Privacy Policy
Last updated: April 23, 2026
1. Introduction
Cutisense ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data when you use the Cutisense mobile application ("App").
By using the App, you agree to the practices described in this policy.
2. Information We Collect
2.1 Information You Provide
- Display name — used to personalise your experience
- Age — to tailor skincare recommendations
- Skin profile — skin type, concerns, goals, sensitivity, routine preferences
- Environmental data — climate, sun exposure, urban stress level (self-declared)
- Product list — products you manually add to your vanity
- Ingredient preferences — ingredients you wish to avoid
We do not collect facial photographs or biometric data. All skin analysis is based solely on information you declare yourself.
2.2 Information Collected Automatically
- Crash reports — via Firebase Crashlytics, to identify and fix technical issues
- Usage analytics — via Firebase Analytics, including screens visited, session duration, and in-app events
- Subscription status — via RevenueCat, to manage your premium entitlements
3. How We Use Your Information
- To generate personalised skincare recommendations powered by the Gemini API (Google)
- To maintain and improve the App's performance and stability
- To manage your subscription and premium features
- To respond to your support requests
We do not sell your personal data to third parties.
4. Third-Party Services
Your data may be processed by the following trusted third-party services:
| Service | Purpose |
|---|---|
| Supabase | User authentication and data storage |
| Google Gemini API | AI-powered skincare analysis |
| Firebase Analytics | App usage analytics |
| Firebase Crashlytics | Crash reporting and stability monitoring |
| RevenueCat | Subscription management |
| Apple / Google | In-app payment processing |
| Cloudflare | Website hosting and delivery |
Data sent to Google Gemini for analysis is used solely to generate your recommendations and is not used to train Google's models under our API agreement.
5. Data Storage & Security
Your personal data is stored on Supabase infrastructure, hosted on AWS data centres. Our website is served via Cloudflare. We apply industry-standard security measures including encrypted connections (TLS) and role-based access controls.
Data is retained until you delete your account. Upon account deletion, your personal data is permanently removed from our systems.
6. Children's Privacy
Cutisense is intended for users aged 16 and older. We do not knowingly collect data from anyone under 16. If you believe a person under 16 has provided us with personal data, please contact us at the address below.
7. Your Rights (GDPR)
If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights:
- Right of access — request a copy of your personal data
- Right to rectification — correct inaccurate data via your in-app profile
- Right to erasure — delete your account and all associated data via Settings → Delete My Account
- Right to data portability — request an export of your data via Settings → Export My Data
- Right to object — object to certain processing activities
- Right to withdraw consent — at any time, without affecting prior processing
To exercise any of these rights, use the in-app tools or contact us at: legal@cutisense.app
8. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via the App or by updating the "Last updated" date above. Continued use of the App after changes constitutes acceptance.
9. Contact
For privacy-related questions or data requests:
legal@cutisense.app