COOKIE AND SIMILAR TECHNOLOGIES POLICY
Last updated: 26 February 2026
1.INTRODUCTION
This Cookie and Similar Technologies Policy (“Cookie Policy”) explains how Grimmor OÜ uses cookies and similar technologies to store or access information on your device.
Unless stated otherwise, capitalized terms (like “Platform”) have the same meaning as in our Privacy Policy. This Cookie Policy covers our entire Platform, which consists of two technical environments:
- The Website (www.grimmor.com): Uses standard browser cookies.
- The app (Grimmor mobile application): Uses SDKs and device identifiers.
By using our Platform, you consent to the practices described in this Cookie Policy. Please read this alongside our Privacy Policy and Terms of Use.
2.TECHNOLOGIES USED ON OUR WEBSITE
When you visit our website www.grimmor.com, we use cookies.
Cookies are small text files that are downloaded to your device when you visit our website. They help us ensure the website functions properly and, with your permission, help us understand how you use the site to improve our content. You can read more about cookies on http://www.allaboutcookies.org/.
We use first-party and third-party cookies. First-party cookies are set and managed directly by Grimmor. Third-Party cookies are set by our trusted partners and service providers (such as Google). When you use features provided by them, your data may be collected directly by these partners. We recommend reviewing their privacy policies to understand how they handle your data.
Cookies are vital for the Website to function properly. They enable core functionalities such as security, network management, and accessibility. We use these cookies to protect the website from spam and bot attacks, remember your privacy preferences, and ensure that content is displayed correctly.
We do not need your consent for essential cookies. Because these technologies are strictly necessary to provide the service you requested, EU law does not require your consent to use them.
Because these technologies are essential for the security and technical operation of the Website, you cannot disable them through cookie settings. They are set by default to ensure the website works correctly.
Cookies we use:
| Cookie name | Provider | Purpose | Type | Expiry |
| _grecaptcha | Distinguish between humans and bots. | Strictly Necessary | Persistent | |
| _GRECAPTCHA | Distinguish between humans and bots. | Strictly Necessary | 180 days | |
| CookieConsent | grimmor.com | Stores the user’s cookie consent state for the current domain. | Strictly Necessary | 1 year |
| rc::a | Distinguish between humans and bots. | Strictly Necessary | Persistent | |
| rc::b | Distinguish between humans and bots. | Strictly Necessary | Session | |
| rc::c | Distinguish between humans and bots. | Strictly Necessary | Session | |
| rc::f | Distinguish between humans and bots. | Strictly Necessary | Persistent | |
| wpEmojiSettings Supports | grimmor.com | Content delivery and presentation. | Strictly Necessary | Session |
3.TECHNOLOGIES USED ON THE PLATFORM
WHAT AND HOW WE USE
Unlike a website, our mobile application does not use standard browser cookies. Instead, we use the following similar technologies:
- Software Development Kits (SDKs): Blocks of code provided by our third-party partners (such as Google or Stripe) that are embedded in our App. These allow the App to function (e.g., process a payment), communicate with external servers, and collect analytics.
- Local Storage: We use the local storage on your device to cache app settings, login sessions, and preferences (like your language or last viewed items) to ensure the App runs faster and you don’t have to log in every time.
- Cloud Processing & Caching: To generate the AI virtual try-on visualization, your photos and body measurements are securely transmitted to our cloud servers. We may use local storage to temporarily cache the generated images on your device so you can view them quickly without re-loading.
- AI Integration Technologies: We use API integrations with specialized third-party providers to enable the generative AI features. While the processing happens in the cloud, the App facilitates the secure transmission of data required for this feature.
PURPOSE OF TRACKING AND LEGAL BASIS
We categorize these technologies based on their purpose. You can control non-essential technologies through your device settings or the app settings.
A. Strictly Necessary Technologies
These are essential for the Platform to function. Without them, you cannot use the Platform, create an account, or make purchases. We do not require your consent for these.
| Technology / Partner | Purpose | Data Processed | Legal Basis | Retention / Expiry |
| Flutter SDK | App Infrastructure. Uses local storage to maintain your login session and app state. | Auth tokens, app preferences. | Legitimate Interest (Functionality) | Until app uninstallation or logout |
| Stripe SDK | Payments & Security. Processes payments securely and performs fraud detection (Risk Scoring). | Payment data, device indicators. | Performance of Contract & Legitimate Interest | Session-based / transaction-related retention |
| ExchangeRateAPI | Currency conversion. Displays product prices in your local currency. | Currency preference. | Legitimate Interest (User convenience) | Session only |
| AWS (Infrastructure) | Hosting & Storage. Securely retrieves your photos and profile data from our cloud servers in EU (Stockholm). | User ID, Profile content. | Performance of Contract | Duration of account existence |
B. Functional Technologies
These technologies allow the Platform to remember choices you make and provide enhanced features (like notifications or feedback tools).
| Technology / Partner | Purpose | Data Processed | Legal Basis | Retention / Expiry |
| Google Firebase (FCM) | Push Notifications. Sends order updates and alerts. | App instance identifier, notification token. | Consent (Via device system permissions) | Until consent withdrawn or app uninstallation |
| Monday.com SDK | Feedback System. Allows reporting bugs and sending feedback within the App. | Feedback text, OS version, Device model. | Legitimate Interest | Up to 2 years from submission |
| Generative AI Technologies (e.g., Flux2) | Virtual Try-On. We use specialized AI to scan your uploaded photos and create a mathematical model of your body to visualize how clothing fits. | Photos, body measurement, style preference, app activity | Consent (obtained when you choose to upload a photo) | Stored in user profile until deleted by User |
C. Analytics and Performance (Optional)
| Technology / Partner | Purpose | Data Processed | Legal Basis | Retention / Expiry |
| Google Firebase (Analytics & Performance) | App Analytics & Stability. Helps us understand how users interact with the App and detects crashes to fix bugs. | Device identifiers (Instance ID), usage statistics, crash logs, IP address. | Consent | Up to 2 years |
THIRD-PARTY DATA ACCESS AND TRANSFER
Many of the technologies listed in the tables above (Sections A, B, and C) are provided by our third-party partners (e.g., “Log in with Google”). While Grimmor controls the deployment of these technologies within the App, data collected through them (such as device identifiers or usage statistics) may be transmitted to and stored on the servers of these third parties.
Service providers who provide technical infrastructure (such as AWS) process data strictly on our behalf and under our instructions. Partners who provide independent services (such as “Log in with Google”, payment processing by Stripe) may process your data according to their own privacy terms (Controllers). Here are some specific partners whose technologies are integrated into our App and link to their privacy practices:
- AWS: Hosts our infrastructure.
- Google (Firebase): Analytics.
- Monday: Processes user feedback.
- Stripe: Processes payment data.
Links to our partners’ privacy policies are available within our Privacy Policy or upon request by contacting us at privacy@grimmor.com.
Links to our partners’ privacy policies are available within our Privacy Policy or upon request at support@grimmor.com.
4.HOW TO CONTROL YOUR PRIVACY
You can control how tracking technologies are used on the Platform depending on whether you are visiting our Website or using the app.
In the app:
- Push Notifications: You can turn off push notifications at any time in your mobile device’s Settings > Notifications > Grimmor or in the App settings.
- Local Storage: You can clear the app’s local data by uninstalling the app or, on Android devices, by using the “Clear Storage/Cache” option in the App settings.
Managing Your Content and Profile:
- AI Data: You can delete your saved measurements and photos at any time through the App settings.
- Account Deletion: You can permanently delete your profile and associated personal data through the App Settings or by contacting us.
On the Website:
- Browser settings: Different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies. For additional information please visit your browser’s official support documents.
- The most efficient way to manage your preferences is via our cookie consent tool. You can change your choices or withdraw consent at any time by clicking the “Cookie Settings” link located in the footer of our website. Our cookie consent tool allows you to accept or reject cookies by category and to change your preferences at any time.
Please be aware that limiting these technologies may affect your experience. For instance, if you disable Local Storage, the app will not remember your body measurements or denying access to your Camera or Photos will prevent the virtual try-on feature from working.
5.ADDITIONAL INFORMATION FOR USERS IN SPECIFIC JURISDICTIONS
In addition to the information set out above, users located in certain jurisdictions have additional rights and entitlements in relation to cookies and similar technologies. The following provisions apply to you if you are located in the relevant jurisdiction.
United Kingdom
If you are located in the United Kingdom, our use of cookies and similar technologies is governed by the Privacy and Electronic Communications Regulations 2003 (PECR) as well as the UK GDPR and the Data Protection Act 2018.
Under PECR, we are required to obtain your consent before placing non-essential cookies on your device. We seek this consent through our cookie consent tool, which is accessible via the “Cookie Settings” link in the footer of our website. You may withdraw your consent at any time by clicking that link and adjusting your preferences.
For strictly necessary cookies, consent is not required as they are essential for the operation of the Platform. For all other cookies and tracking technologies, we will only activate them after you have given your informed consent.
If you have concerns about our use of cookies and similar technologies and have not been able to resolve them with us, you may lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.
United States
If you are located in the United States, the following additional disclosures apply.
Cookie consent and opt-out rights. Certain US state privacy laws give you the right to opt out of the use of cookies and similar technologies for purposes that constitute a “sale” or “sharing” of personal information for cross-context behavioural advertising. We do not currently sell or share your personal information in this way. If this changes, we will update our cookie consent tool to include an opt-out mechanism and this Cookie Policy will be revised accordingly.
California residents. Under the California Consumer Privacy Act (CPRA), you have the right to know about the categories of personal information we collect through cookies and similar technologies. We describe these categories in Section 3 of this Cookie Policy and in our Privacy Policy. You may exercise your rights under the CPRA by contacting us at privacy@grimmor.com.
Do Not Track. Some browsers and devices transmit “Do Not Track” signals. Our website does not currently respond to “Do Not Track” signals. However, you can control analytics and non-essential cookies through our cookie consent tool as described in Section 4.
Global Privacy Control (GPC). We recognise and respond to Global Privacy Control (GPC) browser signals as a valid request to opt out of the sharing of personal information for cross-context behavioural advertising, where required by applicable law. If you use a browser or extension that transmits a GPC signal, we will treat it as a valid opt-out request for the purposes of the CPRA and any other applicable state privacy law that honours GPC signals.
Global Privacy Control (GPC). We recognise and will respond to Global Privacy Control (GPC) browser signals as a valid request to opt out of sharing of personal information for cross-context behavioural advertising where required by applicable law. If your browser or device transmits a GPC signal, we will treat it as a valid opt-out request for the relevant processing activities. You can enable GPC via a supported browser or extension.
Canada
If you are located in Canada, our use of cookies and similar technologies that collect personal information is subject to Canada’s federal Personal Information Protection and Electronic Documents Act (PIPEDA) and, where applicable, provincial privacy legislation including Québec’s Law 25.
We seek your express opt-in consent before placing non-essential tracking technologies on your device. You may withdraw this consent at any time by using the “Cookie Settings” link in the footer of our website or by adjusting your device settings for the mobile app.
Québec residents have additional rights under Québec’s Law 25 in relation to profiling and automated decision-making. We do not use cookie data for automated decision-making that produces legal effects or significantly affects you. If you have concerns about our use of tracking technologies, please contact us at privacy@grimmor.com.
Australia
If you are located in Australia, our use of cookies and similar technologies is subject to the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) to the extent that such technologies collect personal information.
You can control non-essential cookies and tracking technologies through the cookie consent tool on our website and through your device settings for the mobile app, as described in Section 4 of this Cookie Policy.
If you have concerns about our use of cookies or similar technologies, please contact us at privacy@grimmor.com. If we are unable to resolve your concern, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
6.QUESTIONS AND CONTACT INFORMATION
If you have questions about the technologies we use or your data processing, please do not hesitate to contact us, Grimmor OÜ, at: support@grimmor.com.
