Privacy Policy

Information You Provide

• •Account information: name, email address, and profile details when you create an account (via Clerk authentication)
• •Wellness data: mood logs, energy levels, sleep quality, hydration tracking, and other wellness entries you choose to record
• •Preferences: notification settings, app preferences, and customization choices
• •Communications: messages you send to our support team or through Luna AI

Information Generated by the App

• •Glow Scores and skin metrics (numerical values only - photos are processed on-device and never uploaded)
• •Vital signs data: heart rate, HRV, respiratory rate, and SpO2 estimates (numerical values only)
• •CRRNCY Index and phase progression data
• •Routine adherence and achievement data
• •App usage analytics and feature interactions

Information We Do NOT Collect

• •Photos or videos of your face - all facial analysis happens locally on your device
• •Biometric identifiers or facial recognition data
• •Location data (unless you enable Shield environmental features)
• •Contacts, messages, or other personal content from your device

To Provide Our Services

• •Process your wellness data to generate insights, scores, and personalized recommendations
• •Power Luna AI conversations with context about your wellness journey
• •Track your progress over time and visualize trends
• •Deliver Shield environmental alerts based on your location (if enabled)
• •Sync your data across devices

To Improve Our Services

• •Analyze aggregated, anonymized usage patterns to improve features
• •Train and improve our AI models using anonymized data (you can opt out)
• •Identify and fix bugs and performance issues
• •Develop new features based on user needs

To Communicate With You

• •Send important account and security notifications
• •Deliver wellness reminders and insights (with your permission)
• •Respond to your support requests
• •Share product updates and new features (you can opt out)

We Never Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes. Your wellness data is yours.

Service Providers

We work with trusted service providers who help us operate CRRNCY Beauty:

• •Clerk: Authentication and account management
• •Vercel: Hosting and infrastructure
• •PostgreSQL/Prisma: Secure database storage
• •AI Services: Powers Luna conversations (no photos or biometric data shared)
• •RevenueCat: Subscription management
• •Google Analytics: Anonymized usage analytics (can be disabled)

Legal Requirements

We may disclose information if required by law, court order, or to protect the rights, property, or safety of CRRNCY Beauty, our users, or others.

Encryption

• •All data transmitted between your device and our servers is encrypted using TLS 1.3
• •Data at rest is encrypted using AES-256 encryption
• •Sensitive data is additionally encrypted at the application level

On-Device Processing

• •Facial analysis for Glow Scans happens entirely on your device using on-device AI models
• •Vital signs measurement uses your camera locally - video never leaves your device
• •Only numerical results (scores, metrics) are transmitted to our servers

Access Controls

• •Strict access controls limit employee access to user data
• •All access is logged and audited
• •Regular security assessments and penetration testing

Access Your Data

You can view all your data within the app. Go to Settings → Privacy → View My Data to see everything we store about you.

Export Your Data

Download a copy of all your data in a portable format. Go to Settings → Privacy → Export Data.

Delete Your Data

Permanently delete all your data from our servers. Go to Settings → Privacy → Delete Account. This action is irreversible and will be completed within 30 days.

Correct Your Data

Update or correct any inaccurate information in your profile settings or by contacting us.

Opt Out

• •Disable analytics tracking in Settings → Privacy → Analytics
• •Opt out of AI model training in Settings → Privacy → AI Training
• •Manage notification preferences in Settings → Notifications
• •Disable location for Shield in your device settings

Active Accounts

We retain your data for as long as your account is active and you continue to use CRRNCY Beauty.

Deleted Accounts

When you delete your account, we remove your personal data within 30 days. Some anonymized, aggregated data may be retained for analytics purposes.

Legal Requirements

We may retain certain data longer if required by law or for legitimate business purposes (e.g., fraud prevention, legal claims).

CRRNCY Beauty is operated from the United States. If you access our services from outside the US, your data may be transferred to and processed in the US or other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses where required.

CRRNCY Beauty is not intended for children under 13 years of age (or under 16 in the European Union). We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child, we will delete it promptly. If you believe a child has provided us with personal information, please contact us.

Your California Rights

• •Right to know what personal information we collect and how it's used
• •Right to delete your personal information
• •Right to opt out of the sale of personal information (we don't sell your data)
• •Right to non-discrimination for exercising your privacy rights

Categories of Information

In the past 12 months, we have collected: identifiers (name, email), wellness data, usage data, and device information. We have not sold any personal information.

Legal Basis for Processing

• •Contract: Processing necessary to provide our services to you
• •Consent: Where you have given explicit consent (e.g., marketing communications)
• •Legitimate Interests: Improving our services, security, and fraud prevention

Your GDPR Rights

• •Right of access to your personal data
• •Right to rectification of inaccurate data
• •Right to erasure ('right to be forgotten')
• •Right to restrict processing
• •Right to data portability
• •Right to object to processing
• •Right to withdraw consent at any time

Data Protection Officer

For GDPR-related inquiries, contact our Data Protection Officer at privacy@crrncybeauty.com.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the 'Last Updated' date. For significant changes, we may also send you an email notification. We encourage you to review this policy periodically.

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

• •Email: privacy@crrncybeauty.com
• •Mail: CRRNCY Beauty, Inc., [Address]
• •For security issues: security@crrncybeauty.com