Privacy Policy

1. Introduction

Design Cycle Solutions (DCS), a division of Ratava, Inc. ("DCS," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, store, and protect information about you when you visit our website, use our software platform, or otherwise interact with us, including our APOTHEOSIS body measurement and avatar system, DCiQ tech pack SaaS platform, and Shop by Measure / AFT fit-matching retail platform (collectively, the "Services").

This Policy applies to all users of our Services in the United States and is designed to comply with applicable federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA), the Illinois Biometric Information Privacy Act (BIPA), the Washington My Health MY Data Act, the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), the Texas Data Privacy and Security Act (TDPSA), and other applicable state privacy statutes.

By using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this Policy, please do not use our Services.

 

2. Information We Collect

We may collect the following categories of personal information:

2.1 Information You Provide Directly

•       Contact information (name, email address, mailing address, phone number)

•       Account credentials (username, password)

•       Payment and billing information

•       Communications with us (support requests, feedback, surveys)

•       Business information provided by enterprise clients

2.2 Biometric and Body Measurement Data

DCS collects biometric data, including body measurements, 3D body scan data, parametric avatar configurations, and related biometric identifiers ("Biometric Data"), as part of the APOTHEOSIS and Shop by Measure / AFT platforms. Collection of Biometric Data is subject to additional protections described in Section 9 below.

2.3 Information Collected Automatically

•       Device information (browser type, operating system, device identifiers)

•       Log data (IP address, access times, pages viewed, referring URLs)

•       Usage data (features accessed, session duration, interaction patterns)

•       Cookies and similar tracking technologies (see Section 7)

2.4 Information from Third Parties

•       Identity verification partners

•       Payment processors

•       Analytics providers

•       Business partners who refer you to our Services

 

3. How We Use Your Information

We use the information we collect for the following purposes:

•       To provide, operate, and improve our Services

•       To process transactions and manage your account

•       To personalize your experience and deliver relevant content and recommendations

•       To communicate with you about your account, updates, and promotional offers (subject to your preferences)

•       To analyze usage trends and enhance our platform features

•       To detect, investigate, and prevent fraud, security incidents, and other prohibited activities

•       To comply with legal obligations

•       To enforce our Terms of Service and other agreements

•       For research and development of new features and products

We do not sell your personal information for monetary consideration. We do not use Biometric Data for marketing or advertising purposes.

 

4. Legal Bases for Processing

Where required by law, we process your personal information on the following legal bases:

•       Performance of a contract (to provide Services you have requested)

•       Compliance with legal obligations

•       Our legitimate business interests (when not overridden by your rights)

•       Your consent, where explicitly obtained (including for Biometric Data collection)

 

5. How We Share Your Information

We do not sell your personal information. We may disclose your information in the following circumstances:

5.1 Service Providers

We share information with vendors and service providers who process data on our behalf (e.g., cloud hosting, payment processing, analytics). These parties are contractually obligated to protect your data and use it only for specified purposes.

5.2 Business Partners

With your consent, we may share information with apparel brands, retailers, and fit technology partners as part of the Shop by Measure / AFT platform.

5.3 Legal and Safety Purposes

We may disclose your information when required by law, court order, or governmental authority, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

5.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you prior to your information becoming subject to a different privacy policy.

5.5 With Your Consent

We may share your information with third parties when you have provided your explicit consent.

 

6. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law. Biometric Data is retained only for the period necessary to fulfill the stated purpose and is destroyed within three (3) years of collection or within one (1) year of your last interaction with us, whichever is earlier, consistent with requirements under BIPA and similar statutes.

You may request deletion of your personal information at any time, subject to exceptions required by law.

 

7. Cookies and Tracking Technologies

We use cookies, web beacons, pixels, and similar technologies to improve user experience, analyze usage, and support marketing. You may control cookie settings through your browser or our cookie preference center.

We do not respond to browser Do Not Track signals at this time; however, certain state privacy laws may provide opt-out rights for targeted advertising as described in Section 10.

 

8. Data Security

We implement administrative, technical, and physical safeguards designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Biometric Data is stored using industry-standard encryption and is accessible only to authorized personnel with a legitimate business need.

No data transmission or storage system can be guaranteed to be 100% secure. If you believe your data has been compromised, please contact us immediately at the address below.

 

9. Biometric Data — Special Protections

To the extent we collect Biometric Data (including body scan measurements, body geometry, and related parametric identifiers), we comply with applicable biometric privacy laws, including the Illinois Biometric Information Privacy Act (BIPA), 740 ILCS 14/1 et seq., and similar state statutes.

Specifically, we:

•       Obtain informed written consent before collecting Biometric Data

•       Publish this written policy establishing a retention schedule and destruction guidelines

•       Do not sell, lease, trade, or profit from Biometric Data

•       Do not disclose Biometric Data to third parties without consent, except as required by law

•       Protect Biometric Data using the same standard of care we apply to other confidential information, but no less than a reasonable standard of care

•       Destroy Biometric Data consistent with our retention schedule above

If you are an Illinois resident and have questions or requests regarding your Biometric Data rights under BIPA, please contact us at the address in Section 14.

 

10. U.S. State Privacy Rights

Depending on your state of residence, you may have certain rights with respect to your personal information. These rights may include:

•       Right to Know / Access: the right to request information about the categories and specific pieces of personal information we have collected about you

•       Right to Deletion: the right to request deletion of your personal information, subject to certain exceptions

•       Right to Correction: the right to request correction of inaccurate personal information

•       Right to Opt-Out of Sale or Sharing: we do not sell personal information; however, you may opt out of sharing for targeted advertising purposes

•       Right to Limit Use of Sensitive Personal Information: including Biometric Data

•       Right to Non-Discrimination: we will not discriminate against you for exercising your privacy rights

•       Right to Data Portability: the right to receive your data in a portable format

10.1 California Residents (CCPA/CPRA)

California residents have the rights listed above and may submit requests by contacting us as described in Section 14. We will respond to verifiable consumer requests within 45 days. We do not knowingly sell personal information of consumers under 16 years of age.

10.2 Virginia, Colorado, Connecticut, Texas, and Other State Residents

If you are a resident of a state with a comprehensive consumer data privacy law in effect, you have the right to submit privacy requests as described above. To exercise your rights, contact us at the information provided in Section 14. We will respond within the timeframe required by your applicable state law (generally 30–45 days).

10.3 How to Submit a Request

To submit a privacy rights request, please email us at sue@designcyclesolutions.com with the subject line "Privacy Rights Request" and include your name, state of residence, and a description of your request. We may need to verify your identity before processing your request.

 

11. Children's Privacy

Our Services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete that information. If you believe we may have collected information from a child under 13, please contact us immediately.

 

12. Third-Party Links and Services

Our Services may contain links to or integrations with third-party websites, platforms, and services (such as CLO, Style 3D, Browzwear VStitcher or retail partner sites). We are not responsible for the privacy practices of such third parties. We encourage you to review the privacy policies of any third-party services you use.

 

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by posting the revised Policy on our website with an updated effective date and, where appropriate, by sending an email notification. Your continued use of our Services after the effective date of any change constitutes your acceptance of the updated Policy.

 

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Ratava, Inc., a Delaware C-Corp

Privacy Inquiries: sue@designcyclesolutions.com

Website: www.designcyclesolutions.com

Mailing: Ratava, Inc., Attention: Privacy Officer

We will respond to your inquiry within a reasonable time and in accordance with applicable law.