uses, shares, and protects personal data in connection with the TryPoint AI Virtual Try-On service ("Service").
This policy applies to: Shoppers who use the virtual try-on feature on Merchants' stores; Merchants who install and operate TryPoint on their Shopify stores; and Visitors who browse trypoint.ai or related websites.
We are committed to protecting your privacy and processing your data lawfully, fairly, and transparently. If you are in the European Economic Area (EEA), United Kingdom (UK), or other jurisdictions with data protection laws, please review the jurisdiction-specific sections below.
TouchPoints Inc.
701 Tillery Street, Unit 12
Austin, TX 78702, United States
Email: data@trypoint.ai
3.1 Shopper Data. We collect: photos and images you upload for virtual try-on (to generate AI try-on images); biometric-adjacent data such as body shape, proportions, and appearance as processed by AI models (to render accurate results); contact information such as email address when provided (for marketing with consent); device and technical data including IP address, browser type, operating system, and device identifiers (for service delivery and security); usage data such as try-on interactions, pages visited, and features used (for service improvement); approximate geolocation derived from IP address (for compliance and localization); and cookies and tracking data (see our Cookie Policy).
3.2 Merchant Data. We collect: account information including name, email, phone number, and physical address (for account management and support); store data including product catalog, collections, order history (60 days), and theme information (for service delivery); and billing data processed through Shopify (for subscription billing).
3.3 Website Visitor Data. We collect: technical data including IP address, browser, device, and referring URL (for analytics and security); and cookie data (see our Cookie Policy).
4.1 Service Delivery: Processing uploaded photos to generate virtual try-on images; displaying try-on results to Shoppers; enabling Merchants to manage try-on features; and providing analytics and usage reporting to Merchants.
4.2 Communication: Responding to support inquiries; sending service-related notifications to Merchants; and marketing communications (only with consent).
4.3 Improvement and Development: Analyzing usage patterns to improve the Service; training and improving AI models (only with aggregated, de-identified data unless you separately consent); and developing new features.
4.4 Legal and Compliance: Complying with applicable laws and regulations; enforcing our Terms of Use; and protecting against fraud, abuse, and security threats.
4.5 Marketing (Merchants Only): Providing Merchants with Shopper email addresses collected through the try-on feature (where Shoppers have consented).
If you are in the EEA or UK, we process your data under the following legal bases: providing the virtual try-on Service (performance of a contract, Art. 6(1)(b) GDPR); processing uploaded photos (explicit consent, Art. 6(1)(a) and Art. 9(2)(a) GDPR); analytics and Service improvement (legitimate interest, Art. 6(1)(f) GDPR); marketing communications (consent, Art. 6(1)(a) GDPR); legal compliance (legal obligation, Art. 6(1)(c) GDPR); and fraud prevention and security (legitimate interest, Art. 6(1)(f) GDPR).
Special Category Data: Uploaded photos may reveal physical characteristics. We treat this data with heightened protections and process it only with your explicit consent, which you provide when you upload your photo and initiate the try-on process.
We do not sell your personal data. We share data only in the following circumstances:
6.1 Service Providers. We use third-party service providers who process data on our behalf: Google (AI/Cloud) for virtual try-on image generation and cloud hosting (uploaded photos for processing); Shopify for app hosting, billing, and store integration (Merchant account and transaction data); VideoPoint for optional shoppable video integration (try-on images when opted in by Merchant); and analytics providers for usage analytics (aggregated/pseudonymized usage data).
6.2 Merchants. When you use the try-on feature on a Merchant's store, that Merchant may receive: your email address (if you provide it); your try-on images (if you consent to UGC use); and aggregated analytics about try-on usage on their store.
6.3 Legal Requirements. We may disclose data if required by law, regulation, legal process, or governmental request, or to protect the rights, safety, or property of the Company, our users, or the public.
6.4 Business Transfers. In the event of a merger, acquisition, reorganization, or sale of assets, your data may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.
We are based in the United States. If you are located outside the US, your data will be transferred to and processed in the United States.
7.1 EEA/UK Transfers. For transfers of personal data from the EEA or UK to the United States, we rely on: Standard Contractual Clauses (SCCs) approved by the European Commission; the EU-US Data Privacy Framework, where applicable; and your explicit consent (for photo uploads).
7.2 Safeguards. We implement appropriate technical and organizational measures to protect data during and after transfer, including encryption in transit and at rest, access controls, and contractual obligations on service providers.
Uploaded photos: Deleted within 30 days of processing, unless UGC consent is given. Try-on images: Retained for up to 90 days for service delivery; longer if UGC consent is given. Shopper email addresses: Retained by the Merchant per their own privacy policy; deleted from our systems within 90 days of collection. Merchant account data: Retained for the duration of the subscription plus 30 days after termination. Analytics data: Retained in aggregated/anonymized form for up to 24 months. Support correspondence: Retained for up to 24 months after resolution.
You may request earlier deletion at any time (see Section 10).
We implement industry-standard security measures to protect your data, including: encryption of data in transit (TLS 1.2+) and at rest; access controls and authentication mechanisms; regular security assessments; secure cloud infrastructure; and employee access limited to need-to-know basis.
No system is 100% secure. While we take reasonable precautions, we cannot guarantee absolute security. If we become aware of a data breach affecting your personal data, we will notify you and relevant authorities as required by applicable law.
10.1 All Users. Depending on your jurisdiction, you may have the following rights: Access (request a copy of the personal data we hold about you); Correction (request correction of inaccurate or incomplete data); Deletion (request deletion of your personal data); Portability (receive your data in a structured, machine-readable format); Withdraw Consent (withdraw previously given consent at any time); and Object (object to processing based on legitimate interests).
10.2 EEA/UK Residents (GDPR). In addition to the above, you have the right to: restrict processing under certain circumstances; lodge a complaint with your local Data Protection Authority; and not be subject to decisions based solely on automated processing that produce legal or similarly significant effects.
10.3 California Residents (CCPA/CPRA). Under the California Consumer Privacy Act and California Privacy Rights Act, you have the right to: Know what personal information we collect, use, and disclose; Delete your personal information; Correct inaccurate personal information; Opt Out of Sale/Sharing (we do not sell or share personal information for cross-context behavioral advertising); and Non-Discrimination (we will not discriminate against you for exercising your rights). Categories of Personal Information Collected (past 12 months): Identifiers, internet activity, geolocation data, photos/images, and inferences drawn from the above.
10.4 Brazil Residents (LGPD). Under the Lei Geral de Proteção de Dados, you have rights including access, correction, anonymization, portability, deletion, information about sharing, and the ability to revoke consent.
10.5 Canada Residents (PIPEDA). Under the Personal Information Protection and Electronic Documents Act, you have the right to access, correct, and withdraw consent for the collection, use, and disclosure of your personal information.
10.6 Exercising Your Rights. To exercise any of these rights, contact us at: Email: data@trypoint.ai — Subject line: "Data Rights Request — [Your Right]". We will respond within 30 days (or sooner where required by law). We may need to verify your identity before processing your request.
The Service is not intended for use by anyone under the age of 16. We do not knowingly collect personal data from children under 16. If you believe a child under 16 has used the Service or provided personal data to us, please contact us immediately at data@trypoint.ai and we will promptly delete such data.
12.1 How AI Is Used. When you upload a photo, it is processed by Google's virtual try-on AI models to generate a visualization of how a garment would look on you. This process involves: analyzing body shape and proportions from your photo; mapping the selected garment onto the analyzed body shape; and generating a composite image.
12.2 No Automated Decision-Making. We do not use your personal data for automated decision-making that produces legal or similarly significant effects. The try-on output is for informational and visualization purposes only.
12.3 AI Model Training. We do not use your individual uploaded photos to train AI models. We may use aggregated, de-identified data to improve the Service.
Our Service may contain links to third-party websites or integrate with third-party services (e.g., Shopify, Google). This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you interact with.
We may update this Privacy Policy from time to time. We will post the revised policy on this page with an updated "Last Updated" date. For material changes, we will provide notice via email (for Merchants) or a prominent notice on our website. Your continued use of the Service after changes take effect constitutes acceptance.
For questions, concerns, or data rights requests:
TouchPoints Inc.
701 Tillery Street, Unit 12
Austin, TX 78702, United States
Email: data@trypoint.ai
Website: https://trypoint.ai