Privacy Policy

Last updated: May 2, 2026

Craze Software, LLC(“we”, “us”, “our”) operates the Skin AI mobile application (the “App”). This Privacy Policy explains what we collect, how we use it, who we share it with, and the choices you have. By using the App you agree to this policy.

1. Information we collect

You provide directly

  • Account info — email address (or Apple/Google sign-in identifier), display name.
  • Onboarding answers — date of birth, gender, skin type, primary skin concern, goals, current routine complexity, whether you see a dermatologist, and similar personalization questions.
  • Selfies — face photos you submit for skin analysis. Stored in our private object storage and processed by our AI vision provider.
  • Product photos — photos of skincare products you scan to identify them or add to your shelf.
  • Habit and journal entries — daily routine check-ins, water intake, sleep, mood selections, free-text journal notes, and optional photos.

Generated automatically

  • Skin analysis results — your computed Skin Age, sub-scores, and zone breakdown derived from each selfie.
  • Subscription state — whether you have an active Pro entitlement, processed through RevenueCat (we do not see your payment card; the App Store / Google Play handles billing).
  • Conversion events — anonymized usage events (paywall shown, scan completed, product clicked, etc.) used to measure product performance.
  • Affiliate click tracking — when you tap a shop link we record the product and timestamp so we can attribute referral revenue.

2. How we use your information

  • Run AI skin analysis and generate your AM/PM routine and recommendations.
  • Track progress over time — scans, sub-score trends, weekly reports, streaks.
  • Schedule local reminder notifications for your routine and scan cadence (push only; never sold).
  • Improve the App — debug crashes, measure conversion funnels, and decide which features to invest in.
  • Comply with legal obligations and enforce our Terms of Service.

3. Who we share with

We do not sell your data. We share only with service providers we depend on to run the App:

  • OpenAI — performs the vision and text-generation steps that produce your skin analysis and routine. Selfies and product photos are sent transiently and are not used by OpenAI to train their models per their API data policy.
  • Supabase — hosts our Postgres database, authentication, and image storage. Servers located in the United States.
  • RevenueCat — manages subscription state received from Apple and Google.
  • Apple Sign-In and Google Sign-In — when you choose those login methods.
  • Amazon Associates and other affiliate partners — when you tap an affiliate link, the partner sees the referral but does not receive your personal account data from us.

We may also disclose information when required by law, to protect our rights, or in connection with a corporate transaction (in which case we will continue to honor this policy).

4. Retention and deletion

We keep your data while your account is active. You can delete your account from inside the App (Settings → Delete Account). Deletion immediately removes your profile, scans, plans, habits, journal entries, subscription history, affiliate clicks, and stored selfies. Backups are rotated within 30 days.

To request deletion outside the App, email us at support@aiskinapp.com from the address associated with your account.

5. Your rights

Depending on where you live you may have rights to:

  • Access a copy of the personal data we hold about you.
  • Correct inaccurate data.
  • Delete your data (one-tap inside the App).
  • Object to certain processing or opt out of analytics.
  • Port your data to another service.

Reach support@aiskinapp.com to exercise any of these rights. We respond within 30 days.

6. Children

Skin AI is not directed at children under 13. We do not knowingly collect data from anyone under 13. If you believe a child has signed up, contact us and we will delete the account.

7. International users

The App is operated from the United States. By using it you consent to your information being transferred to and processed in the U.S. and any other country where our service providers operate.

8. Security

We use industry-standard transport encryption (HTTPS/TLS) for all communication, encrypted at-rest storage, and Row-Level Security in our database to make sure your records are accessible only to you. No method is perfectly secure; we will notify affected users if a breach materially affects them.

9. Changes

We may update this policy. When we do, we’ll change the “Last updated” date at the top and surface a notice in the App for material changes. Continued use after the effective date means you accept the revised policy.

10. Contact

Questions, complaints, or rights requests: support@aiskinapp.com
Craze Software, LLC