Photos of yourself are personal. Here's exactly how we treat them — written in plain language, not legal-speak.
The virtual try-on uses your photo only to generate the result you asked for. That's it. Your face, your body, your style — none of it is fed into a training dataset, ours or anyone else's.
We don't run a model-training pipeline. We don't have a research partnership that shares your data. There's no fine print here.
Mirrofy makes money from credit packs and affiliate links to fashion retailers. We don't sell your photos, your preferences, your style profile, or your usage history to anyone — not advertisers, not data brokers, not "partners."
If our business model ever changes, we'll tell you before anything else changes. No quietly-updated terms.
Tap "Delete account" and within 30 days your photos, try-on results, profile, wishlist, posts and votes are gone — from our database, from our storage, and from any moderation review queue.
We don't keep a "soft-deleted" copy in case you change your mind. You can change your mind by signing up again with a clean slate — your old data won't be sitting on a shelf somewhere.
When you choose to blur your face before posting to the Style Feed, we store a separately-blurred version. The public feed loads only that blurred file. Even our moderators see the same version anyone else does — they can't toggle a switch to "view unblurred."
If you keep posts private (the default), no one sees them but you. Period.
To make Mirrofy work, three external services touch your photos transiently — and only for the moment they're needed:
AWS Rekognition checks new photos for explicit content + matches against a celebrity database (so we don't accidentally publish photos of people who didn't consent). It receives the image once, returns a yes/no, and doesn't keep a copy.
Supabase hosts our EU-based database and storage. Your photos sit in private buckets only you can read.
Fashn AI / RunPod runs the virtual try-on generation. They process your photo for the duration of one render — typically under a minute — then drop it.
The full list with legal entity names + countries is in our Privacy Policy.
Our full Privacy Policy covers everything in formal detail. If you have any privacy question that isn't answered there, write to us directly.