Privacy Policy

Your photos stay on your device. We built Magic Mirror with privacy as our foundation.

Last updated: March 2026

Privacy-First Design

Your photos stay on your device. We built Magic Mirror with privacy as our foundation — your images are stored locally and only analysis data is processed on our servers.

1. Our Privacy Promise

Magic Mirror is built with a privacy-first architecture. We respect your privacy and are committed to protecting your personal data through innovative local-first technology that keeps your photos secure on your device while still providing powerful AI analysis.

2. Information We Collect

We may collect, use, store and transfer different kinds of personal data about you:

  • Identity Data: name, username or similar identifier
  • Contact Data: email address
  • Profile Data: your preferences, feedback and survey responses
  • Usage Data: information about how you use our app and services
  • Technical Data: device information, IP address, browser type

3. How We Use Your Information

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • To provide and maintain our service
  • To improve and personalise your experience
  • To analyse outfit photos and provide fashion insights
  • To communicate with you about our services
  • To comply with legal obligations

4. How We Handle Your Photos (Local-First)

Your photos are your property and stay on your device. Here's exactly how our privacy-first system works:

Photo Storage

  • Photos are stored exclusively on your device in a private, encrypted directory
  • Maximum 500MB local storage with automatic cleanup of oldest photos
  • Other apps cannot access your Magic Mirror photos
  • You can delete photos anytime from your device

AI Analysis Process

  • Your photo is resized and optimised on our server, then forwarded to Claude AI (Anthropic) for analysis
  • Original high-resolution photos never leave your device — only the optimised version is transmitted
  • Anthropic does not store or retain your image after the analysis request completes
  • Anthropic does not use API inputs (including your photos) to train their AI models
  • Images are held in memory only during processing — never written to disk on our servers
  • Analysis results (style insights) are stored to power your wardrobe history and recommendations

5. Technical Privacy Safeguards

  • Device-level encryption protects local photo storage
  • HTTPS encryption for all data transmission
  • Authentication tokens stored in device secure keychain
  • Automatic cleanup prevents data accumulation
  • Privacy flags in our database track local-first processing

6. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.

7. Data Retention & Storage

  • Photos: Stored indefinitely on your device until you delete them
  • Analysis Results: Stored to improve recommendations, can be deleted on request
  • Account Data: Kept while your account is active
  • Server Data: No permanent photo storage on our servers

8. Your Privacy Rights & Controls

Immediate Controls (No Request Needed)

  • Delete photos from your device anytime
  • View local storage usage in app settings
  • Control camera and photo permissions

Rights You Can Request

  • Access all your personal data we have
  • Correct any inaccurate personal data
  • Complete deletion of your account and all server data
  • Object to processing of your personal data
  • Export your analysis history

9. Third-Party Services

We use select third-party services to provide AI analysis while maintaining privacy:

  • Claude AI (Anthropic): Powers outfit analysis. Your image is sent to Anthropic's API for the duration of the request only — it is not stored, retained, or used for model training. See anthropic.com/legal/privacy for details.
  • AWS (Cloud Infrastructure): Secure, encrypted data transmission and processing
  • All third parties are contractually bound to protect your data

10. Changes to Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us: