Legal
When you create an account, we collect your email address and password (stored securely hashed). You may optionally provide a profile photo.
We collect information you voluntarily provide about your skin, including:
When you use the skin scanner feature, you take a selfie using your device camera. This photo is transmitted securely to our backend services for AI-powered skin analysis. Scan photos are stored in your personal cloud storage folder (Supabase Storage) and are accessible only to you.
We collect information about how you use the app, including features accessed, scan history, routine completions, and product scan history. This data is used to provide and improve the service.
Subscription and purchase transactions are processed entirely by Apple through the App Store. We do not receive or store your payment card information. We receive from RevenueCat confirmation of active entitlements and subscription status.
We may collect your device type, operating system version, and app version for diagnostic and compatibility purposes.
We use the information we collect to:
We do not use your data to train AI models, sell to third parties, or target you with advertising.
GlowIQ uses the following third-party services to operate. Each service processes only the minimum data necessary for its function.
Purpose: Database, authentication, and secure file storage.
Data processed: User account data, skin profile, scan results, routine data, scan photos.
Storage: Data is stored on Supabase infrastructure (hosted on AWS). Data is retained as long as your account is active, or until you delete it.
Purpose: AI-powered skin analysis (the core scan feature).
Data processed: Your selfie photo (JPEG image file) is transmitted to AILab Tools' API for skin condition analysis. The API returns numerical scores and detection maps.
Retention: AILab Tools processes the image for analysis and does not retain uploaded photos after processing, per their data processing policy.
Location: AILab Tools servers are located in the United States.
Purpose: Powering AI chat responses, skin analysis summaries, routine generation, and ingredient analysis.
Model used: GPT-4o-mini.
Data processed: Skin scores and profile data (no photos) are sent as context to generate personalized text responses. Chat message history within a session is sent to generate replies.
Retention: OpenAI processes data per their API usage policy and does not retain inputs for model training (API usage policy, opted out).
Purpose: Subscription and purchase management.
Data processed: App Store transaction receipts, subscription status, entitlement information, and an anonymous user identifier.
Note: RevenueCat does not receive your name, email, or payment card details.
All data is transmitted over encrypted HTTPS connections. Scan photos are stored in private, access-controlled cloud storage. Passwords are hashed using bcrypt and never stored in plaintext.
Access to production databases and storage is restricted to authorized personnel. We implement industry-standard security measures including row-level security policies on all database tables.
While we take security seriously, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.
We retain your data for as long as your account is active. You may request deletion of your account and all associated data at any time from within the app (Settings → Privacy & Data → Delete Account) or by contacting us at glowiq@evtsoy.com.
Upon account deletion, we will delete:
Some anonymized, non-identifiable aggregate data may be retained for service analytics. Subscription purchase records may be retained by Apple and RevenueCat per their own policies.
Depending on your location, you may have the following rights regarding your personal data:
To exercise any of these rights, contact us at glowiq@evtsoy.com. We will respond within 30 days.
GlowIQ is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at glowiq@evtsoy.com and we will delete that information promptly.
Users between 13 and 17 must have parental consent to use the app.
GlowIQ is operated from the European Union. Your data may be processed by third-party services located in the United States and other countries. Where personal data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses where applicable.
For users in the European Economic Area (EEA), we process your personal data under the following legal bases:
California residents have the right to know what personal information is collected, sold, or disclosed; the right to opt-out of the sale of personal information; and the right to non-discrimination for exercising these rights. We do not sell personal information. To exercise your California rights, contact us at glowiq@evtsoy.com.
Skin analysis photos and health-related skin metrics may constitute sensitive personal data under certain privacy laws (including GDPR's special category data provisions). We process this data only with your explicit consent, given through the in-app Data Consent screen before your first scan. You may withdraw this consent at any time by deleting your account or contacting us.
The GlowIQ mobile app does not use cookies. Our website (glowiq.evtsoy.com) uses only essential cookies required for the website to function. We do not use advertising cookies or tracking pixels.
We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page with an updated date and, where required by law, by sending you a notice within the app. We encourage you to review this policy periodically.
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us: