Privacy policy

The messaging service and сresale store Amby m.me/ambyapp, (“Messaging Service”) and the websites https://www.facebook.com/ambyapp (“Facebook Page”) and https://www.wonderobe.me (“Website”) are offers of Wonderobe, LLC (“Wonderobe” or “we”). With this privacy policy, we inform you about the processing of personal data in connection with the use of the Messaging Service and our Facebook Page. If you are redirected to other websites via a link, the privacy policy of the respective website operator applies. We recommend that you inform yourself about the handling of personal data on the respective website. We know that the protection of your data is important to you and appreciate the trust placed in us. Wonderobe strictly adheres to the legal provisions of the applicable data protection law when collecting, processing, and using your data.

You may only use our Messaging Service if you are at least 18 years old.

1. Who is responsible for the data processing and who can I contact?

Controller of your personal data within the meaning of Art. 4 (7) of the European General Data Protection Regulation (“GDPR”) is:

Wonderobe, LLS, Kozhevnicheskaya street, bld. 10/1, 5 floor, office 511,114115, Moscow, Russia

Managing Director: Svetlana Brinza

Email: hi@amby.app

Phone: +7 (909)-862-66-22

2. Applicable Law

2.1. Visiting our Website

When you visit our Website, the browser on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is collected and stored until it is automatically deleted: IP address of the requesting device; date and time of access; name and URL of the accessed file; mobile device ID; website from which access is made (“referrer URL”); if applicable, the search engine you used; the browser used; and, if applicable, the operating system of your device as well as the name of your access provider.

The mentioned data will be processed by us for the following purposes:

  •     ensuring a functioning connection of the website,

  •     ensuring comfortable use of our website,

  •     statistical evaluation using a pseudonym in order to optimize our website as well as the quality and range of our offers,

  •     evaluation of system security and stability, and

  •     for other administrative purposes.

The legal basis for data processing is Art. 6 (1) (b) GDPR, insofar as data processing is required for the provision of the website. Apart from this, the processing is based on Art. 6 (1) (f) GDPR. Our legitimate interests follow from the purposes listed above for data collection. The log files are deleted after the end of the respective browser session, at the latest after seven days, unless their further storage is required for the above-mentioned purposes.

2.2. Visiting our Facebook page

Our Facebook Page uses the services of Facebook Inc, 1601 Willow Road, Menlo Park, CA 94025, USA (“Facebook”). If you are registered with a Facebook service, Facebook can associate your visit with your account. Even if you are not registered with Facebook or have not logged in, it is possible that the provider may obtain and store your IP address and other identifying information.

The terms and conditions of Facebook apply: https://www.facebook.com/legal/terms. To learn more about how Facebook may use your data, please see Facbeook’s Privacy Policy: https://www.facebook.com/about/privacy.

When you visit our Facebook Page, the browser on your device automatically sends information to the server on the website. This information is temporarily stored in a so-called log file. The following information is collected and stored until it is automatically deleted: IP address of the requesting computer; date and time of access; name and URL of the accessed file; mobile device ID; website from which access is made (“referrer URL”); if applicable, the search engine you used; the browser used; and, if applicable, the operating system of your computer as well as the name of your access provider.

The mentioned data will be processed by us for the following purposes:

  •     ensuring a functioning connection of the website,

  •     ensuring comfortable use of our website,

  •     statistical evaluation using a pseudonym in order to optimize our website as well as the quality and range of our offers,

  •     evaluation of system security and stability, and

  •     for other administrative purposes.

The legal basis for data processing is Art. 6 (1) (b) GDPR, insofar as data processing is required for the provision of the website. Apart from this, the processing is based on Art. 6 (1) (f) GDPR. Our legitimate interests follow from the purposes listed above for data collection. The log files are deleted after the end of the respective browser session, at the latest after seven days, unless their further storage is required for the above-mentioned purposes.

You can object to the statistical analysis of the log files by Facebook by contacting Facebook through https://www.facebook.com/help/contact/2061665240770586.

For more information about data processing by Facebook, please visit https://www.facebook.com/about/privacy.

2.3. Using our Messaging Service and contacting us via Chat

In addition, we process personal data that we receive from you in the course of our business relationship while you use our services. The legal basis for this is Art. 6 (1) (b) GDPR.

For example, we process personal data if you provide it to us when using our Messaging Service via Facebook Messenger or Chat.

Our Messaging Service is offered within the application Facebook Messenger (“Facebook Messenger”). You may only use our Messaging Service if you are a registered user of Facebook Messenger and logged in into you user account with Facebook Messenger. Wonderobe will not receive your log-in data for your Facebook Account. We will receive all information from your Facebook account which you made publicly available on Facebook. “Publicly available” means that anyone may see that information, regardless of their registration with Facebook. This data includes: your name, your profile picture, your cover photo, your gender, your user name (Facebook URL), your user ID (Facebook ID). You may change your privacy settings for you Facebook account directly on Facebook. For further information on adjusting your privacy settings on Facebook, please visit https://www.facebook.com/help/www/193677450678703.

While using our Messaging Service, your device automatically establishes a direct connection to a Facebook server in the USA. The transfer of your information to a third country outside the EU is covered by an adequacy decision of the Commission within the meaning of Art. 45 GDPR, because Facebook has self-certified its adherence to the principles of the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework). If you are registered with a Facebook service, Facebook can associate your visit with your account. Even if you are not registered with Facebook or have not logged in, it is possible that the provider may obtain and store your IP address and other identifying information.

For more information about data processing by Facebook, please visit https://www.facebook.com/about/privacy.

Wonderobe requires the following data for the execution and processing of the Messaging Service offered: Your name, Facebook URL, Facebook ID, your gender. In order to give advice on your preferred outfit within our Messaging Service, we need further information about you in order to match your personal preferences. You may submit personal data to us voluntarily, such as your style preferences, your location, your wardrobe etc. You freely choose what information you give us in the Messaging Service. We will store and process the data we receive from you.

3. For what purpose and on what legal basis do we process your data?

We process personal data in accordance with the provisions of the GDPR and the 52th Russian Federal Low «About personal data» (Федеральный закон «О персональных данных»):

3.1. For the performance of contracts and pre-contractual measures (Art. 6 (1) (b) GDPR)

The processing of personal data (Art. 4 (2) GDPR) takes place for the provision of the services offered in our Messaging Service and for answering your inquiries in connection with your using of our Messaging Service.

Further details for the purpose of data processing can be found in our terms.

3.2. For legitimate interests (Art. 6 (1) (f) GDPR)

If necessary, we process your data beyond the actual fulfilment of the contract to protect the legitimate interests of us or third parties, for example in the following cases:

  •     Answering your questions outside of a contract or pre-contractual measures;

  •     advertising or market and opinion research, unless you have objected to the use of your data;

  •     operation and optimization of our Facebook Page and the Messaging Service;

  •     enforcement of legal claims and defence in legal disputes;

  •     ensuring our IT security and IT operations;

  •     prevention and investigation of criminal offences.

3.3. On the basis of your consent (Art. 6 (1) (a) GDPR)

If you have given us your consent to process personal data for specific purposes, this processing is lawful on the basis of your consent. You can withdraw your consent at any time. Please note that the withdrawal will only take effect for the future. The lawfulness of our processing based on your consent which took place before the withdrawal is not affected.

3.4. Due to legal obligations (Art. 6 (1) (c) GDPR)

In addition, we are subject to various legal obligations. The purposes of the processing include, inter alia, the fulfilment of retention periods under commercial and tax law.

4. Cookies

We use cookies on our Website that collect your data using pseudonyms. Cookies are small text files that a website generates and which your Internet browser stores on your hard drive when you visit the website. You can prevent the use of cookies at any time by setting your Internet browser so that it does not accept new cookies (especially third party cookies) or notifies you of new cookies. You can also delete cookies that have already been saved in your Internet browser settings. You can get help on how to change your cookie settings in the help function of your Internet browser, for example. Further information on this and on cookies in general can be found, e.g., at http://www.allaboutcookies.org/ and http://www.youronlinechoices.com/. Please note that you will not be able to use some features of our website if you do not accept cookies.

On websites we use technically necessary cookies:

4.1. Technically necessary cookies

Most of the cookies we use are technically necessary to enable you to use our website and the services offered on it (e.g. secure login, adding products to the shopping cart in the order process) (“session cookies”). Our legitimate interest in data processing lies in these purposes; the legal basis is Art. 6 (1) (f) GDPR. The data will not be combined with other personal data and will not be used for advertising purposes. Session cookies are deleted after the end of the respective browser session, at the latest after seven days.

5. Direct marketing

5.1. Push Messages

If you have expressly consented according to Art. 6 (1) (a) GDPR, we use your Facebook Messenger account to inform you in separate messages about our latest offers and fashion trends. We record your consent.

To receive our news, it is sufficient to tell us within the chat with Amby that you would like to receive our messages.

A chat message “cancel the service” at any time. In this case, your Facebook ID and your Facebook URL will be deleted from our messaging distribution list and added to our blacklist. The withdrawal of your consent will only take effect for the future. The lawfulness of any processing based on your consent carried out before the withdrawal is not affected by this.

6. Who gets my data?

Within our organization, those departments or individuals get access to your data that need it in order to fulfil our contractual and legal obligations.

Processors (Art. 28 GDPR) may also receive data for the aforementioned purposes. These companies work in the fields of troubleshooting, message management (Google LLC’s Dialogflow), IT services (such as Amazon Webs Services, Inc., Hello Umi S.L. (“Landbot”), logistics, printing and shipping services, telecommunications, sales and marketing.

We share your personal data with third parties if this is necessary to fulfil an existing contractual relationship between you and Wonderobe or to implement pre-contractual measures (Art. 6 (1) (b) GDPR) or for the purposes of legitimate interests (Art. 6 (1) (f) GDPR). When you use our Messaging Service and visit our Facebook Page, the terms and conditions of Facebook apply. Your personal data will be disclosed and transmitted to Facebook as part of using Facebook’s services.

We only share such information as is required by the respective service provider to perform the task assigned to him. The service provider undertakes to treat the data confidentially in accordance with this data protection declaration and the relevant data protection laws and not to pass it on to third parties.

In addition, your personal data will be disclosed or transmitted if required to do so by law (Art. 8 (1) (c) GDPR) or if you have given your consent (Art. 6 (1) (a) GDPR).

Under these conditions, recipients of personal data may be, for example:

  •     Facebook (see privacy policy, https://www.facebook.com/about/privacy)

  •     Subcontractors (e.g. mail order companies) used by Wonderobe to provide the services offered via the Messaging Service.

  •     Public authorities and institutions in the event of a legal obligation or official order.

7. How long will my data be stored?

If necessary, we process and store your personal data for the duration of our business relationship, which also includes, the duration of the performance of our Messaging Service.

After expiry of the storage and documentation obligations and the relevant limitation periods, we delete the data.

Log files and cookies are deleted after expiry of the above-mentioned storage periods.

8. What data protection rights do I have?

You have the right of access (Art. 15 GDPR), the right to rectification (Art. 16 GDPR), the right to erasure (Art. 17 GDPR), the right to limitation of processing (Art. 18 GDPR) and the right to data portability (Art. 20 GDPR). The restrictions according to Sec. 34 and 35 BDSG apply to the right of access and the right of cancellation. You also have the right to object to data processing by us (Art. 21 GDPR). If our processing of your personal data is based on consent (Art. 6 (1) (a) GDPR), you can withdraw this at any time; the legality of data processing based on the consent until withdrawal remains unaffected by this.

To assert all these rights and for further questions on the subject of personal data, please contact our hi@fashiontechstartup.com or our postal address (see point 1 above) at any time.

9. Is there an obligation to provide data?

In the context of our business relationship you only have to provide the personal data which is necessary for the establishment, execution and termination of a business relationship or which we are legally obliged to collect. Without this data we will usually have to refuse the conclusion of the contract or the execution of the order or we will no longer be able to execute an existing contract and may have to terminate it.

Mandatory information is marked as such in our Messaging Service.

10. To what extent is there automated decision making in individual cases?

We do not use fully automated decision making according to Art. 22 GDPR for the establishment and implementation of a business relationship. Should we use these procedures in individual cases, we will inform you separately, where required by law.

11. Data security

We take a variety of security measures to adequately protect personal data to an appropriate extent.

All user information is stored on secure servers that are protected from access from other networks by a software firewall. Only those employees who need information to process a specific request or order have access to the data. The employees are trained in the safe handling of data.

Please see for the use of Facebook’s services Facebook’s information on data security: https://www.facebook.com/help/379220725465972?ref=dp and Facebook’s Privacy policy: https://www.facebook.com/full_data_use_policy.