Pulseheaven Privacy Policy
Effective Date: June 28, 2025
Pulseheaven LLC ("Pulseheaven," "we," "our," or "us") respects your privacy. This Privacy Policy ("Policy") explains how we collect, use, disclose, and protect personal information when you access or use our website, mobile applications, APIs, and related services (collectively, the "Platform"). It complements—and is incorporated by reference into—our Terms and Conditions of Use and Sale.
If you do not agree with this Policy, please do not use the Platform.
1. Who May Use the Platform
- U.S. Residents Only. Pulseheaven currently operates exclusively in the United States. If you reside outside the United States, you may browse public content but may not transact.
- Age Requirements.
- Adults (18+). May use all Platform features.
- Minors (13–17). May use the Platform only under active supervision of a parent or legal guardian who agrees to this Policy and our Terms.
- Under 13. We do not knowingly collect personal information from children under 13, and they may not access any Platform features. If we learn we have collected such information, we will delete it promptly (see Section 11).
2. Information We Collect
| Category | Examples | Source | Purpose |
|---|---|---|---|
| Account Info | Name, username, email, password, phone, shipping & billing addresses | You | Create & secure your account; fulfill orders |
| Identity & Social Login | Google profile ID, name, email (when you sign in with Google) | Authentication; profile setup | |
| User-Generated Content | Product photos, brand-spotlight assets, AI try-on photos | You | Listing items; promoting brands; providing AI try-on |
| Payment Data | Partial card data, Stripe customer & connected-account IDs | Stripe | Process payments & payouts |
| Shipping Data | Tracking numbers, Shippo label IDs | Shippo | Fulfill orders; provide tracking |
| Usage & Device Data | IP address, browser type, device model, pages visited, cookies | Automatic | Analytics; security; Platform performance |
| Recommendation Data | Interaction history, likes, follows | Automatic / Recombee | Personalize product recommendations |
| Communication Data | Messages between users; support tickets | You | Facilitate transactions; customer support |
| Marketing Preferences | Email opt-in/out status, cookie consents | You | Manage marketing communications |
Special Note on AI Try-On Photos
- When you upload a photo for the AI virtual try-on feature, we store a copy in our secure cloud storage and transmit it to Fash.ai (our try-on processor).
- Fash.ai retains the image for up to 72 hours for processing, after which it is automatically deleted from their servers.
- Your photo remains in Pulseheaven’s storage so you can re-use it; you may delete it at any time in your profile settings.
We do not collect biometric identifiers; the try-on system uses computer-vision algorithms but does not create biometric templates.
3. How We Use Your Information
We process personal information for the following purposes and under the following legal bases (as recognized under applicable U.S. privacy laws):
- Provide and Improve the Platform (Contract / Legitimate Interests)
- Set up accounts, enable buying & selling, ship orders, and personalize recommendations.
- Process Payments and Payouts (Contract / Legal Obligation)
- Facilitate transactions through Stripe and comply with IRS reporting (e.g., Form 1099-K).
- AI-Powered Features (Consent / Legitimate Interests)
- Provide virtual try-on, AI-generated content, and recommendation services.
- Marketing & Promotions (Consent / Legitimate Interests)
- Send newsletters, brand-spotlight promotions, and personalized offers (you may opt out).
- Security & Fraud Prevention (Legal Obligation / Legitimate Interests)
- Detect and prevent fraud, spam, and abuse; secure our systems.
- Legal Compliance (Legal Obligation)
- Respond to subpoenas, court orders, and lawful requests from authorities.
- Business Operations (Legitimate Interests)
- Audit, research, product development, and mergers or acquisitions.
4. Cookies and Tracking Technologies
We use cookies, pixels, and similar tools to:
- Keep you logged in and remember preferences;
- Measure Platform performance (e.g., via Google Analytics);
- Deliver or measure future interest-based advertising (you will be given the option to opt out before we enable targeted advertising).
You can control cookies in your browser settings and opt out of certain trackers via our Cookie Preferences link in the footer.
Our systems do not currently respond to browser “Do Not Track” signals.
5. How We Share or Disclose Information
We do not sell personal information. We share it only as outlined below:
| Recipient / Service | Data Shared | Purpose |
|---|---|---|
| Stripe, Inc. | Contact, payment, payout & tax data | Process payments, verify identity, issue 1099-K |
| Shippo, Inc. | Name, address, order details | Generate shipping labels & tracking |
| Fash.ai Inc. | Uploaded try-on photos (deleted after 72 h) | Render AI virtual try-on images |
| Recombee Ltd. | Interaction history (pseudonymized IDs) | Generate product recommendations |
| OpenAI, L.L.C. | Text prompts and necessary context (de-identified) | Provide AI-generated wording or assistance |
| Google LLC (Analytics) | Usage & device data (IP anonymized) | Traffic analytics & performance |
| eBay Developer API | None (read-only) | Fetch external product references |
| Cloud Hosting & Security Vendors | Data stored on our encrypted servers | Operate and secure the Platform |
| Legal & Compliance | Data required by law | Respond to lawful requests, protect rights |
| Business Transfers | All Platform data | Asset sale, merger, or acquisition (with notice) |
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account & Transaction Records | While your account is active + 7 years (tax & audit) |
| AI Try-On Photos (Pulseheaven storage) | Until you delete the photo or delete your account |
| AI Try-On Photos (Fash.ai) | Automatically deleted ≤ 72 hours after processing |
| Marketing Preferences & Consents | Until you revoke consent or delete your account |
| Technical Logs & Security Data | 18 months (unless needed for investigations) |
We delete or de-identify data when it is no longer required for the purposes above, subject to legal retention obligations.
7. Security
We use industry-standard administrative, technical, and physical safeguards, including:
- Encrypted data in transit (TLS 1.2+) and at rest (AES-256);
- Role-based access controls and multi-factor authentication for staff;
- Continuous vulnerability scanning and independent penetration testing;
- Strict vendor-management and data-processing agreements.
No system is 100 % secure. We cannot guarantee absolute security, but we continuously improve our protections.
8. Your Privacy Rights (U.S.)
Depending on your state of residence (e.g., California, Texas, Virginia, Colorado), you may have the right to:
- Know whether we process your personal data and access a copy;
- Correct inaccurate personal data;
- Delete personal data, subject to legal exceptions;
- Opt Out of: (i) targeted advertising, (ii) data "sales" or "sharing" (we do not sell, but you may opt out of analytics/advertising cookies), and (iii) profiling with legal effects;
- Non-Discrimination for exercising your rights.
How to Exercise Your Rights
Submit a request via contact@pulseheaven.com with the subject line "Privacy Rights Request." We will verify your identity (or your authorized agent) and respond within the timeframe required by applicable law. If we decline your request, you may appeal by replying "Appeal" to our decision email.
California residents may also request a "Shine the Light" disclosure of any direct-marketing data sharing in the preceding year (we do not share for direct marketing).
9. Marketing Communications
You may opt out of marketing emails at any time by clicking "Unsubscribe" in the email footer or adjusting settings in your account. Transactional or service emails (e.g., order confirmations) are still sent when necessary.
10. Children’s Privacy (COPPA)
We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, contact us at contact@pulseheaven.com and we will delete it promptly. Minors aged 13–17 may use the Platform only with parental consent and supervision.
11. International Data Transfers
Our servers and processors are located in the United States. If you access the Platform from outside the U.S., you understand that your information will be transferred to and processed in the United States, where privacy laws may be less stringent than those in your country. As we expand internationally, we will update this Policy to address additional jurisdictions.
12. Third-Party Sites and Services
The Platform may contain links to third-party sites. We are not responsible for the privacy practices of those sites. We encourage you to review their privacy policies.
13. Changes to This Policy
We may update this Policy from time to time. The "Effective Date" at the top indicates when the latest changes took effect. For material changes, we will provide at least 30 days’ notice via email or an in-app banner. Continued use of the Platform after the effective date constitutes acceptance of the revised Policy.
14. Contact Us
If you have questions or concerns about this Policy or your personal information, please contact Pulseheaven LLC:
- Email: contact@pulseheaven.com
- Postal Address: P.O. Box 13697, Austin, TX 78711-3697, USA
Thank you for trusting Pulseheaven with your fashion journey.