Privacy Policy

Welcome to KareAI ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2.1 Personal Information

We may collect the following types of personal information:

• Account Information: Email address, name, and password when you create an account
• Profile Information: Age, gender, skin type, skin concerns, and other skin-related preferences you provide during onboarding
• Photos: Selfie images you capture for skin analysis
• Payment Information: Billing details processed securely through our payment providers (Stripe via RevenueCat)

2.2 Automatically Collected Information

When you use our Service, we automatically collect:

• Device information (type, operating system, unique identifiers)
• Usage data (features used, time spent, actions taken)
• Log data (IP address, browser type, pages visited)
• Analytics data through Mixpanel for service improvement

We use the collected information for the following purposes:

• Skin Analysis: To analyze your skin photos using AI and provide personalized insights and recommendations
• Personalization: To customize your experience based on your skin profile and preferences
• Service Improvement: To understand how users interact with our Service and improve functionality
• Communication: To send you updates, newsletters, and promotional materials (with your consent)
• Customer Support: To respond to your inquiries and provide assistance
• Legal Compliance: To comply with applicable laws and regulations

Your privacy regarding photos is of utmost importance to us. Here is how we handle your selfie images:

• Photos are transmitted securely using encryption (HTTPS/TLS)
• Photos are processed by our AI systems hosted on Google Cloud Platform using Vertex AI
• Analysis results are stored securely and associated with your account
• Original photos are stored in encrypted cloud storage (Google Cloud Storage) for your scan history
• You can request deletion of your photos at any time
• We do not sell or share your photos with third parties for advertising purposes

Important Notice: KareAI collects and processes biometric data (facial geometry) from the photos you submit for skin analysis. By using our Service, you consent to this collection and processing.

What We Collect

• Facial Images: Selfie photos you capture for skin analysis
• Facial Geometry: Measurements and mapping of facial features used to identify skin concerns in specific areas
• Skin Analysis Data: AI-generated assessments of 14 skin metrics including wrinkles, pores, texture, acne, and more

How We Use Biometric Data

• To analyze your skin health and identify areas of concern
• To track changes in your skin over time
• To provide personalized product recommendations
• To create customized AM/PM skincare routines
• To improve our AI analysis accuracy (in anonymized, aggregated form only)

Retention and Deletion

• Photo Images: Your selfie photos are automatically deleted after 90 days from the date of capture
• Analysis Results: Skin analysis scores and metrics are retained until you delete your account
• Early Deletion: You can delete your account and all associated data at any time through the Profile settings in the app or website. This will immediately and permanently delete all your photos, biometric data, scan history, and personal information. Alternatively, you can contact support@kareai.app to request data deletion

Your Consent

By creating an account and using our skin analysis features, you explicitly consent to the collection, processing, and storage of your biometric data as described above. You may withdraw your consent at any time by deleting your account, which will result in the deletion of all your biometric data.

We use the following third-party services to operate our Service:

• Google Cloud Platform: Cloud infrastructure, storage, and AI/ML services
• RevenueCat: Subscription management and payment processing
• Stripe: Payment processing (through RevenueCat)
• Mixpanel: Analytics and usage tracking
• Apple/Google Sign-In: Authentication services

Each of these services has their own privacy policies, and we encourage you to review them.

We retain your personal information for as long as your account is active or as needed to provide you with our Service. You can request deletion of your account and associated data at any time through the app settings or by contacting us.

After account deletion, we may retain certain information for a limited period for legal and legitimate business purposes, such as resolving disputes or complying with legal obligations.

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit and at rest
• Secure authentication mechanisms (JWT tokens)
• Regular security assessments and updates
• Access controls and employee training
• Secure cloud infrastructure on Google Cloud Platform

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data ("right to be forgotten")
• Portability: Request your data in a portable format
• Objection: Object to certain processing activities
• Withdraw Consent: Withdraw consent for consent-based processing

To exercise these rights, please contact us at support@kareai.app.

Our Service is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place to protect your information in compliance with applicable data protection laws.

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

If you have any questions about this Privacy Policy or our data practices, please contact us at:

• Email: support@kareai.app
• Website: https://kareai.app

If you are a California resident, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to say no to the sale of personal information
• Right to access your personal information
• Right to equal service and price

We do not sell personal information to third parties. To exercise your CCPA rights, please contact us using the information above.

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Legal Basis: We process your data based on your consent, contract performance, or legitimate interests
• Data Protection Officer: Contact our DPO at support@kareai.app
• Supervisory Authority: You have the right to lodge a complaint with your local data protection authority