Misure One Limited ("Misure One," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web-based API integration, retailer embed, and related services (collectively, the "Service"). Please read this policy carefully. If you disagree with its terms, please discontinue use of the Service.
When you create a Misure One account or join our waitlist, we collect your name, email address, and any other information you provide during registration. This information is necessary to create and manage your account and to communicate with you about the Service.
To provide accurate size recommendations, we collect body measurement data you submit, including but not limited to height, weight, chest, waist, hip, inseam, shoulder width, sleeve length, and neck circumference. We also collect qualitative fit preferences (such as whether you prefer a slim, regular, or relaxed fit) and information about garments you already own that fit you well.
Body measurement data is treated as sensitive personal information under the New Zealand Privacy Act 2020, and is subject to the highest level of protection we apply. It is encrypted at rest and in transit at all times.
With your consent, we collect information about items you browse, purchase, and return through retailers integrated with the Service. This includes product identifiers, the sizes you purchased, and return reasons where provided. This data is used exclusively to improve your Fit Profile accuracy over time.
We automatically collect certain technical information when you interact with the Service, including:
This data is collected via first-party analytics tools and is aggregated and anonymised wherever possible. We do not use cross-site tracking technologies.
If you contact us by email or through a support channel, we retain the contents of your messages, your email address, and any information you choose to provide in order to respond to your inquiry and improve our support services.
We use the following categories of cookies:
We do not use advertising or retargeting cookies. We do not participate in third-party advertising networks.
We use the information we collect for the following purposes:
We do not sell your personal data. We do not use your fit profile or measurement data for purposes other than those described above.
We engage carefully vetted third-party service providers who process data on our behalf to support the delivery of the Service. These include cloud hosting providers, email delivery services, and anonymised analytics platforms. All service providers are contractually bound to process your data only on our instructions, maintain appropriate security standards, and never use your data for their own purposes.
We integrate with certain retail partners to deliver fit recommendations on their platforms. In these contexts, we share only the minimum information necessary (your recommended size for a specific garment) and do not share your Fit Profile data, measurements, or personal identifiers with retailers without your explicit consent.
We may disclose your information if required to do so by law, court order, or other governmental authority, or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
In the event of a merger, acquisition, reorganisation, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on the Service if such a transaction occurs and your data will be subject to a different privacy policy.
We do not sell, rent, or trade your personal data to any third party for their own marketing or commercial purposes.
We retain your personal information for as long as your account is active, or as needed to provide the Service. If you delete your account, we will delete or anonymise your personal data within 30 days, except where we are required to retain it for legal, tax, or regulatory compliance purposes (typically up to 7 years for financial records).
Anonymised and aggregated data that cannot be used to identify you may be retained indefinitely for product improvement purposes.
Data you share via our waitlist will be retained for up to 24 months or until you request deletion, whichever comes first.
Misure One Limited is based in New Zealand and operates under the New Zealand Privacy Act 2020 as its primary governing law. The Office of the Privacy Commissioner (OPC) is the relevant supervisory authority for privacy complaints in New Zealand. You can contact the OPC at privacy.org.nz if you are unsatisfied with our response. If you are an EU resident, the General Data Protection Regulation (GDPR) also applies to your data. If you are a California resident, the California Consumer Privacy Act (CCPA) also applies. The rights listed below reflect the highest standard of protection across these frameworks.
Depending on your location, you may have the following rights with respect to your personal data:
To exercise any of these rights, please contact us at privacy@misureone.com. We will respond to all verifiable requests within 30 days.
We implement administrative, technical, and physical safeguards designed to protect your information. These include:
If you believe your account has been compromised, please contact us immediately at privacy@misureone.com.
The Service is not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@misureone.com.
Misure One Limited is based in New Zealand and your data is governed by the New Zealand Privacy Act 2020. We use service providers that may be located in the United States, European Union, or other countries. Where your personal data is transferred outside New Zealand, we take steps to ensure it receives comparable protection, including through contractual safeguards with our service providers. For EU residents where the GDPR applies, we will rely on Standard Contractual Clauses approved by the European Commission.
If we make material changes, we will notify you by email or by posting a prominent notice on the Service at least 30 days before the change takes effect. Your continued use of the Service after the effective date constitutes your acceptance of the changes.
If you have questions, concerns, or requests related to this Privacy Policy, please contact our Privacy Team:
For EU residents, if you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.