Privacy Policy

Last updated: 2026-05-03 · Effective from public launch

TryOn is a Chrome extension that lets you try clothes and hairstyles on your own photo. This policy explains what we collect, what we don’t, and how Google’s Gemini API fits into the picture.

What we collect

• Google account email and Google subject ID — when you choose to sign in with Google for additional free credits. Used to keep your credit balance attached to an account across devices.
• An anonymous device identifier (UUID) — generated locally in your browser the first time you install. Used to track your free-tier usage on this device.
• Generation counts and timestamps — how many try-ons you’ve run, when. Used to enforce free-tier limits and a daily safety ceiling.
• Email address (optional) — if you join the waitlist for paid plans. Stored in our database; used only to email you when plans launch.
• Payment metadata — when paid plans launch, our payment processor (Razorpay) will see your card details directly; we receive only a payment ID and amount. (Not collected during the beta.)

What we DO NOT collect

• Your reference photos. They live in chrome.storage.local on your machine. They never leave your device except as inline image data on a single, transient API request to Google when you click Generate. We never see, cache, log, or store the bytes on our servers.
• Source images you click on. The image URL or bytes flow from your browser, through our Cloudflare Worker, to Google’s Gemini API. Not retained.
• Generated try-on results. The result is returned to your browser and stored locally (in chrome.storage.local for the recents strip). Not retained on our servers.
• Your browsing history. The extension only reads images on supported sites when you explicitly hover or right-click them.

Google Gemini API — important disclosure

We send your reference photo and the source image to Google’s Gemini API (model: gemini-3.1-flash-image-preview) over HTTPS for each generation. Google’s policy retains this data for up to 30 days for abuse monitoring; after that it is deleted. We do not control this retention; it is Google’s policy. See Google’s Gemini API Additional Terms of Service for details.

Where data lives

• On your device: reference photos, recent results, anonymous device ID, auth tokens.
• On our servers (Cloudflare D1, edge-deployed): Google email + subject ID, credit balance, generation counts, waitlist email.
• On Google’s servers: reference photo + source image for up to 30 days for Gemini abuse monitoring.

Your rights

• Right to delete. Email support@tryon-9z6.pages.dev from your signed-in Google address. We delete your account and ledger within 30 days. Data on Google’s side falls off their 30-day retention independently.
• Right to export. Email us; we’ll send you the rows we have for your account in JSON.
• EU/UK (GDPR), India (DPDP Act), California (CCPA). Same channel; we treat all rights requests under whichever regime gives you the most protection.

Cookies

The extension uses chrome.storage.local and chrome.storage.session for state. The marketing site you are reading uses no cookies and no analytics.

Children

TryOn is not intended for users under 13. We do not knowingly collect data from children. If you believe a child has signed in, email us and we’ll delete the account.

Changes

Material changes will be announced in the extension UI before they take effect. The “Last updated” date at the top of this page reflects any change.

Contact

support@tryon-9z6.pages.dev