BURS ("BURS", "we", "us", "our") is a digital wardrobe and AI styling platform available via web and/or progressive web app at burs.me (the "Service").
This Privacy Policy explains how we collect, use, store, share, and protect personal data when you use BURS, including when you connect your Google Calendar for contextual outfit recommendations.
If you have questions about this Privacy Policy or your personal data, contact us at hello@burs.me.
2. Scope of This Privacy Policy
This Privacy Policy applies to:
visitors to burs.me
users who create a BURS account
users who upload clothing photos and metadata
users who use AI styling features
users who connect third-party services such as Google Calendar
users who subscribe to premium features
This Privacy Policy does not apply to third-party websites or services that BURS links to or integrates with (for example, Google, payment processors, or weather providers), which have their own privacy policies.
3. What Data We Collect
We collect only the data needed to provide and improve BURS.
A. Account and Identity Data
Name or display name
Email address
Authentication identifiers (for example, login/account IDs)
Subscription status and plan information
B. Wardrobe and User Content
Clothing photos you upload
Clothing metadata (for example, color, category, fabric, tags)
Outfit combinations you create/save
Style preferences and feedback (likes/dislikes, selections)
C. Usage and Device Data
App usage events (for example, feature use, performance, errors)
Device/browser type
IP address (or approximate location derived from it)
Log data (security, diagnostics)
D. Weather / Context Data
City or location information you provide (or approximate location if enabled by you)
Weather conditions used for styling recommendations
E. Google Calendar Data (only if you connect Google)
If you choose to connect your Google account, BURS may access:
calendar events
event titles
event start/end times
event location (if included in the event)
calendar metadata needed to display schedule context
Google OAuth scope used (intended): https://www.googleapis.com/auth/calendar.readonly
BURS does not request permission to create, edit, or delete your Google Calendar events.
F. Payment and Billing Data
Payments are processed by third-party payment providers (for example, Stripe). We do not store full card numbers. We may receive limited billing data such as:
payment status
subscription renewal status
transaction IDs
billing country
partial payment method metadata (as provided by the processor)
4. How We Use Your Data
We use personal data to operate BURS and provide the features you expect.
We use your data to:
1. Provide the core Service
create and manage your account
store your wardrobe
generate outfit recommendations
2. Power AI styling features
analyze clothing photos and attributes
personalize outfit suggestions
improve recommendations for your account
3. Provide contextual recommendations
use weather context
use calendar context (if connected) to suggest appropriate outfits
4. Manage subscriptions and payments
process premium access
handle billing events
prevent fraud and abuse
5. Support and troubleshoot
respond to support requests
fix bugs
improve reliability and security
6. Comply with legal obligations
accounting/bookkeeping
legal requests
security investigations
5. Legal Bases for Processing (GDPR)
Under the GDPR, we process personal data only when we have a legal basis.
A. Contract (Article 6(1)(b))
We process data as necessary to provide the Service you requested, including:
account creation and login
wardrobe storage
outfit generation
subscription access
B. Consent (Article 6(1)(a))
We rely on consent for:
connecting your Google Calendar
optional location-based features (where applicable)
any optional data use that is not strictly necessary to provide BURS
You can withdraw consent at any time (see Section 11).
C. Legitimate Interests (Article 6(1)(f))
We process some data for our legitimate interests, including:
service security
fraud prevention
debugging and performance monitoring
improving the Service using aggregated or de-identified analytics
When we rely on legitimate interests, we balance those interests against your rights and freedoms.
D. Legal Obligation (Article 6(1)(c))
We process data when required to comply with legal obligations, including accounting, tax, and lawful requests by authorities.
6. Google API Services User Data (Important)
If you connect Google Calendar, BURS accesses Google user data only to provide the calendar-aware styling functionality you explicitly enable.
Google User Data — What We Access
BURS accesses Google Calendar data on a read-only basis to:
understand your day's schedule
identify event timing/context
suggest suitable outfits based on your calendar and weather
Google User Data — What We Do NOT Do
BURS does not:
create, edit, or delete Google Calendar events
sell Google user data
use Google user data for advertising
use Google user data for retargeting or personalized ads
transfer Google user data to data brokers
use Google user data for credit/lending decisions
Limited Use Commitment
BURS's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
This means:
Google user data is used only for user-facing features clearly shown in BURS
humans do not access Google user data except in limited, permitted cases (for example, security, legal compliance, or with your explicit consent)
any transfer is limited to what is necessary to provide the feature, comply with law, or maintain security
If We Change Google Data Use
If we change how BURS accesses or uses Google user data, we will:
update this Privacy Policy
update in-product disclosures
ask for your consent again before using Google user data for a new purpose
7. AI and Automated Recommendations
BURS uses AI/ML systems to generate wardrobe insights and outfit suggestions.
Transparency Notice
When you use styling recommendations, you are interacting with AI-assisted features.
How AI is used
AI may:
classify garment images
infer clothing attributes
rank outfit suggestions
personalize recommendations based on your prior interactions
Human decision remains yours
BURS provides suggestions only. Final clothing choices are always made by you.
No solely automated legal/significant decisions
BURS does not use AI to make decisions that produce legal effects or similarly significant effects on you (for example, employment, credit, or insurance decisions).
8. Sharing of Data
We do not sell your personal data.
We share personal data only when necessary to operate BURS, and only with appropriate safeguards.
Categories of recipients
Hosting / infrastructure providers (for example, databases, storage, backend hosting)
Authentication and security providers (for login, fraud prevention, abuse monitoring)
Payment processors (for subscription billing)
Weather and contextual data providers (to support weather-aware recommendations)
Google (when you connect Google Calendar)
Professional advisors / authorities (if required) (lawyers, auditors, regulators, law enforcement)
Where required, we use Data Processing Agreements (DPAs) or equivalent contractual safeguards with processors.
9. International Data Transfers
We aim to process data in the European Economic Area (EEA) where possible.
If personal data is transferred outside the EEA/UK, we use appropriate safeguards such as:
adequacy decisions
Standard Contractual Clauses (SCCs)
other lawful transfer mechanisms under GDPR
You may contact us for more information about transfer safeguards.
10. Data Security
We use technical and organizational measures designed to protect your personal data, including:
encryption in transit (TLS)
encryption at rest (where supported)
access controls and least-privilege permissions
authentication and audit logging
monitoring, patching, and security reviews
processor due diligence
11. Your Rights (GDPR)
If you are in the EU/EEA (and in many cases elsewhere), you have rights regarding your personal data.
You may have the right to:
access your personal data
correct inaccurate data
delete your data
restrict processing
object to certain processing
data portability
withdraw consent at any time (where processing is based on consent)
lodge a complaint with a supervisory authority
Sweden (IMY)
If you are in Sweden, you can complain to the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY).
How to exercise your rights
Email us at hello@burs.me. We may need to verify your identity before completing your request.
12. Data Retention
We keep personal data only as long as necessary for the purposes described in this Privacy Policy.
Typical retention approach
Account data: kept while your account is active
Wardrobe content and preferences: kept until you delete them or delete your account
Google Calendar data: processed for contextual recommendations; we avoid storing more than necessary and limit retention of cached calendar data
Support and security logs: retained for a limited period as needed for support/security
Billing records: retained as required by law/accounting rules
Account deletion
You can request account deletion by using in-app settings (if available) or emailing hello@burs.me.
13. Cookies and Similar Technologies
BURS may use cookies and similar technologies for login/session management, security, preferences, and analytics (if enabled).
Where required by law, we will ask for your consent before using non-essential cookies or tracking technologies.
14. Children's Privacy
BURS is not intended for children under 13.
If we learn that we collected personal data from a child under 13 without valid parental consent, we will delete it.
If you believe a child has provided personal data to BURS, contact us at hello@burs.me.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time.
If we make material changes, we will:
update the "Last updated" date
provide notice in the app or on the website
request consent again where required (especially for new Google user data uses)