Privacy Policy

By using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our App.

Personal Information

When you create an account or use our App, we may collect:

• Account Information: Email address, full name, and profile photo (avatar)
• Authentication Data: Information from third-party sign-in providers (Apple ID, Google) if you choose to use them
• Profile Preferences: Age range, skin type, skin concerns, beauty goals, focus areas (e.g., eyes, forehead, cheeks), and time preferences for routines
• Subscription Information: Subscription tier and purchase history (processed through Apple App Store or Google Play)

Health and Wellness Data

• Skin Analysis Photos: Photos you take for AI-powered skin analysis (stored securely and used only for providing personalized recommendations)
• Progress Photos: Before/after photos you voluntarily capture to track your skincare journey
• Exercise Completion Data: Records of facial yoga exercises completed, duration, and workout history
• Streak and Activity Data: Current streak, longest streak, and daily activity patterns

Product Information

• Scanned Products: Product barcodes you scan, product names, brands, and ingredient information
• Scan History: Records of products you've scanned for ingredient analysis

Automatically Collected Information

• Device Information: Device type, operating system version, unique device identifiers
• Usage Data: App features used, time spent in app, screens visited
• Push Notification Tokens: Device tokens for sending notifications (with your permission)

We use the information we collect to:

• Provide Core Services: Deliver personalized facial yoga programs, skincare routines, and exercise recommendations based on your profile
• AI Skin Analysis: Analyze your skin photos to provide personalized skincare recommendations and track improvements
• Product Analysis: Analyze scanned product ingredients and provide toxicity scores and safety information
• Track Progress: Maintain your exercise history, streaks, achievements, and progress photos
• Personalization: Customize content, meal plans, and recommendations based on your goals and preferences
• Notifications: Send reminders, motivation, and updates about your routines (with your consent)
• Subscription Management: Process and manage your subscription through third-party payment providers
• Improve Our Services: Analyze usage patterns to enhance app features and user experience
• Customer Support: Respond to your inquiries and provide assistance

Our App requires camera access for the following features:

• AI Skin Scanner: Capture photos of your face for AI-powered skin condition analysis
• Product Barcode Scanner: Scan product barcodes to retrieve ingredient information
• Progress Photos: Take before/after photos to document your skincare journey

Camera access is only used when you actively initiate these features. Photos are processed securely and stored in accordance with this privacy policy. You can revoke camera access at any time through your device settings.

We implement industry-standard security measures to protect your data:

• Secure Storage: Your data is stored on secure servers provided by Supabase with encryption at rest
• Encrypted Transmission: All data transmitted between the App and our servers uses TLS/SSL encryption
• Authentication Security: Passwords and authentication tokens are stored using secure, industry-standard methods
• Row-Level Security: Database access controls ensure you can only access your own data
• Secure Credential Storage: Sensitive credentials are stored using platform-specific secure storage (Keychain on iOS, Keystore on Android)

We use the following third-party services to provide and improve our App:

• Supabase: Database hosting and user authentication
• Apple Sign-In / Google Sign-In: Optional authentication providers
• RevenueCat: Subscription management and in-app purchase processing
• Firebase Cloud Messaging: Push notification delivery
• Apple App Store / Google Play: App distribution and payment processing

These services have their own privacy policies, and we encourage you to review them. We only share the minimum information necessary for these services to function.

With your permission, we send push notifications to remind you of your daily routines, celebrate streaks, and provide motivational content. You can enable or disable notifications at any time through your device settings or within the App.

GlowLift offers premium subscriptions with additional features. All payments are processed through the Apple App Store or Google Play Store. We do not directly collect or store your payment card information.

We receive confirmation of your subscription status from these platforms to provide you with the appropriate access level. Subscription management (cancellation, renewal) is handled through your device's app store settings.

Data Retention

We retain your personal data for as long as:

• Your account is active
• Necessary to provide you with our services
• Required by law or for legitimate business purposes

Progress photos, skin analysis photos, and exercise history are retained to provide you with historical tracking and personalized recommendations. You may delete this data at any time through the App settings.

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and associated data
• Export: Request your data in a portable format
• Opt-Out: Disable push notifications, withdraw consent for optional features
• Restriction: Request limitation of certain data processing activities

To exercise these rights, please contact us at the email address provided below or use the in-app account settings.

Children's Privacy

GlowLift is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can delete such information.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place to protect your information in accordance with this privacy policy.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy within the App and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically.

If you have any questions about this Privacy Policy or our data practices, please contact us:

California Privacy Rights (CCPA)

If you are a California resident, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information held by businesses
• Right to opt-out of sale of personal information (we do not sell your personal information)
• Right to non-discrimination for exercising your CCPA rights

European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right to access, rectify, or erase your personal data
• Right to restrict or object to processing
• Right to data portability
• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority

The legal basis for processing your data includes: your consent, performance of our contract with you, our legitimate interests, and compliance with legal obligations.