Back to home

Privacy Policy

Last updated: June 15, 2026

1. Introduction

Aura ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our AI-powered skincare analysis service.

2. Information We Collect

  • Account Information: Email address, name, and password (encrypted) when you create an account.
  • Selfie Photos: High-resolution facial photographs you voluntarily submit for skin analysis. These are processed by our AI system for cosmetic evaluation only.
  • Skin Profile Data: Responses to our skin questionnaire including age range, skin type, allergies, goals, lifestyle factors, and budget preferences.
  • Usage Data: How you interact with the app, including routine adherence, feedback ratings, and product reviews.

3. How We Use Your Information

  • To analyze your skin using AI and provide personalized cosmetic skincare recommendations.
  • To generate and adapt skincare routines based on your analysis results and feedback.
  • To improve our AI models and recommendation algorithms over time.
  • To communicate important updates about your account or our service.

4. Photo Handling

Your photos are treated with the highest level of care:

  • Photos are encrypted in transit (TLS 1.3) and at rest (AES-256).
  • Photos are stored in private, access-controlled storage buckets accessible only to you.
  • EXIF metadata (including GPS location) is stripped before storage.
  • Photos are automatically deleted 30 days after analysis, unless you choose a different retention period.
  • Photos are never shared with third parties, used for advertising, or sold.

5. AI Processing Disclosure

Your selfie photos are processed by Google's Gemini Vision AI model to generate skin analysis results. This processing occurs server-side via secure API calls. The AI evaluates cosmetic attributes such as skin type, texture, tone, and hydration levels. No data is retained by the AI provider beyond the processing request.

6. Data Retention

  • Account data: Retained for as long as your account is active.
  • Photos: Automatically deleted 30 days after analysis (configurable in settings).
  • Analysis results: Retained to provide your skin journey history. Deleted when you delete your account.
  • Feedback data: Retained to improve your recommendations. Deleted when you delete your account.

7. Your Rights

You have the right to:

  • Access: Download all data we hold about you.
  • Rectification: Update or correct your personal information.
  • Deletion: Delete your account and all associated data at any time.
  • Portability: Export your data in a machine-readable format.

8. Third-Party Sharing

We do not sell, rent, or share your personal data with third parties for marketing purposes. Data is only shared with:

  • Supabase: Our database and authentication provider, for storing your account and analysis data securely.
  • Google Gemini AI: For processing skin analysis requests. No data is retained by Google beyond the request.

9. Security

We implement industry-standard security measures including TLS encryption for all data in transit, AES-256 encryption at rest, row-level security policies on all database tables, and time-limited signed URLs for photo access. We conduct regular security reviews and follow privacy-by-design principles.

Important: Not Medical Advice

Aura provides cosmetic guidance only and is not a substitute for professional medical advice, diagnosis, or treatment. Our AI analyzes visible cosmetic attributes of your skin and should not be relied upon for medical decisions. If you have concerns about a skin condition, please consult a qualified dermatologist or healthcare professional.

10. Contact

If you have questions about this Privacy Policy or your data, please contact us at privacy@aura-skin.app.