WearStreakWhat we keep, and what we don't.
The short version: we keep your closet (the items you add and the wears and washes you tap), and we keep what Google tells us when you sign in. We do not sell your data, we do not run ad trackers, and we do not email you marketing.
What Google passes us.
When you tap Continue with Google, Google sends us your name, email, profile picture URL, and a stable Google account ID. We use the ID to know it's you next time, the name and picture to render your initials and avatar in the header, and the email so you can sign in again from a new device.
We never see your Google password. Sign-in is handled by Google directly through OAuth.
What you put in.
The items you add, their names, colors, categories, notes, and the wear and wash taps you log. These are tied to your account and visible only to you when you're signed in.
We also store your settings (default wash threshold, dark mode preference) so the app looks the same on a new device.
Yours, and only yours.
If you upload a photo of an item, it stays in your closet. Only you, when signed in to your account, can see it. We don't post it anywhere, we don't share it with other users, and we don't use your photos to train AI models.
Photos are stored on Vercel Blob, the file storage side of our hosting provider.
Three, all for sign-in.
WearStreak sets three cookies on your browser, all of them strictly necessary to keep you signed in. They expire after a week of inactivity, or when you sign out.
__Secure-authjs.session-tokenproves to the server that you're signed in.__Host-authjs.csrf-tokenblocks cross-site request forgery during sign-in.__Secure-authjs.callback-urlremembers which page to send you back to after Google redirects.
That's the full list. No advertising cookies, no third-party tracking pixels, no fingerprinting.
How we measure.
We use Vercel Analytics to count page views, see which pages are slow, and tally anonymous, aggregate product events (which features get used, and how often). It is cookieless and no personal identifier is attached to any of it. Instead of an identifier that follows you around, it generates a daily hash from your IP and user agent, throws out the hash overnight, and that is the whole mechanism. No profile, no cross-site tracking, no way to recognize a returning visitor a day later.
Stripe sees the card, we don't.
If you upgrade to Pro, you're redirected to checkout.stripe.com. Stripe handles the card details, the charge, and the receipt. We never see your card number.
What we keep on our side is the Stripe customer ID, the subscription ID and status, and the timestamps that let us decide whether your account is currently on Pro. Stripe's own privacy policy covers what they store: see stripe.com/privacy.
A short list.
We rely on a few sub-processors to actually run the app. They each see the slice of data they need and nothing more.
- Googlefor sign-in (sees your Google account, since that's the identity).
- Vercel for hosting, analytics, and Blob storage (sees app requests, IPs, cookieless analytics pings, and any item photos you upload).
- Neon for the Postgres database (sees the rows: items, wears, washes, settings).
- Stripe for payments (sees only billing data, never sees your closet).
We do not sell, rent, or trade your data with anyone else.
Until you ask us to forget.
Your account and closet stay around for as long as you want them to. If you ask us to delete your account, we wipe it. Stripe holds onto basic billing records for a few years on their side, because tax and financial regulations require them to, and that's outside our control.
Email and it's done.
You can ask for a copy of your data, ask us to correct it, or ask us to delete it. Email hello@wearstreak.com from the address tied to your account and we'll handle it in a timely fashion. No forms, no friction.
If this page changes, the date moves.
If we make a meaningful change to how we handle your data, we'll update this page and bump the date at the bottom. If a change affects something you've already given us, we'll let you know in the app before it takes effect.