Privacy Policy

Last updated: April 18, 2026

Skinmaxx ("we", "our") respects your privacy. This policy explains what data we collect, how we use it, and your rights — especially if you are a minor.

1. Data We Collect

• Profile info: Age (date of birth for age verification), gender, skin type, skin concerns, sun sensitivity (entered by you).
• Photos: Face photos taken for skin analysis, food photos for diet tracking, product photos for scanning.
• Health data: Sleep hours (entered manually or from Apple Health, read-only), water intake, SPF usage.
• Usage data: Scan history, routine completion, diet logs, streak data.
• Device info: Language preference, device model, iOS version, anonymous device identifier.
• Analytics & advertising data: App events (e.g., app install, onboarding progress, paywall views, subscription purchases) sent to Meta (Facebook) for measurement and ad attribution. Your Identifier for Advertisers (IDFA) is only collected if you grant permission via the iOS tracking prompt.

2. How We Use Your Data

• Face photos are sent to a third-party AI service (Google Gemini API) via our secure server for skin analysis. Photos are processed in real-time and are NOT stored on our servers. Google's API processes the image and returns a text analysis — refer to Google's AI Terms of Service for their data handling.
• All personal data (profile, scan history, routines, logs) is stored locally on your device.
• We do not sell or rent your personal information.
• We use the Meta (Facebook) SDK to measure ad performance — for example, to understand which ads brought users to the App and whether those users subscribed. This may involve cross-app and cross-website tracking, which is why iOS will ask for your permission via the App Tracking Transparency prompt. If you decline, we can still count anonymous app events but cannot link them to specific ad campaigns. You can change this choice any time in iOS Settings > Privacy & Security > Tracking.
• Your face photos, health data, scan history, and personal profile are NEVER shared with Meta or any advertising network. Only lightweight event names (e.g., "paywall_viewed", "subscription_purchased") and, if permitted, your IDFA are transmitted.

3. Face Photo Processing — Important

When you use the skin scanner, a photo of your face is captured and transmitted to Google's Gemini AI API through our proxy server for analysis. By using the scan feature, you consent to this processing. Specifically:

• The photo is transmitted securely (HTTPS) to our server, which forwards it to Google's Gemini API.
• Our server does NOT store your photos — it acts only as a pass-through.
• Google processes the image to generate a text-based skin analysis and does not retain it beyond processing (per Google's API terms for paid tier usage).
• No facial recognition, face templates, or biometric identifiers are created or stored by Skinmaxx. The AI analyzes visible skin characteristics (pimples, redness, texture) — not facial geometry or identity.
• You can use the App without the scan feature. All other features work without submitting photos.

4. Minors' Privacy

Skinmaxx is designed for users aged 13 and up. We take additional care with teen users:

• We do not collect more data than necessary for the App to function.
• We do not sell or share personal information of users under 16. Period.
• We default to the highest privacy settings for all users.
• We do not send marketing communications to users under 16 without opt-in consent.
• Parents or guardians may contact us at any time to review, modify, or delete their child's data.
• Users under 13 are blocked from using the App.

5. Apple Health

If you connect Apple Health, we only read sleep analysis data to display in the App. We do not write to, modify, or share your Apple Health data. This connection is optional and can be revoked at any time in your device's Health app settings.

6. Your Rights

• Access: You can view all your data within the App.
• Deletion: You can delete all your data at any time using "Delete All Data" in Profile. This permanently erases all local data including scan history, photos, and personal information.
• Opt-out: You can use the App without the AI scan feature, without diet tracking, and without connecting Apple Health.
• Do Not Sell: We do not sell your personal information. If this changes, we will provide a clear opt-out mechanism.
• Data portability: All your data is stored locally on your device and accessible within the App.

7. Data Security

We use industry-standard security measures including HTTPS encryption for all data transmission. Local data is stored in your device's sandboxed app storage. We do not maintain external databases of user information.

8. Data Retention

• Local data: Stored on your device until you delete it or remove the App.
• Server-side: Our proxy server does not retain any user data or photos — requests are forwarded and discarded.
• Subscription data: Managed by Apple and RevenueCat. See their respective privacy policies.

9. Third-Party Services

• Google Gemini API: Processes face and food photos for AI analysis. See Google's AI Terms.
• Apple StoreKit / RevenueCat: Handles subscription payments and tracks subscription status via an anonymous user ID. See Apple's and RevenueCat's privacy policies.
• Apple HealthKit: Optional sleep data sync. See Apple's Health privacy policy.
• Meta (Facebook) SDK: Receives app event data (e.g., installs, onboarding milestones, purchases) and — only with your consent via the iOS tracking prompt — your IDFA, used for ad attribution and analytics. See Meta's Privacy Policy at facebook.com/privacy/policy.

10. Changes to This Policy

We may update this Privacy Policy. We will notify you of material changes through the App. Continued use after changes constitutes acceptance.

11. Contact

For privacy questions, data requests, or parental inquiries: skinmaxx.app@gmail.com

If you believe we have collected data from a child under 13, contact us immediately and we will delete it.