Privacy Policy

1. Introduction

Lookist ("Lookist," "we," "us," "our") provides tools that analyze facial photos and generate appearance-related results, including metric scores, personalized routines, and progress tracking. This Privacy Policy explains what information we collect, how we use it, how we share it, and your rights and choices.

2. Information We Collect

Photos and image content you upload: front, left profile, and right profile images you choose to upload for AI facial analysis. Photos are stored securely on Cloudflare R2 with signed URLs that expire.

AI outputs and derived data: metric scores (15 individual metrics and an overall score out of 10), personalized routine recommendations, and progress data derived from your photos.

Onboarding and profile information: display name, gender, age, selected insecurities, goals, and commitment level — used to personalize your experience and seed your routine plan.

Usage data: routine completions, streak data, milestone achievements, score history, progress photo session timestamps, and app preferences (notifications, haptics, sound, motion).

Device and technical data: device model, operating system version, app version, language, and approximate location derived from IP address. Crash logs and diagnostic data may be collected to maintain app stability.

Subscription data: subscription status, plan type, and expiry date, managed through RevenueCat and Apple's App Store in-app purchase system. We do not store or process your payment card details.

Apple App Store payments: Payments and subscriptions are processed by Apple Inc. through the App Store's in-app purchase system. We do not have access to or store your payment card details. Apple may collect and process payment and billing information in accordance with its own Privacy Policy.

3. How We Use Your Information

• Provide core services: analyze uploaded photos, generate facial metric scores, build personalized routines, and track your progress.
• Personalize your experience: tailor routine recommendations based on your selected insecurities, goals, and gender.
• Maintain and improve the app: monitor performance, fix bugs, and improve reliability using diagnostic data.
• Safety and security: detect, prevent, and address fraud, abuse, or unauthorized access.
• Support and communications: respond to support requests and send service-related notices.

We do not sell your data. We do not use your photos for AI model training. We do not share your data with advertisers.

4. Face Data and AI Analysis

Lookist's core function is AI-powered facial analysis. This section explains exactly what face data we collect, how we use it, who we share it with, and how long we keep it.

What face data we collect: when you initiate analysis, you upload three photographs of your face — a front view, a left profile, and a right profile. We do not capture, compute, or store facial geometry, biometric templates, faceprints, FaceID-style mathematical representations, or any data that could be used to identify you across systems. The only outputs derived from your photos are numerical aesthetic scores (15 metrics rated 0–10) and a personalized routine recommendation.

How we use face data:

• To generate aesthetic metric scores (e.g., symmetry, jawline, skin clarity) for display in the app.
• To produce a personalized improvement plan (daily routine) based on those scores.
• To enable progress tracking by comparing scores across sessions over time.

We do not use your face data for advertising, marketing, AI model training, identification, surveillance, profiling, or any purpose other than providing your personal analysis within the app.

Who we share face data with and whether they store it:

(a) OpenRouter (API routing service). Your photos are sent to OpenRouter's API endpoint via HTTPS so they can be forwarded to the AI model for analysis. OpenRouter does not store your face photos. Photos exist in OpenRouter's systems only for the duration of the API request (typically a few seconds) and are discarded once the response is returned. OpenRouter acts as a pass-through router and does not retain, copy, or use your photos for any purpose beyond routing the request. OpenRouter's privacy practices are described in their privacy policy.

(b) Google (Google Gemini AI model, accessed via OpenRouter). Your photos are processed by Google's Gemini AI model to generate the 15 metric scores and overall score displayed in the app. Google does not store your face photos submitted through the Gemini API. Under Google's API data usage policy, data submitted through paid API calls is not used for model training and is not retained after processing is complete. Photos are held in memory only for the seconds required to generate a response, then discarded. Google returns only numerical scores and text feedback — no copies of your photos are kept. Google's data practices for the Gemini API are described in the Gemini API Terms of Service and the Gemini API Data Usage Policy.

(c) Cloudflare R2 (object storage provider). Cloudflare R2 does store your face photos. We use Cloudflare R2 as our cloud storage service to keep your uploaded photos at rest. Cloudflare R2 stores your face photos because this is where your photos are kept so you can view them, compare progress across sessions, and track changes over time — this is a core feature of the app. Photos are encrypted in transit (TLS) and at rest. Access is controlled via signed URLs that expire and cannot be reused. Retention period: your photos are stored on Cloudflare R2 for as long as your account is active, because the progress tracking feature requires access to your historical photos to show how your scores change over time. When you delete an individual photo session, it is permanently removed from Cloudflare R2 immediately. When you delete your account, all photos are permanently deleted from Cloudflare R2 within 30 days. Unclaimed onboarding drafts (where you uploaded photos but did not complete account creation) are automatically deleted from Cloudflare R2 after 7 days. Cloudflare processes your data solely as a data processor under our instructions and does not access, view, or use your photos for any independent purpose. Cloudflare's privacy practices are described in their privacy policy.

(d) Convex (application database). Convex stores your metric scores, routine data, and account metadata — not your photos. Scores are stored for as long as your account is active to power your dashboard, progress charts, and history. All data is permanently deleted when you delete your account. Convex operates US data centers and acts as a data processor under our instructions.

We do not share face data with advertisers, data brokers, or any other third parties beyond those listed above.

Where face data is stored: photos are encrypted in transit (TLS) and at rest on Cloudflare R2, accessed via signed URLs that expire and cannot be reused. Metric scores and routine data are stored in Convex (US data centers). No copies of your photos are stored by OpenRouter or Google — they process photos transiently and discard them.

How long we retain face data:

• Photos on Cloudflare R2: retained as long as your account is active so you can view your progress over time. Photos are stored for this duration because the app's progress tracking feature requires historical photos to show score changes across sessions. You may delete individual photo sessions at any time from within the app, which permanently removes them from Cloudflare R2.
• Scores and metrics on Convex: retained as long as your account is active to power your dashboard and progress charts.
• Photos at OpenRouter and Google: not retained. Photos are processed in memory for the seconds required to generate scores, then immediately discarded.
• Account deletion: when you delete your account from Profile → Account → Delete Account, all photos are permanently deleted from Cloudflare R2 and all scores and metadata are permanently deleted from Convex within 30 days.
• Unclaimed onboarding drafts: if you upload photos during onboarding but do not complete account creation, photos are automatically deleted from Cloudflare R2 after 7 days.

This is not biometric identification. Lookist does not perform facial recognition, build biometric templates, or use your face data to identify you across services or sessions. The metric scores are subjective aesthetic estimates produced by a generative AI model — they are entertainment outputs, not biometric measurements within the meaning of laws such as the Illinois Biometric Information Privacy Act (BIPA) or GDPR Article 9. They are not medical diagnoses or identity assertions.

Your control: you can delete photos individually or delete your entire account at any time from Profile → Account in the app. Account deletion permanently removes all photos, scores, routines, and personal data from our systems.

5. How We Share Information

• AI service provider (Google Gemini) to process facial analysis requests.
• Infrastructure providers for hosting (Convex), photo storage (Cloudflare R2), and subscription management (RevenueCat).
• Apple for payment processing and subscription billing via App Store.
• Legal and safety reasons: to comply with applicable law, respond to valid legal processes, or protect the rights and safety of Lookist and its users.
• Business transfers: in the event of a merger, acquisition, or asset sale, your data may be transferred as part of that transaction.

6. Data Retention

Uploaded photos: retained as long as your account is active or as needed to provide progress tracking. You can delete individual photo sessions at any time.

AI outputs (scores, metrics): retained to display your score history and progress. Deleted when you delete your account.

Onboarding and profile data: retained while your account is active. Deleted or anonymized upon account deletion.

Onboarding drafts: unclaimed drafts (started but not completed onboarding) are automatically deleted after 7 days.

Logs and diagnostics: retained for limited periods (up to 90 days) for security and product improvement, then deleted.

You may request deletion of your data or account at any time through the app's Profile tab or by contacting [email protected].

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your account and all associated data
• Withdraw consent for AI processing
• Object to or restrict processing
• Data portability (export your data in a machine-readable format)
• Opt out of experimental routine recommendations

To exercise your rights, use the in-app Profile settings or contact [email protected].

8. Legal Bases for Processing (EEA/UK)

If you are in the European Economic Area or United Kingdom, we process your data under the following legal bases:

• Performance of a contract: to provide the services you signed up for (analysis, routines, tracking).
• Consent: for processing your photos through third-party AI providers. You can withdraw consent at any time.
• Legitimate interests: to maintain, improve, and secure the app.
• Legal obligations: to comply with applicable laws and regulations.

9. International Transfers

Your data may be processed in countries outside your country of residence, including the United States. Where data is transferred internationally, we ensure appropriate safeguards are in place in accordance with applicable data protection laws.

10. Children's Privacy

Lookist is not intended for individuals under the age of 13. We do not knowingly collect personal data from children under 13. If we learn that we have collected personal data from a child under 13, we will take steps to delete that data promptly. If you believe a child under 13 has provided us with personal data, please contact [email protected].

The app is rated 17+ on the App Store due to face/body image analysis content and references to experimental pharmaceutical compounds in routine information.

11. Cookies and Website Tracking

Our website (lookist.app) may use cookies or similar technologies for analytics and performance monitoring. We do not use cookies for advertising. You can control cookies through your browser settings. The Lookist iOS app does not use cookies.

12. Security

We use reasonable technical and organizational measures to protect your information, including encryption in transit (TLS) and at rest, signed URLs with expiration for photo access, and Apple's secure Sign-In framework for authentication. However, no method of transmission or storage is completely secure.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top will reflect the most recent revision. Material changes will be communicated through the app before they take effect.

14. Contact

For privacy-related inquiries, contact us at:

Email: [email protected]