Privacy Policy
Last updated: February 6, 2026
At Dermetric, we take your privacy seriously. This Privacy Policy explains how we collect, use, and protect your information when you use our AI-powered skin analysis application and the Ethereal Dermis engine.
1. Information We Collect
1.1 Camera and Face Data
Our app requires access to your device's camera to capture facial images (selfies) for analysis purposes. This data is voluntarily provided by you when you initiate a scan.
- What we collect: Facial images and extracted skin metadata (texture, oiliness, aging markers).
- Processing: Photos are processed immediately on our secure servers via encrypted channels.
- Ephemeral Nature: By default, photos are deleted immediately after analysis (typically within seconds). We do not permanently store your facial photos on our servers.
1.2 Device Information and Identifiers
We collect technical data to optimize app performance and manage anonymous accounts:
- Device model, OS version, and unique identifiers (e.g., Android ID, Firebase Anonymous UID).
- Device fingerprints are used solely to enforce fair usage limits for free scan services and prevent system abuse.
2. How We Use Information
Your data is used exclusively for:
- Analyzing skin characteristics and generating personalized reports.
- Providing AI-powered product recommendations (for Premium users).
- Improving our diagnostic algorithms (using anonymized, non-identifiable data only).
- Enforcing usage limits and preventing fraud.
3. Face Data Disclosure (Biometric Privacy)
In accordance with Apple Guideline 5.1.1, we provide the following explicit disclosures regarding face data:
- Third-Party Sharing: We share ZERO face data with third parties. Our application does not transmit, sell, or allow access to facial images or biometric metadata to any third-party advertising networks, analytics providers, or external SDKs.
- Reasons for Sharing: Since face data is not shared with third parties, no reasons for sharing exist. Any third-party services used by the app (e.g., Google Analytics, Firebase) receive only anonymous device identifiers and usage metadata, never biometric data.
- Third-Party Storage: No third party stores your face data. Biometric processing is performed exclusively within our secure private infrastructure.
- Retention Policy: All facial images are processed ephemerally in volatile memory. They are deleted immediately (0-second retention) after the analysis is performed and are never committed to persistent storage (disk or database).
Required face data information (Guideline 5.1.1)
The following directly addresses the information required for apps that use face data:
- Which third parties you share face data with: None. We do not share face data (facial images or biometric data) with any third parties.
- Your reasons for sharing face data with third parties: Not applicable. We do not share face data with any third parties, so there are no reasons for sharing.
- Whether third parties store face data, and if so their practices: No third party stores your face data. No third parties have access to or store your face data. All face data is processed only on our own infrastructure and is deleted immediately after analysis; it is never stored by us or by any third party.
4. Data Sharing and Third Parties
We do NOT share, sell, or transfer your personal information to third parties for marketing purposes. We distinguish between Third Parties and Service Providers:
- Service Providers: We use trusted partners (e.g., Google Firebase, Analytics) solely for infrastructure support, crash reporting, and fraud prevention. These partners act as data processors and are contractually bound to provide the same level of protection as stated in this policy.
- Face Data Exclusion: Face data is strictly excluded from all third-party integrations.
5. Storage, Retention, and Deletion
We respect your right to control your data:
- Retention: Metadata is retained only as long as necessary for the core functionality of the app.
- Revocation of Consent: You may revoke consent for camera access at any time via your device system settings. Revoking consent will prevent the app from performing skin analysis.
- Deletion Requests: To request deletion of your account and all associated metadata, email [email protected] with "Data Deletion Request". We will purge all data within 30 days.
6. Your Rights
Under applicable privacy laws (including GDPR, CCPA, and other regional regulations), you have the following rights regarding your personal information:
- Right to Access: You have the right to request access to the personal information we hold about you, including any metadata associated with your account.
- Right to Rectification: You may request correction of any inaccurate or incomplete personal information we have about you.
- Right to Erasure: You have the right to request deletion of your personal information. As stated in Section 5, facial images are deleted immediately after analysis. You may request deletion of account metadata by contacting us.
- Right to Data Portability: You can request a copy of your data in a structured, machine-readable format.
- Right to Object: You may object to certain processing activities, such as the use of your anonymized data for algorithm improvement.
- Right to Restrict Processing: You can request that we limit how we process your personal information in certain circumstances.
- Right to Withdraw Consent: You may withdraw your consent for data processing at any time by revoking camera permissions in your device settings or by contacting us.
How to Exercise Your Rights: To exercise any of these rights, please contact us at [email protected] with your request. We will respond to your request within 30 days and may require verification of your identity to protect your privacy.
Right to Lodge a Complaint: If you believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection authority.
7. Children's Privacy
Dermetric is not directed to children under the age of 13. We do not knowingly collect personal information from individuals in this age group.
8. Contact Us
If you have any questions regarding this policy or our data practices, please contact us at:
[email protected]