App Privacy Policy

**Last Updated: April 16, 2026**

Welcome to Reverse Ageineer. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our mobile application and related services. This policy applies specifically to the Reverse Ageineer mobile app, which is a separate product from the Reverse Ageineer e-commerce store.

## 1. Information We Collect

We collect the following types of information when you use Reverse Ageineer:

- **Personal Information:** Name, email address, phone number, and date of birth provided during account creation.
- **Face Scan Images:** Photographs captured through the in-app face scanning feature, including front, left, and right angle images.
- **Skin Metrics:** AI-generated skin analysis data such as perceived age, acne score, redness, pore size, hydration level, pigmentation, and other skincare metrics.
- **Location Data:** Approximate location used solely for UV index and weather-based skincare recommendations.
- **Device Information:** Device model, operating system version, app version, and unique device identifiers for troubleshooting and analytics.

## 2. How We Use Your Information

Your information is used for the following purposes:

- **Personalized Skincare Analysis:** Processing face scans to generate skin health metrics and track changes over time.
- **Product Recommendations:** Providing AI-generated skincare product suggestions tailored to your skin profile.
- **Progress Tracking:** Displaying your skincare journey through historical scan comparisons, streak tracking, and 30-day plans.
- **App Improvement:** Aggregated, anonymized usage data helps us improve features, fix bugs, and enhance the user experience.
- **Communications:** Sending important account notifications, security alerts, and optional promotional updates (with your consent).

## 3. Face Scan Data

Face scan images are a sensitive category of data (biometric information), and we treat them with the highest level of care:

- **Processing:** Images are securely transmitted to Haut.AI, our third-party AI partner, for skin analysis. Haut.AI processes images solely for the purpose of generating skincare metrics.
- **Storage:** Restored face images are stored in encrypted cloud storage (Supabase Storage) associated with your account. Raw captured images are processed and not permanently retained on our servers.
- **Purpose Limitation:** Face scan data is used exclusively for skincare tracking and analysis. It is never used for facial recognition, identity verification, or any purpose unrelated to skincare.
- **Deletion:** When you delete your account, all face scan images are permanently removed after the 30-day grace period.
- **OpenAI:** AI assistant that powers the in-app skin chat (AI Skin Advisor). When you use the chat, your messages and relevant skin data are sent to OpenAI to generate skincare guidance. This data is used only to produce your chat responses, is not used to identify you, and is not sold or rented. See https://openai.com/policies/privacy-policy.

## 4. Permissions We Request

The app requests the following device permissions:

- **Camera:** Required for face scan feature. Images are captured only when you actively initiate a scan.
- **Location (approximate):** Optional, used only for weather and UV index recommendations. You can deny and still use the app.
- **Notifications:** Optional, used for skincare reminders and account notifications.

You can revoke any permission at any time through your device settings.

## 5. Third-Party Services

We use the following third-party services to operate and improve the app:

- **Haut.AI:** Face analysis engine that processes scan images and generates skin metrics and product recommendations.
- **Supabase:** Cloud database and authentication infrastructure for secure data storage and user account management.
- **Apple App Store / Google Play:** Subscription processing and billing for premium features.
- **Amazon:** Product recommendation links may include Amazon affiliate links. Purchases through these links support app development.
- **Cloudflare:** Security services including Turnstile CAPTCHA protection during authentication to prevent automated abuse.
- **Weather APIs:** Location-based weather and UV index data for personalized sun exposure recommendations.

Each third-party service operates under its own privacy policy. We encourage you to review their policies for additional information.

## 6. Data Retention

- **Active Accounts:** Your personal data, scan images, and metrics are retained for as long as your account remains active.
- **Account Deletion:** When you request account deletion (via Settings), your account enters a 30-day grace period during which you can reactivate it. After 30 days, all personal data is permanently deleted.
- **Anonymized Data:** Aggregated, anonymized usage data that cannot be linked back to you may be retained indefinitely for research and app improvement purposes.

## 7. Your Rights

You have the following rights regarding your personal data:

- **Access:** You can view all personal data associated with your account within the app (Profile, scan history, metrics).
- **Export:** You can request a copy of your data by contacting us at app@reverseageineer.com.
- **Deletion:** You can delete your account and all associated data through Settings → Delete Account. Deletion is processed after a 30-day grace period.
- **Opt Out:** You can opt out of promotional communications at any time through the Notifications settings.
- **Correction:** You can update your personal information through the Profile settings at any time.

**If you reside in the European Economic Area or the United Kingdom (GDPR):** In addition to the rights above, you have the right to object to processing, request restriction of processing, withdraw consent at any time, and lodge a complaint with your local data protection authority.

**If you reside in California (CCPA/CPRA):** You have the right to know what personal information we collect, request deletion, opt out of the "sale" or "sharing" of personal information (we do not sell your data), and the right to non-discrimination for exercising these rights.

## 8. Data Security

We take the security of your data seriously:

- All data is transmitted using industry-standard TLS encryption.
- Face scan images and personal data are stored in encrypted cloud storage with access controls.
- Authentication uses secure, passwordless methods (magic links and one-time passwords).
- We do not sell, rent, or trade your personal data to any third party.
- Access to production data is restricted to authorized personnel only.

## 9. Children's Privacy

Reverse Ageineer is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal data, please contact us at app@reverseageineer.com and we will promptly delete the information.

## 10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify you through an in-app notification. Your continued use of the app after such notification constitutes acceptance of the updated policy.

## 11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

**Email:** app@reverseageineer.com

We aim to respond to all inquiries within 48 hours.