NEXFIT
FR/EN
Privacy Policy

Last updated: September 21, 2025

Introduction

PLEASE READ THIS PRIVACY POLICY CAREFULLY BEFORE USING NEXFIT SERVICES.

You must be 16 years old or older to use our Services.

Protecting your privacy is very important to RASSA SAS (“Nexfit”, “us”, “our” or “we”). Our privacy policy (the “Privacy Policy”) together with our Terms of Use and any other documents referred to therein, is an opportunity for us to be transparent with you about our privacy practices when you use our mobile application (the “App”) and our website (nexfit.ai, hereinafter the “Website”) or any of our related products and services (together the “Services”).

Please read this Privacy Policy carefully to understand the type of personal data (as defined under the General Data Protection Regulation (EU) 2016/679, hereinafter the “Personal Data”) we collect from you when you use our Services, how and why we will use it, how we will protect it, and what are your rights in relation to it.

By requesting access to or using our Services you are agreeing to this Privacy Policy. If you do not agree to this Privacy Policy, please do not use our Services.

If after reading this Privacy Policy you still have questions, please don’t hesitate to contact us.

Who we are

The company in charge of your Personal Data (also known as the data controller, as defined under the General Data Protection Regulation (EU) 2016/679, hereinafter the “Data Controller”) is RASSA SAS, with an address at 55 avenue des champs elysées, 75008 Paris, France.

What Personal Data we collect from you, how we collect it and for what purpose

We collect Personal Data from you either automatically, when you give it to us directly, or when we receive it from other sources. We do this to operate effectively and provide you with the best experience when using our Services.

You have choices about the Personal Data we collect from you. So, when you are asked to provide us with your Personal Data, you always have the right not to do so. Please note however that if you choose not to provide us with your Personal Data when prompted, you may not be able to use our Services.

The Personal Data we collect depends on the context of your interactions with our Services and the choices you make, and includes the following:

When you access our Services

  • Types of Personal Data: Device and technical information (unique device identifiers, browser type, OS), Location and Usage information (IP address, URLs, access times), and Payment information for transactions.
  • Purpose: To provide you with access to our Services.
  • How we collect it: Automatically when you access our Services.
  • Legal basis: Legitimate interest.
  • Storage duration: We store your Personal Data for sixty (60) days, unless a security event requires us to keep it longer.

When you open a Nexfit account and use our Services

  • Types of Personal Data: Contact and identification information (name, email, username, etc.), security information, location, and photos of clothes.
  • Purpose: To provide you with a Nexfit account and allow you to use our Services.
  • How we collect it: When you directly give it to us by opening a Nexfit account.
  • Legal basis: Consent and contract performance.
  • Storage duration: Until you delete your account. We may keep it for three (3) months after deletion with your consent.

To ensure the functioning, maintenance, and improvement our Services

  • Types of Personal Data: Device, technical, usage, and location information, including photos of clothes.
  • Purpose: To ensure the proper use, functioning, maintenance and improvement of our Services including our Artificial Intelligence systems.
  • How we collect it: Automatically when you use our Services.
  • Legal basis: Legitimate interest.
  • Storage duration: Sixty (60) days, unless a security event requires longer retention.

Facebook, Google and Apple log-in

  • Types of Personal Data: Social media identifiers (Facebook ID, Apple user ID, Google user ID), email address, and usage information.
  • Purpose: To allow you to log in via third-party services.
  • How we collect it: Automatically when you choose this login method.
  • Legal basis: Legitimate interest.
  • Storage duration: For as long as you have a Nexfit account.

For marketing purposes and to optimise our marketing initiatives

  • Types of Personal Data: Contact, device, and usage information.
  • Purpose: To send you marketing communications. You can opt-out at any time.
  • How we collect it: When you explicitly subscribe.
  • Legal basis: Consent.
  • Storage duration: Until you revoke your consent.

For push notifications

  • Types of Personal Data: Contact information.
  • Purpose: To send you push notifications in the App.
  • How we collect it: When you explicitly agree to receive them.
  • Legal basis: Consent.
  • Storage duration: Until you revoke your consent.

For important communication purposes

  • Types of Personal Data: Contact information.
  • Purpose: To send you important, non-marketing communications about our Services.
  • How we collect it: When you open a Nexfit account.
  • Legal basis: Legitimate interest.
  • Storage duration: Until the deletion of your Nexfit account.

Visibility of Your Contributions

By default, your Nexfit account is set to “Private.” This means that any content you upload or create on the platform (hereinafter referred to as “Contributions,” as defined in our Terms of Use) will only be visible to users who follow you and whom you have explicitly approved.

You may choose to change your account visibility to “Public” at any time. If you set your account to “Public,” all of your Contributions may be viewed, accessed, and re-used by any user of the Nexfit Services.

Please note that even if your account is set to “Private,” users who are permitted to view your Contributions may still share or distribute them outside the Nexfit platform.

Where we store your Personal Data

We store your Personal Data within the European Union. Please note that your Personal Data may however be processed by our business partners and service providers operating outside of the European Union. We have agreed on Standard Contractual Clauses and additional contractual obligations with each of these business partners and service providers.

Who we share your Personal Data with

We do not sell your Personal Data. We may disclose your Personal Data in the following circumstances:

  • With your consent or to perform a contract with you.
  • With our business partners and service providers, under strict data processing agreements.
  • In the event of a merger, sale, or change of control of Nexfit.
  • When required by law.

How long we retain your Personal Data

We will hold your Personal Data for as long as it is necessary for the purposes for which it was collected, or as required by law, always in compliance with the data minimization principle.

How we protect your personal data

Your security is very important to us. We implement a variety of security measures including secure servers, encryption (HTTPS), password protection, and restricted internal access to protect your Personal Data.

Your rights regarding your Personal Data

Under GDPR, you have the following rights:

  • Right to withdraw consent
  • Right to object
  • Right to be informed
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to rectification
  • Right to complain to a supervisory authority.

You can exercise these rights by contacting us. We will respond to your request within one (1) month.

How you can make a complaint

If you have a complaint, please contact us first. If you are unhappy with our response, you can refer your complaint to the relevant data protection authority in your country of residence within the EU, such as the CNIL in France.

Changes to this Privacy Policy

Any changes we make to our Privacy Policy in the future will be posted on this page, and where appropriate, notified to you by email, via the App, or by any other available means.