PRIVACY POLICY

Last update: 21 October 2025

OÜ BeyondOS (registry code 16693531, address Kentmanni tn 6-63, 10116 Tallinn, Republic of Estonia; "Beyond", "we", "our", or "us") is committed to protecting the privacy of our customers ("User", "you"). This Privacy Policy describes the types of personal data we collect, how we use it, with whom we share it, and the rights you have regarding your personal data when you join our waitlist and use the Become virtual fashion try-on and styling application ("App") and other services provided by Beyond.

Relevant Law is the law applicable to the User's jurisdiction, including but not limited to any privacy laws, rights and applicable privacy principles. By joining our waitlist and using the App, you are taken to have consented to the terms of this document for the purposes of Relevant Law, including without limitation consenting to the collection, use and disclosures of your personal and other information as described in this document.

Controller of Personal Data

The controller of your personal data is OÜ BeyondOS. Beyond is responsible for ensuring that your personal data is processed in accordance with this Privacy Policy and Relevant Law, with the General Data Protection Regulation (EU) 2016/679 ("GDPR").

Contact details of the data controller are as follows:

OÜ BeyondOS

Estonian registry code: 16693531

Legal address: Kentmanni 6-63, 10116 Tallinn, Republic of Estonia

Email address: support.become@beyondos.ai

Personal Data We Collect

We collect various types of personal data depending on how you interact with our waitlist, the App, and our website. The type of personal data which Beyond collects is the following:

Personal data you provide directly to Beyond. Such personal data includes:

• Waitlist information: When you join our waitlist, we collect your email address and any optional information you provide (such as name, fashion preferences, or location).
• Account registration information: When the App launches and you create an account, we will collect details such as your email address, username, password, and profile information (e.g. profile picture, style preferences, body measurements for virtual try-on accuracy). We also may collect your age data directly or a confirmation that you are an adult.
• Payment information: For in-app purchases of premium features, we will collect billing information, including your name, billing address, and payment method (such as credit card details). Payment information is processed securely through third-party payment processors; we do not store complete payment information.
• User content: Any user-generated content, such as uploaded photos for virtual try-on, saved outfits, style preferences, feedback, and other in-app activities, is collected and may be used to improve our services.
• Support requests and communications: If you contact our customer support, we collect details of your inquiry, including contact information and any relevant personal data you provide.

Personal data Beyond collects when you use and engage with our website and/or mobile application. Such personal data includes:

• Device information: We collect data about the device you use to access the App, including your IP address, device identifiers (such as IDFA, IDFV for iOS devices and GAID for Android), device model, operating system, language settings, and mobile network information.
• Usage data: We collect information about how you interact with the App, such as features used, virtual try-on sessions, saved outfits, in-app purchases, app usage time, clicks, and other interactions. We may also log the pages and features you access, errors, crashes, and performance data.
• Location data: We collect approximate location data (e.g., country, city) derived from your IP address or device settings to provide localised content, fashion trends, and comply with legal requirements (e.g. Relevant Law tax requirements).
• Cookies and tracking technologies: We use cookies, web beacons, and similar tracking technologies to collect information about your usage patterns, preferences, and interactions with the App and our website in accordance with our Cookie Policy.

Personal data Beyond receives from third parties. Such personal data and its sources include:

• Social media and third-party accounts: If you link your app account to a third-party social network (e.g. Facebook, Google, Instagram), we collect personal data such as your profile picture, user ID, and any other personal data made available by your privacy settings on those platforms.
• Payment processors: We may receive transaction data from third-party payment processors when you make in-app purchases, including your payment method, amount spent, and transaction status.
• Advertising and analytics partners: We work with third-party advertising and analytics providers (e.g. Google, Facebook) who provide us with insights based on your interactions with in-app ads, user behaviour, and demographic information.
• Email service providers: We use Mailchimp to manage our waitlist and email communications, which processes your email address and engagement data in accordance with their privacy policy.

Purposes for Which We Use Your Personal Data

We use the personal data we collect to operate, maintain, and improve the App, our website and our services, as well as to comply with our legal obligations. Specifically, we may use your personal data for the following purposes:

To provide and improve the App and services:

• To manage your waitlist subscription and send updates about the App's development and launch
• To create and maintain your user account once the App launches
• To process transactions and deliver premium features or in-app purchases
• To provide virtual try-on functionality and personalised styling recommendations
• To customise and improve the user experience by analysing usage data and optimising app performance
• To enable you to save, share, and organize your virtual outfits and style preferences

To personalise content and offers:

• To tailor fashion recommendations based on your style preferences, virtual try-on history, and saved outfits
• To provide personalised styling suggestions through our AI-powered features
• To display personalised advertisements within the app or on other platforms tailored to your preferences and behaviour (see below for more details on opting out)

To ensure security and proper functioning:

• To monitor app usage to detect fraud, unauthorised access, or other misuse of the App
• To enforce our Terms and Community Guidelines
• To implement security and fraud prevention technologies to maintain a safe environment

To communicate with the Users:

• To send you updates and notifications related to the App, such as changes in terms, maintenance notices, or important security alerts
• To provide customer support and respond to your inquiries
• To send marketing communications (where legally permitted) about new app features, fashion trends, and special offers. You can opt-out of receiving these communications (see below)

To comply with our legal obligations:

• Including any Relevant Law, regulations, and legal processes
• To fulfil legal obligations related to, for example, financial reporting, tax collection, and anti-money laundering regulations

To establish, exercise and defend any potential legal claims:

• Where necessary for taking action on such legal claims, and for compliance, regulatory and investigative purposes, which all may derive from legal relationships with our Users

Legal Basis for Processing (for EEA Users)

For users in the European Economic Area (EEA), we process your personal data based on the following legal basis:

Management of contractual relationships, providing services to our Users. Since we have a contractual relationship directly with you as a natural person, the legal basis for processing your personal data for this purpose is the necessity to perform our obligations under the contract entered into with you (Article 6(1)(b) of the GDPR).

Managing and responding to User inquiries and support request. For these purposes, the legal basis for the processing of your personal data is our legitimate interest in managing and responding to such communications which concern our services and website (Article 6(1)(f) of the GDPR) or taking steps at your request prior to entering into a contract with you (Article 6(1)(b) of the GDPR).

Establishing relationships with potential Users, including by way of contacting target customers by marketing our services, conducting service demos, etc. For these purposes, the legal basis for the processing of your personal data is our legitimate interest in promoting our services and establishing relationships with potential Users and existing Users in the course of our ordinary business activities, including by carrying out direct marketing (Article 6(1)(f) of the GDPR) or, where legally required under Relevant Law, your consent (Article 6(1)(a) of the GDPR). You may object to receiving any electronic marketing information every time such marketing is provided by us or withdraw your consent at any time.

Establishing, exercising and defending any potential legal claims. Where necessary for taking action on such legal claims, and for compliance, regulatory and investigative purposes, which all may derive from legal relationships with our Users, the legal basis for the processing of your personal data is our legitimate interest in establishing, exercising and defending legal claims (Article 6(1)(f) of the GDPR).

Complying with our legal obligations deriving from Relevant Law. For these purposes, the legal basis for the processing of your personal data is the respective legal provision obliging us to process the relevant data (in accordance with Article 6(1)(c) of the GDPR). Such legal obligations may derive, for example, from accounting and tax laws.

Improving and developing our App, including for security purposes. For these purposes, the legal basis for the processing of your personal data is our legitimate interest in improving our understanding of our User's needs and preferences in order to constantly enhance the functioning of our website and services, including by conducting analytics, improve access to content that we publish and to ensure the technical availability and security of our website and services (Article 6(1)(f) of the GDPR). Where we use cookies for these purposes, we ask for your consent for the placement of optional cookies in accordance with our Cookie Policy.

Sharing of Personal Data

We may share your personal data with third parties under the following circumstances:

• If our trusted service providers (such as IT-service providers, payment processors, cloud hosting services, customer support services, analytics providers, accounting service providers, email service providers including Mailchimp, etc.) provide services to us in accordance with our instructions, we may disclose your personal data to our service providers. In these cases, we will control and remain responsible for the use of your personal data at all times.
• If permitted or required by Relevant Law, we submit your data to tax authorities and other authorities.
• In the event of a merger, acquisition, or sale of assets, we may transfer your personal data to the involved parties. We will notify you if such a transfer affects your personal data.
• We may share personal data with advertising partners to deliver personalised ads based on your activity within the App. This may include sharing limited device and usage data (e.g., advertising identifiers).
• If some features of the App may involve sharing certain data with other users, like your username, profile picture, and shared outfit combinations (if you choose to make them public).
• If we, in good faith, believe that disclosure of relevant data is necessary to protect your rights, to ensure safety, to investigate fraud or other offences or if the disclosures are necessary for the establishment, exercise and defence of legal claims. In such cases, the recipients may include law enforcement agencies, other public authorities, legal advisors and courts.

We make every effort to keep your personal data safe and always require a high level of security and confidentiality from our partners and applicable third parties.

International Data Transfers

Your personal data may be transferred to and stored in countries outside your jurisdiction where data protection laws differ. We take appropriate steps to ensure your personal data is handled securely, including implementing standard data protection clauses adopted by the European Commission or other appropriate safeguards for international data transfers. If you wish to receive more personal data about data transfers and the safeguards that we apply to them, please contact us at the contact details provided above in Section 1.

Your Rights

Subject to the restrictions and conditions set out in Relevant Law, you may have the following rights concerning your personal data:

Access and correction. You have the right to access the personal data we hold about you. You may also request corrections or updates to any inaccurate or incomplete data.

Data portability. You may request a copy of your data in a machine-readable format, allowing you to transfer your personal data to another service provider where technically feasible.

Right to delete. You can request the deletion of your personal data, except where we are legally required to retain it or it is necessary for legitimate business purposes (e.g. fraud prevention).

Right to restrict or object. You may object to our processing of your data for specific purposes (e.g. direct marketing) or request restriction of processing of your personal data.

Right to withdraw. You have the right to withdraw your consent where the processing is based on your consent, however this will not affect the lawfulness of processing based on consent before its withdrawal.

Any other rights as prescribed by the Relevant Law.

To exercise your rights above, please contact us at support.become@beyondos.ai.

Cookies and Tracking Technologies

We use cookies and similar technologies to collect information about how you interact with the App and on our website. Cookies help us recognise your device, understand your preferences, and improve your experience. Use of cookies is regulated in our Cookie Policy.

Data Security

We implement appropriate technical and organisational measures (including physical, electronic and administrative) to safeguard your personal data against unauthorised access, loss, or misuse. However, no system can guarantee absolute security. If you suspect any unauthorised activity, please contact us immediately.

Data Retention

We retain your data for as long as necessary for the provision of the App and/or our services and fulfil the purposes outlined in this Privacy Policy. This may include retaining data to meet legal, operational, or compliance obligations. When data is no longer needed, we will securely delete or anonymise it. We determine the appropriate retention period for personal data on the basis of the amount, nature, and sensitivity of the personal data being processed, the potential risk of harm from unauthorised use or disclosure of the personal data, whether we can achieve the purposes of the processing through other means, and on the basis Relevant Law requirements (such as relevant statutes of limitation).

Certain data may be retained for the following reasons:

• Legal requirements: Data may be retained where required by law, such as for tax records, or accounting purposes.
• Dispute resolution: Data related to ongoing disputes or investigations will be retained until the issue is resolved.
• Anonymised data: In cases where data is anonymised (i.e. it can no longer be linked to a specific user), it may be retained for analytics and research purposes.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. This Privacy Policy was last updated as of the "Last update" date indicated above.

We will provide you with a summary of the changes.

The current version of the Privacy Policy will remain available to you via the Become website.

Complaints

If you have concerns about our data practices, please contact us first at the contact details in Section 1. You also have the right to lodge a complaint with your local data protection authority. List and contact details of European supervisory authorities can be found here.