CosmeticLens Privacy Policy

Last updated: 2026-02-01 · Effective: 2026-02-01

1. Our Privacy Commitment

CosmeticLens is built around the principle that personal cosmetic preferences are private. We collect the minimum amount of data necessary to run the App and keep your sensitivity profile, scan history, and product photos under your direct control.

2. Data We Collect On-Device Only (Never Leaves Your Phone)

The following stays exclusively on your device, in the iOS app sandbox, and is never transmitted to our servers:

  • Sensitivity Profile: the ingredient categories you mark as "caution / avoid / allergic" (e.g., fragrance, parabens, retinoids)
  • Skin Type & Life Stage: e.g., "sensitive", "pregnancy second trimester"
  • Scan History: list of past scans, product names, ingredient lists, and risk classifications
  • Favorites: products you have starred for later reference

You can delete this data at any time by clearing the App's data through iOS Settings or by uninstalling the App.

3. Photos You Take Inside CosmeticLens

When you photograph a cosmetic product's ingredient label, the photo is:

  1. Sent to our ingredient detection backend (AIO Gateway) for OCR and ingredient identification
  2. Processed transiently — the image is not retained on our servers after the detection response is returned
  3. Subject to industry-standard transit encryption (TLS)

We never share these photos with third parties, never use them for advertising, and never use them to train third-party AI models.

4. Ingredient Detection (Vision Language Model)

CosmeticLens uses a Vision Language Model (VLM) for ingredient extraction. The model receives only:

  • The image you captured
  • Your avoided ingredient category list (e.g., "fragrance, preservative") — but not the level (caution/avoid/allergic)
  • Your skin type and life stage (so the model can prioritize relevant warnings)

The model does not receive your name, email, location, or any identifier that could link a scan to your real-world identity.

5. Account & Authentication

CosmeticLens currently does not require an account. Future cross-device sync (if introduced) will be opt-in and explicitly disclosed.

6. Analytics and Crash Reporting

We use anonymous analytics (event counts, feature usage, crash traces) to improve the App. Analytics data:

  • Is not linked to your identity
  • Does not include photos, ingredient lists, or sensitivity profile contents
  • Can be opted out via iOS Settings → Privacy → Tracking

Crash reports may contain stack traces and device model — never user content.

7. Subscriptions

In-App Purchases are processed by Apple under the Apple Media Services Terms. We receive only the subscription status (active / expired) needed to gate Pro features. We do not see your Apple ID, payment method, or billing address.

8. Children's Privacy

CosmeticLens is not directed to children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us data, contact us and we will delete it.

9. Third-Party Services

CosmeticLens integrates with the following third-party services:

  • Apple In-App Purchase — subscription processing (Apple's Privacy Policy applies)
  • Sentry — anonymous crash reporting (Sentry's Privacy Policy applies)
  • AIO Gateway (SignalRender infrastructure) — VLM ingredient detection routing

10. Your Rights

You have the right to:

  • Access: view your sensitivity profile and scan history inside the App
  • Delete: clear all local data by uninstalling the App or via iOS Settings
  • Opt-out of analytics: via iOS Settings → Privacy → Tracking
  • Contact us: at [email protected] for any privacy question

11. Updates

We may update this Privacy Policy from time to time. Material changes will be highlighted in the App's About page changelog.

12. Contact

Privacy questions? [email protected] or via the in-app Feedback feature.