Privacy Policy

Introduction

Bloom Skin (“we”, “us”, or “our”) is committed to protecting your privacy and ensuring that your personal data is handled responsibly and transparently.

Our mission is to empower individuals to understand, care for, and improve their skin health through AI-powered analysis and personalized insights. To deliver this experience, we collect and process certain data that allows us to provide accurate analyses, recommendations, and progress tracking — always under the strictest privacy standards and applicable laws, including the General Data Protection Regulation (GDPR) and Apple App Store Guidelines.

Data We Collect

We only collect data necessary to provide and improve Bloom Skin’s services. This may include:

a. Account and Profile Information

  • Email address or login method (e.g., Apple ID, Google).

  • Optional demographic information (age range, gender, skin type, goals).

b. Facial Images and Analysis Data

  • Images you upload or capture within the app for skin analysis.

  • Track progress and offer AI-based recommendations.

  • No biometric identifiers or facial recognition data are collected.

c.Usage Data

  • Interaction data (features used, frequency, in-app actions).

  • Device information (model, OS version, language, and region).

d. Cookies and Analytics

  • Anonymous usage patterns used for app improvement, crash analytics, and experience optimization.

Purpose of Data Collection

We use your data exclusively to:

  • Provide personalized skin health analyses and reports.

  • Track progress and offer AI-based recommendations.

  • Improve the accuracy of our algorithms and user experience.

  • Communicate essential updates, such as feature improvements or health insights.

  • Maintain security, prevent misuse, and ensure compliance with applicable regulations.

We never use personal or facial data for advertising, profiling, or sale to third parties.

Face Data and Image Processing

Bloom Skin uses advanced AI technology to analyze your facial images solely for skin health assessment.

  • Your image is transmitted securely (SSL-encrypted) to our processing provider Haut.AI, a GDPR-compliant partner specializing in dermatological AI analysis.

  • Haut.AI processes the image to extract non-identifiable parameters such as hydration, acne, pigmentation, and other surface indicators.

  • No facial recognition or identification is performed.

  • Only anonymized analysis results (e.g., “hydration: 72%”) are retained in your Bloom account to help you monitor progress.

  • Users can delete their stored results at any time within the app

Bloom Skin and Haut.AI maintain a strict Data Processing Agreement (DPA) that ensures your data is used only for the purpose of analysis and never shared or reused.

Data Sharing and Third Parties

We do not sell or rent user data. We only share limited data with trusted service providers that are essential for Bloom Skin’s operation and scaling:

Category

Partner

Purpose

Retention

AI Skin Analysis

Haut.AI (Estonia/EU)

Face image processing

Discretion of the user

Cloud Storage

Amazon Web Services (AWS)

Secure storage of anonymized data

Until user deletes account

Analytics

Google Firebase

Usage analytics, crash reporting

Aggregated only

Payment Processing

Apple In-App Purchases

Subscription management

Per Apple’s privacy rules

All partners operate under strict data protection agreements (GDPR Art. 28) and cannot use data for any independent purpose.

Data Retention


  • Facial images: Deleted immediately after AI analysis.

  • Analysis results: Retained securely in your user account until you delete them or close your account.

  • Account data: Retained for as long as the account remains active or required by law.

  • Backups: Encrypted and automatically deleted after 30 days.

You can delete your account and all related data at any time through the app or by contacting privacy@bloomskin.ai.

Legal Basis for Processing

We process your personal data under the following legal bases (GDPR Art. 6):

Consent (Art. 6(1)(a)): When you upload an image for skin analysis.

Contract (Art. 6(1)(b)): To provide the Bloom Skin service you request.

Legitimate Interest (Art. 6(1)(f)): For app improvement, analytics, and security.

You may withdraw your consent at any time without affecting the lawfulness of prior processing.

Data Security

We implement industry-leading technical and organizational measures to protect your data, including:

  • End-to-end encryption of transmitted images.

  • Encrypted databases (AES-256).

  • Access control and anonymization protocols.

  • Continuous monitoring and GDPR-aligned compliance audits.

International Data Transfers

If your data is transferred outside the European Economic Area (EEA), we ensure it is protected through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.

  • GDPR-compliant agreements with all third-party processors.

User Rights

You have the right to:

  • Access your data.

  • Rectify inaccurate information.

  • Request erasure (“Right to be Forgotten”).

  • Withdraw consent.

  • Request a copy of your data (portability).

  • File a complaint with a Data Protection Authority (DPA).

To exercise these rights, contact us at bloomskinai@gmail.com

Children’s Privacy

Bloom Skin is not intended for children under 16 years old. We do not knowingly collect data from minors. If we discover such data, we will delete it immediately.

Changes to This Policy

We may update this Privacy Policy as Bloom Skin grows and scales. Material updates will be notified in the app and via email. Continued use of the app after updates implies acceptance of the revised terms.

Contact Information

For any privacy-related questions or requests:
Email: bloomskinai@gmail.com