Security & Data Protection Policy

Home
>
Legal
>
Security & Data Protection Policy

At BeSpoke AI Stylist, safeguarding your personal data is a top priority. This Security & Data Protection Policy outlines the measures we take to ensure the confidentiality, integrity, and availability of user data across our platform.

1. Data We Protect

We implement security controls to protect:

  • Personal identifiers (name, email, gender, preferences)
  • Uploaded photos and user-generated content
  • Subscription and payment information (via third-party processors)
  • AI interaction data and usage history

2. Infrastructure Security

We use:

  • End-to-end encryption for data in transit (SSL/TLS)
  • Encryption at rest using industry-grade protocols (AES-256)
  • Cloud-based firewalls and intrusion detection systems
  • Hosting on secure cloud platforms (e.g., AWS, Google Cloud, Firebase)

3. Access Control

  • Role-based access to sensitive systems
  • Strict internal permissions for staff and contractors
  • Mandatory 2FA (Two-Factor Authentication) for admin tools
  • Access logs maintained for auditing

4. Data Minimization & Retention

  • We only collect data necessary to deliver our services
  • Unused or outdated user data is regularly anonymized or deleted
  • User photos and AI inputs are stored temporarily unless retained by user request

5. Incident Response Plan

In case of a security breach:

  • Users will be notified within 72 hours (as per GDPR standards)
  • Indian authorities will be notified as per IT Rules, 2021
  • A detailed audit and fix will be executed, and users informed

6. User Controls & Rights

You can:

  • Download or request a copy of your personal data
  • Delete your account and all associated data
  • Revoke previously given consent at any time
  • Report suspected breaches to: 📧 legal@bespokeaistylist.com

7. Third-Party Processors

We use trusted vendors who are compliant with:

  • ISO 27001, SOC 2 standards
  • Data Processing Agreements (DPA) as per GDPR/CCPA norms
  • Local laws applicable to cross-border data transfer

8. Children's Data

We do not knowingly collect data from children under 13.
Parental consent is required in regions where local laws apply.

9. Periodic Reviews & Updates

This policy is reviewed annually and every significant feature or infrastructure changes.

10. Contact

To raise a data protection concern or security question, contact our Data Protection Officer (DPO):
📧 legal@bespokeaistylist.com
📍 E-11, NSK Platina, Miyapur, Hyderabad, 500049, Telangana, India

At BeSpoke AI Stylist, safeguarding your personal data is a top priority. This Security & Data Protection Policy outlines the measures we take to ensure the confidentiality, integrity, and availability of user data across our platform.