Privacy Policy
Last Updated: January 4, 2026
Our Core Privacy Commitment
We built Glowly to help your skin, not to sell your data. We do not sell your personal information. We do not store biometric face templates (face prints). You own your data and can delete it at any time.
⚠️ Important Medical Disclaimer
Glowly is NOT a medical device and does NOT provide medical advice.
The analysis, recommendations, and content provided by Glowly are for informational and educational purposes only. Our AI technology uses probabilistic models which can make mistakes and may not accurately detect all skin conditions.
Never use Glowly for diagnosis. If you have a specific skin concern, suspicious mole, rash, or persistent issue, please consult a certified dermatologist or medical professional.
1. Information We Collect
1.1 Information You Provide
- Account Information: Email address, name (optional), and encrypted password.
- Skin Profile: Skin type (e.g., Oily, Dry), concerns (e.g., Acne, Wrinkles), product preferences, and allergies.
- Routine Data: Skincare products you use, your morning/night routines, and product notes.
- Face Photos: Photos you explicitly take or upload for AI analysis. These are encrypted in transit and at rest.
1.2 Device Permissions & Technical Data
We request specific permissions to provide core features:
- Camera: Used only when you initiate a skin scan. We do not access the camera in the background.
- Photo Library: Used only if you choose to upload an existing photo for analysis.
- Device Data: Device model, OS version, and approximate location (derived from IP address) for analytics and troubleshooting.
- Usage Analytics: Anonymous data on how you navigate the app (e.g., "Screen A visited", "Button B clicked") to help us improve user experience.
2. How We Process Your Photos (Important)
🧬 No Biometric Identification
Glowly analyzes your photos to detect skin characteristics (such as acne, redness, wrinkles, and texture).
We DO NOT create, store, or use biometric face templates (face prints) for the purpose of identifying you or unlocking devices. We are not a facial recognition system. Your photos are strictly used for skincare analysis.
3. Third-Party Service Providers
We use trusted third-party services to operate Glowly. The following is a list of our current key service providers. We may update this list from time to time as our technology evolves, ensuring all new providers adhere to the same strict security standards.
| Service Provider | Purpose | Data Shared |
|---|---|---|
| OpenAI | AI Image Analysis | Transient image data (for analysis only) |
| AWS (Amazon) | Secure Cloud Storage | Encrypted photos & database backups |
| RevenueCat | Subscription Management | Anonymous User ID, Purchase history (No credit card info) |
| Mailjet | Email Delivery | Email address, Name |
| Google Analytics | App Analytics | Anonymized usage data, Device info |
| Sentry | Crash Reporting | Error logs, Device info (for debugging) |
4. Data Retention & Deletion
We retain your data only as long as your account is active or as needed for legal reasons.
- Account Deletion: If you delete your account via the app settings, your personal information is immediately removed from our active production database.
- Photo Deletion: Photos are deleted from cloud storage in accordance with our retention lifecycle (typically within 30-90 days of deletion request or account termination) to ensure complete removal from backups.
- Backups: Encrypted database backups are retained for disaster recovery for up to 90 days and then overwritten.
5. Your Privacy Rights (GDPR & CCPA)
Regardless of where you live, we extend these rights to all users:
✓ Right to Access
Ask us for a copy of all data we hold about you.
✓ Right to Forget
Request permanent deletion of your account and data.
✓ Right to Correct
Update inaccurate information in your profile.
✓ Right to Portability
Get your data in a structured, common format.
To exercise these rights: Use the "Delete Account" option in the app settings, or email us at info@glowlyme.com.
6. Security
We use industry-standard security measures:
- Encryption: Data is encrypted in transit (HTTPS/TLS 1.2+) and photos are encrypted at rest in AWS S3.
- Access Control: Strict least-privilege access controls for our engineering team.
- Payment Security: We do not process or store credit card numbers. All payments are handled securely by Apple (App Store) or Google (Play Store).
7. International Transfers
Glowly operates globally. Your data may be transferred to and processed in the United States or other countries where our service providers (like AWS and OpenAI) operate. We rely on adequacy decisions and Standard Contractual Clauses (SCCs) to ensure your data remains protected.
8. Children
Glowly is not directed to children under 13 (or 16 in certain jurisdictions). We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us.
9. Contact Us
Privacy Team: info@glowlyme.com
General Support: info@glowlyme.com