Privacy Policy

1. Introduction

Welcome to Skincentric! We offer a platform to explore and learn about skincare. Please note that while we provide educational and informational resources (including but not limited to Skin Plans, Routines, Images, Media, Skin Coach, or any future products and services), we are not medical professionals and do not provide medical advice. All information and content you encounter through Skincentric is for educational purposes only. Always consult a qualified healthcare provider for questions or concerns regarding a medical condition.

We offer free and paid features. We do not show third-party behavioral ads in the app at this time. This Privacy Policy explains the information we collect, how we use it, and the steps we take to protect it. By using our website, mobile app, or any of our online products and services (collectively, our "Services"), you agree to the practices described in this policy.

2. Information We Collect About You

1. Account Information. When you open an account, you provide us with information such as your name, address, age, email, phone number, and skin care topics that interest you.
2. Payment & Billing Information. If you purchase a subscription or other paid feature, payment processing is provided by our third-party processor, Stripe. We do not store full credit or debit card numbers or CVV on Skincentric servers. Stripe collects and processes your payment details pursuant to its own terms and privacy policy. We may receive and store limited billing information from Stripe—such as your name, email, billing address, card brand and last four digits, expiration month/year, Stripe customer/subscription/invoice IDs, transaction and refund IDs, payment status, and tax determinations and amounts via Stripe Tax—so we can operate the Services, prevent fraud, calculate and collect taxes, provide receipts/support, manage your subscription or prepaid access, and process refunds.
3. Usage Information. When you use Skincentric (even without an account), we collect information about how you interact with our Services, such as the pages or features you use, and any transactions you undertake with us.
4. Community Content. If you participate in our community features ("Communities"), you may create posts, comments, or send messages (collectively, "Content").
5. Definition of "Content." "Content" refers only to the public or private posts and related data that you share within the Communities (e.g., forums, group chats, direct messages in the Communities). This does not include your personal routine information, progress photos, or other data you do not intentionally publish to the Communities.
6. Web Browser and Geolocation. We may collect information about your web browser and approximate geolocation (based on IP address), including for security, fraud prevention, and tax calculation (via Stripe Tax).
7. Chat Prompts & Responses (Skin Coach Lite). When you use Skin Coach Lite, we collect your messages/prompts, tool calls (e.g., requests to analyze a routine), and the assistant's responses. We also log basic metadata (timestamps, language, feature flags) to operate, secure, and improve the feature.
8. SkinID & Routine Metadata. If you enable personalization, we store minimal fields needed to tailor guidance (e.g., SkinID typing/flags and routine step names, actives/ingredients, frequency, and other usage data) on your device and may store them on our servers to ensure the feature functions consistently.
9. Photos, Videos, Audio, and Biometric Identifiers ("Media Data"). If you use certain features (e.g., progress tracking, skin analysis tools, or future services that require media), you may voluntarily upload, record, or share media data. This may include photos, videos, audio recordings, and the derived biometric identifiers (e.g., facial or skin surface measurements) necessary for the feature to function. We only collect and process this data with your explicit consent, and we treat it as sensitive personal information. We do not use your Media Data to train third-party AI models.
10. Other Information. We may collect information when you communicate with us (e.g., customer support emails) or information provided via a third-party partner (e.g., when you create an account through a social media login).

3. How We Use Information About You

1. Providing and Improving Our Services. We use information about you to operate, maintain, and enhance the Skincentric platform. This may include using your Media Data (photos, videos, audio, biometric data) to generate personalized routines, educational resources, or other product features.
2. AI Processing (Skin Coach Lite). To generate answers, we may transmit your prompts and relevant personalization fields to AI service providers acting as our processors. We configure providers to not use your data to train their public models and to apply limited retention consistent with security and abuse prevention. We may review de-identified or aggregated interactions to operate, secure, and improve Skin Coach Lite.
3. Communication. To communicate with you, including responding to support requests, providing customer service, and sending you technical notices, updates, security alerts, and administrative messages.
4. Marketing. To send you marketing communications about our products and services. You can opt out of these at any time.
5. Personalization. To tailor the Services to your needs, such as providing customized routine recommendations, content, or features based on your SkinID or usage data.
6. Legal and Safety. To comply with law, regulation, legal process, or governmental request; to protect the rights, property, and safety of Skincentric, our users, or the public; or to detect and prevent fraud or security issues.

4. How We Share Information About You

We do not sell your personal information. We may share information as follows:

• With Service Providers. We share information with third-party vendors, consultants, and other service providers who need access to such information to perform work on our behalf (e.g., payment processing, data hosting, analytics, AI infrastructure). These third parties are bound by confidentiality obligations and are prohibited from using personal information for any purpose other than providing the service.
• With Other Users (Communities). If you use our Community features, the Content you post (including text, images, and your username/profile details) may be visible to other users in that Community, depending on the privacy settings of that forum or chat. Even if you may have seen a doctor about your skin concerns, sharing your experiences in the Communities means that information is publicly or privately visible to other users within that Community space.
• Profile Page: If you have an account, you may have a public profile page. Your profile is visible to other users, but the rest of your account details are not publicly displayed.
• Routine & Progress Data: Your personal routine information or progress photos remain private unless you explicitly choose to post or share them in the Communities.

5. How We Protect Your Information

We use reputable third-party storage providers and security tools to help protect against unauthorized access, alteration, disclosure, or destruction of your personal information. However, no online platform can guarantee absolute security.

Payments Security. We use Stripe to process payments. Stripe is a PCI DSS certified Level 1 Service Provider, the most stringent level of certification available in the payments industry. We do not store your full payment card details.

Media Data (Sensitive Personal Information). If you provide media data, we treat it as sensitive and obtain your consent where required. You can delete Media Data you uploaded from within the app.

6. Retention of Information

We store information for as long as necessary to provide the Services and for the purposes described in this Policy, including to comply with our legal, accounting, and reporting obligations, resolve disputes, and enforce our agreements. For payment records, tax records, invoices, refunds, and subscription history, we generally retain associated data for the period required by applicable law (for example, tax and audit requirements). When we no longer need personal information, we take steps to delete, de-identify, or aggregate it.

7. Children's Privacy

Our Services are not directed to children under the age of 13. If we learn that we have collected personal information from a child under 13 without verifiable parental consent, we will take steps to delete the information as soon as possible. If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us at privacy@skincentric.us.

8. International Data Transfers

Skincentric is based in the United States and the information we collect is governed by U.S. law. If you access the Services from outside the U.S., please be aware that information we collect may be transferred to, processed, and stored in the U.S. and other jurisdictions where our service providers operate. Data protection laws in these jurisdictions may differ from those in your country of residence.

For transfers of personal information from the European Economic Area (EEA), the United Kingdom (UK), or Switzerland to countries not deemed to provide an adequate level of data protection, we use appropriate safeguards for such transfers (for example, Standard Contractual Clauses). We plan to adhere to any applicable Data Protection Framework(s) once we have established a threshold of accounts in these regions.

9. Your Privacy Rights

Depending on where you live, you may have the right to access, delete, or correct your personal information. We honor all such rights as required by law. You can often access and manage your account information within the app or by submitting a request to privacy@skincentric.us.

California Residents. The California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act (CPRA), generally applies to for-profit businesses that satisfy at least one of the following thresholds: (i) annual gross revenues greater than $25 million (or $25.625M for the preceding calendar year beginning in 2025), (ii) buying, selling, or sharing the personal information of 100,000 or more California residents or households in a year, or (iii) deriving 50% or more of annual revenue from selling or sharing California residents' personal information (including cross-context behavioral advertising).

Accordingly, the CCPA/CPRA does not currently apply to Skincentric. Regardless of current coverage, we voluntarily honor verified requests from California residents to the extent applicable, including: the right to know/access, delete, and correct personal information; the right to opt-out of sale or sharing (including cross-context behavioral advertising); the right to limit the use and disclosure of sensitive personal information where applicable; and the right to non-discrimination for exercising privacy rights. You may submit requests via privacy@skincentric.us.

10. Changes to This Privacy Policy

We may amend or change this Privacy Policy from time to time. Any revisions will be noted by updating the "Date" at the top. In the event of material changes, we may also send an email to the address associated with your Skincentric account.