Privacy Policy

Sardrobe is a private digital wardrobe. You upload photos of clothes you already own, organize them, and plan outfits. We keep what we collect to the minimum needed to provide, secure, and improve the service. We do not sell your personal information or use it for targeted advertising.

Who we are

Sardrobe is operated by Omar Kawach in the United States. This policy applies to Sardrobe, available at sardrobe.com. If you have any questions or want to exercise a privacy right, contact us at .

What we collect

• Account and authentication information. When you sign in with Google, we receive information such as your name, email address, profile photo, Google account identifier, and email-verification status. We also store the authentication tokens and scopes needed to maintain and revoke the connection, together with session identifiers, expiration times, IP address, and user agent.
• Wardrobe content. When you save an item, we store its finished WebP cutout and the details you add, such as its name, category, color, description, occasion, season, and notes. We also store your outfits and their layouts, and your packing plans, dates, notes, and checklist state.
• Technical and activity data. Our hosting and authentication systems process request details, IP address, browser or device information, timestamps, login method, session identifiers, and authentication activity. Authentication events sent to Better Auth Infrastructure may also include your name, email address, account identifier, user agent, IP address, and approximate city or country.
• Diagnostic and security data. Sentry receives sampled performance traces, errors, and security events so we can diagnose problems and protect the service. We remove request headers, cookies, query strings, request bodies, IP addresses, email addresses, usernames, span data, and URL query parameters before sending events. Audit events may contain an internal account identifier and limited counts or action names. Session Replay is disabled, and we do not intentionally send wardrobe images or free-text wardrobe content to Sentry.
• Communications. If you contact us, we receive the information in your message and the contact details you use.

What stays on your device

Background removal runs in your browser. Your original source photos and unsaved import drafts remain in the current browser session; Sardrobe uploads only the finished cutout when you choose to save an item. Your theme preference is kept in local storage, and the optional local-relay preference is kept in session storage. We do not collect payment information, and we do not use advertising or marketing trackers.

How we use your data

• To create and authenticate your account.
• To provide your wardrobe, outfits, packing plans, and saved images.
• To secure the service, prevent abuse, and investigate incidents.
• To monitor reliability, diagnose errors, and improve performance.
• To respond to you when you contact us.
• To comply with law and enforce our terms.

Where applicable law requires a legal basis, we process account and wardrobe data to provide the service you request; security, diagnostics, and limited service analytics for our legitimate interests in operating a safe and reliable service; and information when needed to comply with legal obligations. You may withdraw consent for any optional processing that specifically relies on consent.

Cookies and device storage

We use strictly necessary first-party cookies for Google sign-in, session security, and keeping you signed in. Sardrobe sessions are configured with a seven-day lifetime and may be refreshed while you use the service. Temporary OAuth cookies may also be used during sign-in. We use local storage to remember your theme and session storage to remember whether you enabled the local relay for the current browser session.

We do not use advertising, marketing, or cross-site behavioral-tracking cookies. Because Sardrobe does not track your activity across unrelated websites for advertising, browser "Do Not Track" signals do not change how the service behaves. We do not permit third parties to collect your activity over time across unrelated websites through Sardrobe for behavioral advertising.

Service providers

We rely on a few providers to operate Sardrobe:

• Google for sign-in and revoking the Google connection when you delete your account.
• Cloudflare for hosting, request handling, image processing, logs, the database, and image storage through Workers, Images, D1, and R2.
• Better Auth Infrastructure for authentication activity monitoring and administrative audit events.
• Sentry for error monitoring and security event logging, which helps us keep the service reliable and secure. We configure it to scrub the request and user fields described above and to disable Session Replay.

These providers process data to deliver, secure, and monitor the service. We do not disclose your wardrobe content to advertisers or data brokers. The Buy Me a Coffee button image is hosted by Sardrobe; Buy Me a Coffee receives information only if you choose to follow the external link, and its own privacy policy then applies.

Local agent access

When you are signed in and open the Sardrobe app, the site registers WebMCP tools. You can enable Sardrobe's local relay to expose those tools to an MCP-capable desktop or coding agent. Tool registration exposes the tools' names, descriptions, and input formats; it does not by itself send your wardrobe data to an agent.

If you or your agent calls a tool, the requested result is provided to the agent and any model provider it uses. Depending on the tool, this may include wardrobe metadata, saved cutout images, outfit previews, packing plans, or browser-local import drafts and their images. WebMCP tools can also create, edit, submit, discard, or permanently delete content using your signed-in browser session. Some destructive operations require a confirm: true tool parameter, but the agent client controls whether and how it asks you before supplying that parameter.

The relay is off until you enable it for the current tab, and you can disconnect it at any time from the account menu. Data an agent receives is governed by the agent, relay software, and model providers you choose. Sardrobe does not control their handling, retention, or further use of that data.

When we disclose information

We disclose information to the service providers above, when you direct us to do so, when reasonably necessary to protect Sardrobe or others, or when required by law. Information may also be transferred as part of a merger, financing, acquisition, reorganization, or sale of all or part of the service, subject to applicable law. We do not sell personal information or share it for cross-context behavioral advertising.

Data retention

We keep your account and wardrobe data for as long as your account is active. You can permanently delete your account at any time from the account menu. After a successful deletion request, your active account, sessions, wardrobe items, outfits, packing plans, and stored cutouts are removed and cannot be recovered through Sardrobe. We also attempt to revoke Sardrobe's Google authorization; Google revocation is best-effort and does not block deletion if Google is unavailable.

Cloudflare D1 automatically maintains limited recovery history, so deleted database records may remain in protected recovery copies for up to 30 days before aging out. Security, authentication, diagnostic, and provider logs may be retained for limited periods under our provider settings, backup schedules, or legal obligations. We may keep a minimal record when necessary to prevent abuse, resolve disputes, or comply with law.

International processing

Sardrobe is operated in the United States, and our providers may process information in the United States and other countries. Those countries may have different data-protection laws. Where applicable law requires a transfer mechanism, we will use contractual or other lawful safeguards.

Security

We use reasonable technical and organizational safeguards designed to protect personal information, including authenticated media access, secure cookies, ownership checks, and data minimization. No online service can guarantee absolute security, so please keep your Google account and devices secure.

Your rights

Depending on where you live, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing, withdraw consent, or receive portable data. You may also have the right to complain to your local data-protection authority. We will not discriminate against you for exercising a privacy right.

To submit a request, contact us at . We may need to verify your identity or authority before completing a request, and legal exceptions may apply. California residents may request the categories or specific pieces of information collected, correction, or deletion as provided by applicable law. Sardrobe has not sold personal information or shared it for cross-context behavioral advertising in the preceding 12 months.

Children

Sardrobe is not directed to children under 13, and we do not knowingly collect personal data from them.

Changes to this policy

We may update this policy from time to time. When we do, we'll revise the "Last updated" date above. If a change materially affects how we use personal information, we will provide additional notice where appropriate or required.