Back to blog

Privacy · 5 min

Virtual Try-On and Shopper Privacy: What Merchants Should Check

Try-on means shoppers upload photos of themselves. Here are the questions to ask any try-on vendor about photo storage, consent, and store data access.

By Davide Mastricci, Founder · July 13, 2026

Virtual Try-On and Shopper Privacy: What Merchants Should Check

Why privacy is not a footnote for try-on

Virtual try-on asks shoppers for something unusually personal: a photo of themselves. That makes privacy a merchandising question, not just a legal one. A shopper who hesitates at the upload step is a shopper who never sees the feature work, and in Europe your store carries GDPR obligations for whatever data your apps collect on your behalf.

Here are four questions worth asking any try-on vendor before installing, with honest answers about how Aisthetix handles each one.

1. Where does the shopper's photo live?

The worst answer is a vague one. Photos of people are personal data, and photos that sit on a vendor's servers indefinitely are a liability for the merchant too.

With Aisthetix, the shopper's photo is stored locally in their own browser, so repeat try-ons do not require a new upload. The photo is sent for processing when a try-on is generated and is not kept on our servers permanently. The widget says this to the shopper in plain language at the upload step, because trust at that moment is what decides whether the feature gets used.

2. Does analytics tracking respect consent?

A try-on app that measures effectiveness necessarily observes shopper behaviour, and that observation must respect the consent choices shoppers make in your store's cookie banner.

The Aisthetix analytics pixel is consent-gated: it only fires for shoppers who have granted analytics consent through Shopify's customer privacy system. Shoppers who decline are simply not measured. Your funnel numbers shrink a little; your compliance posture does not.

3. What store data does the app access?

Every Shopify app requests API scopes on install, and merchants should read that list. A try-on app has no business reading your full order history or customer list.

Aisthetix does not request order data access at all. Purchase attribution comes from the consented analytics events themselves, not from your store's order records. The app reads what it needs to render try-on (products and theme access) and nothing more.

4. What exactly is tracked?

Ask for the concrete list of events, not a policy summary. Aisthetix tracks four product-level events: product viewed, try-on used, added to cart, and purchased. There is no dwell-time tracking, no per-colour or per-variant tracking, and no tracking of shoppers across other sites.

A short list is a feature. Every extra signal a vendor collects is something you have to explain in your own privacy policy.

The takeaway

Privacy-careful try-on is possible: photos that stay with the shopper, analytics behind consent, minimal store permissions, and a tracked-events list short enough to read aloud. Use those four questions on any vendor, including us.

When you are ready to evaluate the feature itself, here is the no-code install guide and the framework for measuring whether it is worth it.