The short version
- Your photos are analysed instantly by AI and are never stored on our servers.
- We don't sell your data to anyone, ever.
- You can delete your account and all your data at any time, instantly, from the app.
- SKINNA is for users aged 16 and above.
- We only share data with the services that make SKINNA work (AI analysis, hosting, payments) — never for advertising.
Contents
- 1. Introduction
- 2. Information we collect
- 3. How we handle your photos
- 4. How we use your information
- 5. Third-party service providers
- 6. When we share information
- 7. Data retention
- 8. Your rights and choices
- 9. Children's privacy and age requirements
- 10. Security
- 11. International data transfers
- 12. Your rights under India's DPDP Act, 2023
- 13. Your rights under GDPR (EU/UK users)
- 14. Your rights under CCPA (California users)
- 15. Changes to this policy
- 16. Contact us
1. Introduction
This Privacy Policy explains how SKINNA ("we", "us", "our", "SKINNA") collects, uses, shares, and protects information when you use the SKINNA mobile application and the skinna.xyz website (together, the "Service").
SKINNA is an AI-powered personal confidence and style coaching app. We built SKINNA with privacy as a core design principle — particularly around how your photos are handled. Please read this policy carefully. By creating an account or using SKINNA, you agree to the practices described here.
If you do not agree with this policy, please do not use the Service.
2. Information we collect
2.1 Information you provide directly
- Account information: email address and password (or sign-in via Apple/Google, if used) when you create an account.
- Profile information: your age group, gender (optional), primary improvement goal, and time availability, collected during onboarding.
- Date of birth: collected during sign-up to verify you meet our minimum age requirement of 16.
- Photos: selfie images you capture or upload for analysis. See Section 3 for how these are handled.
- Communications: if you contact us for support, we collect the information you provide in that communication.
2.2 Information collected automatically
- Usage data: features used, scan frequency, actions completed, app navigation patterns.
- Device information: device type, operating system version, app version, language settings.
- Diagnostic data: crash reports and performance data, used solely to fix bugs and improve stability.
2.3 Information from third parties
- Subscription and payment status from our payments processor (RevenueCat) and the relevant app store (Apple App Store / Google Play), including subscription tier and renewal status. We do not receive or store your card details.
- Authentication data if you sign in using Apple or Google Sign-In (your name and email as provided by that service).
3. How we handle your photos
Specifically:
- When you take or upload a photo, it is compressed on your device and sent over an encrypted connection (HTTPS) directly to our AI analysis provider (Anthropic, see Section 5).
- The AI provider processes the image to generate the analysis results (your scores, insights, and recommendations).
- The results of the analysis (numerical scores, text insights, recommendations) are saved to your account so you can track your progress over time.
- The photo itself is not retained by SKINNA after the analysis is complete.
We do not use your photos to train AI models, do not share your photos with advertisers, and do not use facial recognition to identify you across services.
4. How we use your information
We use the information we collect to:
- Provide, operate, and maintain the Service, including generating your SKINNA Score and action plans.
- Create and manage your account, and authenticate your sign-ins.
- Track your progress over time (score history, streaks, completed actions).
- Process subscription payments and manage your subscription status.
- Send you service-related notifications (e.g. scan reminders), where you have enabled them.
- Respond to your support requests.
- Monitor, debug, and improve the performance, stability, and features of the Service.
- Comply with legal obligations and enforce our Terms of Service.
We do not use your information to serve third-party advertising, and we do not sell your personal information to data brokers or advertisers.
5. Third-party service providers
To operate SKINNA, we rely on a small number of trusted service providers ("processors"), each acting under contractual obligations to protect your data:
| Provider | Purpose | Data shared |
|---|---|---|
| Anthropic (Claude AI) | Analyses your photo to generate your SKINNA Score and recommendations | Your photo (processed in real time, not retained by SKINNA), your age group and stated goals |
| Supabase | Secure database hosting, authentication, and account management | Account details, profile data, scan history (scores and text only, not photos) |
| RevenueCat | Manages subscriptions and in-app purchases | Anonymous user identifier, subscription status |
| Apple App Store / Google Play | App distribution and payment processing | Payment details (handled entirely by Apple/Google — SKINNA never sees your card information) |
Each of these providers is contractually bound to use your information only to provide services to SKINNA, and not for their own independent purposes.
6. When we share information
Beyond the service providers listed above, we may share information:
- With your consent — for example, if you use the "Share my score" feature to send your results to others.
- For legal reasons — if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of SKINNA, our users, or the public.
- In a business transfer — if SKINNA is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
7. Data retention
- Photos: not retained — processed in real time and discarded (see Section 3).
- Account and profile data: retained for as long as your account is active.
- Scan history (scores, insights, actions): retained for as long as your account is active, so you can track your progress.
- After account deletion: all personal data, scan history, and profile information is permanently deleted from our active systems, typically within 30 days. Some information may be retained for a limited period in backups or where required by law (e.g. financial records for tax purposes).
8. Your rights and choices
8.1 Access and update your information
You can view and update your profile information (goal, time availability, age group) at any time from the Profile section of the app.
8.2 Delete your account and data
You can permanently delete your account and all associated data at any time using the "Delete all my data" option in Profile → Privacy. This action is immediate and cannot be undone.
8.3 Notifications
You can enable or disable scan reminder notifications at any time in Profile → Notifications, or through your device's system settings.
8.4 Data portability
You can request an export of your scan history and progress data by contacting us at the email address in Section 16.
9. Children's privacy and age requirements
During sign-up, we ask for your date of birth to verify you meet this minimum age requirement. If we become aware that we have collected personal information from someone under 16, we will take steps to delete that information promptly.
If you are a parent or guardian and believe your child under 16 has provided us with personal information, please contact us using the details in Section 16 so we can take appropriate action.
10. Security
We take reasonable technical and organisational measures designed to protect your information, including:
- Encryption of data in transit (HTTPS/TLS) between your device and our servers.
- Row-level security controls ensuring your data is only accessible to your own account.
- Access controls limiting which systems and personnel can access stored data.
However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
11. International data transfers
SKINNA's service providers operate data centres in various regions, including the United States, the European Union, and Asia. By using the Service, you understand that your information may be transferred to, stored, and processed in a country other than your own, which may have different data protection laws than your country of residence. Where required, we rely on appropriate safeguards (such as standard contractual clauses) for such transfers.
12. Your rights under India's Digital Personal Data Protection Act, 2023
If you are located in India, you have the following rights under the DPDP Act, 2023:
- Right to access: a summary of your personal data we hold and the processing activities undertaken.
- Right to correction and erasure: request correction of inaccurate data or erasure of data that is no longer necessary (also available directly via the app's "Delete all my data" feature).
- Right to grievance redressal: raise concerns about how your data is processed by contacting us (Section 16). We aim to respond within 30 days.
- Right to nominate: nominate another individual to exercise these rights on your behalf in the event of death or incapacity, by contacting us.
SKINNA acts as a "Data Fiduciary" under the DPDP Act with respect to personal data of users in India.
13. Your rights under GDPR (EU and UK users)
If you are located in the European Economic Area or the United Kingdom, you have the following rights under the General Data Protection Regulation:
- Right of access to your personal data.
- Right to rectification of inaccurate data.
- Right to erasure ("right to be forgotten").
- Right to restrict processing in certain circumstances.
- Right to data portability.
- Right to object to processing based on legitimate interests.
- Right to withdraw consent at any time, where processing is based on consent.
- Right to lodge a complaint with your local data protection supervisory authority.
Legal basis for processing: we process your information based on (i) performance of our contract with you (providing the Service), (ii) your consent (e.g. for optional notifications), and (iii) our legitimate interests in operating, securing, and improving the Service.
14. Your rights under CCPA (California users)
If you are a California resident, you have the right to:
- Know what personal information we collect, use, and disclose.
- Request deletion of your personal information.
- Opt out of the sale or sharing of personal information. SKINNA does not sell or share personal information as defined under the CCPA.
- Non-discrimination for exercising your privacy rights.
15. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. If we make material changes, we will notify you through the app or by other means before the changes take effect. The "Last updated" date at the top of this page indicates when this policy was last revised.
16. Contact us
If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us at:
Email: privacy@skinna.xyz