Privacy Policy

AuraFace ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy.

2.1 Information You Provide

• Account information (email address, name)
• Profile data (gender, age range, height, self-rating)
• Face photos uploaded for analysis
• Quiz responses and preferences
• Payment information (processed by our payment provider)

2.2 Information Collected Automatically

• Device information (type, operating system, unique identifiers)
• Usage data (features accessed, time spent, interactions)
• IP address and approximate location
• App analytics and crash reports

• To provide AI-powered face analysis using Google's Gemini 2.0 Flash model
• To generate personalized improvement tips and recommendations
• To track your progress over time
• To process payments and manage subscriptions
• To send you relevant notifications and updates
• To improve our Service and develop new features
• To respond to your requests and provide customer support

When you submit a photo for analysis, it is sent to our secure server and processed using Google's Gemini API. The AI analyzes facial attributes including symmetry, skin quality, facial harmony, eye area, jawline, and nose structure.

Important: Google does not use data submitted through the Gemini API to train their models. Your photos are processed in real-time and are not permanently stored by Google.

Your data is stored using the following services:

• Supabase: Account data, scan results, and profile information are stored in our Supabase database with Row Level Security (RLS) enabled
• Cloudflare R2: Face images may be stored temporarily for progress tracking
• Device storage: Preferences and cached data are stored locally on your device

All data is encrypted in transit (TLS) and at rest.

We use the following third-party services:

• Google Gemini: AI face analysis processing
• Supabase: Database and authentication
• Cloudflare R2: Image storage
• RevenueCat: In-app subscription management (mobile)
• Dodo Payments: Web payment processing
• Vercel: Website hosting

Each of these services has their own privacy policy governing their use of your data.

We do not sell your personal data. We may share your information only in the following circumstances:

• With service providers who assist in operating our Service (listed above)
• When required by law or to respond to legal process
• To protect our rights, privacy, safety, or property
• In connection with a merger, acquisition, or sale of assets

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate data
• Deletion: Request deletion of your account and all associated data
• Portability: Receive your data in a structured, machine-readable format
• Opt-out: Unsubscribe from marketing communications

To exercise any of these rights, please contact us at privacy@auraface.lol.

You can delete your account at any time through the app settings. When you delete your account:

• All personal data is permanently removed from our servers within 30 days
• Stored images are deleted immediately
• Scan history and results are permanently erased
• Active subscriptions will be cancelled

We retain your personal data only for as long as necessary to provide the Service and fulfill the purposes described in this policy. When you delete your account, we remove your data within 30 days, except where retention is required by law.

Our Service is not intended for children under the age of 18. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us.

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with a supervisory authority. Our legal basis for processing your data includes consent, contract performance, and legitimate interests.

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights regarding your personal information, including the right to know what data we collect, the right to delete your data, and the right to opt-out of the sale of your data. We do not sell personal data.

We implement appropriate technical and organizational measures to protect your personal data, including encryption, access controls, and regular security assessments. However, no method of transmission over the Internet is 100% secure.

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

If you have any questions about this Privacy Policy, please contact us at:

• Email: privacy@auraface.lol
• Website: https://auraface.lol