Complexion Beauty ("Complexion," "we," "us," or "our") operates the Complexion Beauty mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App.
Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not use the App.
1. Information We Collect
Information You Provide Directly
- Account Information: When you create an account, we collect your name, email address, and authentication credentials. If you sign in with Google or Apple, we receive your name and email from those services.
- Beauty Profile: Information you provide during the beauty assessment, including skin type, skin tone, skin concerns, allergies, sensitivities, product preferences, budget preferences, and routine complexity.
- Product Data: Information about beauty products you add to your collection, including product names, brands, categories, barcode data, purchase dates, and usage frequency.
- Skin Diary Entries: If you use the skin diary feature, we store your skin feeling ratings, lifestyle factors (sleep, water intake, stress level, exercise), notes, and optional selfie photos for skin progress tracking.
- Chat Messages: Conversations with Lexi, our AI beauty assistant, are stored to maintain conversation history and improve recommendations.
Information Collected Automatically
- Device Information: Device type, operating system version, unique device identifiers, and mobile network information.
- Usage Data: How you interact with the App, including features used, screens viewed, routine completion data, and timestamps.
- Camera Data: When you use the barcode scanner, photo recognition, or skin diary selfie features, we access your device camera. Photos are processed for product identification or skin tracking purposes only.
- Face Data: When you use the face scan or skin diary selfie features, on-device face detection (Google ML Kit) is used solely to guide camera positioning (e.g., "center your face in the oval"). No facial geometry, biometric identifiers, or facial feature maps are collected, stored, or transmitted. See Section 3A below for details on how selfie photos are processed.
Information from Third-Party Services
- Product Information: We retrieve product data from third-party databases using barcodes or product names you provide.
- Article and Video Content: We retrieve beauty-related articles and videos from third-party search and video APIs based on your beauty interests.
- Shopping and Price Information: When you use price comparison features, we retrieve pricing data from third-party shopping APIs.
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the App and its features
- Generate your personalized beauty plan and skincare routine
- Power Lexi, our AI beauty assistant, with context about your products, skin profile, and preferences
- Track product usage and provide replenishment reminders
- Analyze ingredient safety and detect ingredient conflicts
- Track skin progress over time through the skin diary
- Send push notifications for routine reminders, product expiration alerts, and replenishment notifications
- Provide personalized article and video recommendations in the Discover tab
- Facilitate affiliate product purchases through third-party retailers
- Analyze app usage to improve features and user experience
3. How We Share Your Information
We do not sell your personal information to third parties.
3A. Face Data and AI Skin Analysis
When you use the face scan feature, the App captures a selfie photo and sends it to Anthropic, PBC ("Anthropic") via their Claude API for AI-powered skin analysis. The analysis identifies visible skin characteristics such as skin type, tone, and concerns (e.g., dryness, redness). This is a beauty assessment, not a medical diagnosis.
- What face data is collected: A single front-facing selfie photo. No facial geometry, biometric templates, or facial recognition data is collected.
- How face data is used: The photo is sent to Anthropic's Claude API solely to generate a skin characteristic assessment. The results (skin type, tone, and concerns) are stored in your beauty profile to personalize your routine.
- Third-party sharing: The selfie photo is shared only with Anthropic, PBC for processing. Anthropic does not retain the photo after processing, does not use it to train AI models, and processes it in accordance with Anthropic's Privacy Policy.
- Storage: Photos used for skin analysis are processed transiently and are not stored on our servers. If you use the skin diary feature, selfie photos you choose to save are stored in Firebase Storage (Google Cloud) under your private user path and are accessible only to your account.
- Retention: Skin analysis photos are not retained by Complexion or Anthropic after processing. Skin diary photos are retained until you delete them individually, or until you delete your account, at which point all photos are permanently removed.
- On-device processing: Face detection for camera positioning guidance uses Google ML Kit and runs entirely on your device. No face detection data leaves your device.
- User consent: Before any data is sent to Anthropic for the first time, the App displays a consent dialog that discloses what data will be shared, identifies Anthropic as the recipient, and requires your explicit permission to proceed.
We may also share information in the following circumstances:
- AI Processing: Your beauty profile, chat messages, product names from your collection, and selfie photos (for skin analysis) are sent to Anthropic, PBC via their Claude API to power Lexi (our AI beauty assistant), generate personalized beauty plans, analyze ingredients, and perform skin analysis. Anthropic processes this data transiently, does not retain photos, and does not use your data to train AI models. Before any data is sent to Anthropic, the App requires your explicit consent via an in-app dialog.
- Product and Content APIs: Product names and barcodes are sent to third-party product databases to retrieve product information. Beauty interest categories are sent to search and video APIs to retrieve content recommendations.
- Affiliate Links: When you tap an affiliate link to purchase a product, you are redirected to a third-party retailer's website. Your interaction with those websites is governed by their respective privacy policies.
- Firebase Services: We use Google Firebase for authentication, data storage, cloud functions, and push notifications. Your data is stored on Firebase servers and processed according to Google's data processing terms.
- Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities.
- Business Transfers: If Complexion Beauty is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
4. Data Storage and Security
- Your data is stored on Google Firebase servers located in the United States.
- We use industry-standard security measures including encryption in transit (TLS) and Firebase security rules that restrict data access to authenticated users.
- Selfie photos from the skin diary are stored in Firebase Storage and are accessible only to your account. Selfie photos used for AI skin analysis are processed transiently and are not stored on our servers or by Anthropic.
- We do not store credit card information, payment details, or passwords in our systems. Authentication is handled by Firebase Auth, and payments are processed by third-party retailers through affiliate links.
5. Your Rights and Choices
Access and Update Your Data
You can view and update your beauty profile, product collection, and account information directly within the App through the Settings screen.
Delete Your Account
You can delete your account and all associated data at any time through the App's Settings screen. When you delete your account:
- Your beauty profile, product collection, routines, and preferences are permanently deleted from our servers
- Your skin diary photos are permanently deleted from Firebase Storage
- Your chat history with Lexi is permanently deleted
- This action is irreversible
Manage Notifications
You can enable or disable push notifications through the App's Settings screen or through your device's notification settings.
Camera Access
You can revoke camera access at any time through your device's settings. This will disable barcode scanning, photo recognition, and skin diary selfie features.
Data Portability
You may request a copy of your data by contacting us at the email address below.
6. Children's Privacy
The App is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal information, we will promptly delete that information. If you believe a child under 13 has provided us with personal information, please contact us.
7. Third-Party Links and Services
The App contains links to third-party websites and services (including retailer websites for product purchases). We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through the App.
8. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last Updated" date at the top of this policy and, for material changes, by providing notice through the App or via email.
9. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:
Complexion Beauty
Operated by CullWell Technologies, LLC
Email: privacy@complexion.app
Website: https://complexion.app
10. California Residents (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to request deletion, and the right to opt out of the sale of personal information. As noted above, we do not sell personal information. To exercise your rights, contact us at the email address above.
11. European Residents (GDPR)
If you are a resident of the European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR), including the right to access, rectification, erasure, restriction of processing, data portability, and the right to object. Our legal basis for processing your information is your consent (provided when creating an account) and our legitimate interests in providing the App's services. To exercise your rights, contact us at the email address above.