Privacy Policy
Introduction
Bloom Skin (“we”, “us”, or “our”) is committed to protecting your privacy and ensuring that your personal data is handled responsibly and transparently.
Our mission is to empower individuals to understand, care for, and improve their skin health through AI-powered analysis and personalized insights. To deliver this experience, we collect and process certain data that allows us to provide accurate analyses, recommendations, and progress tracking while maintaining the highest privacy standards and complying with applicable regulations, including the General Data Protection Regulation (GDPR) and Apple App Store privacy guidelines.
Data We Collect
We only collect data necessary to provide and improve Bloom Skin’s services. This may include:
a. Account and Profile Information
Email address or login method (for example Apple ID or Google), provided directly by the user during account registration or sign-in.
Optional demographic information such as age range, gender, skin type, or skincare goals may be voluntarily provided by the user through onboarding questionnaires or profile settings within the app.
This information helps personalize recommendations and tailor the user experience.
b. Facial Images and Analysis Data
Images are captured through the in-app skin scanning feature using the device camera, or voluntarily uploaded by the user for skin analysis.
These images are used exclusively to perform AI-powered skin analysis and generate insights regarding skin conditions such as hydration, acne, pigmentation, texture, and other visible skin indicators.
Bloom Skin does not perform facial recognition and does not attempt to identify users through their facial images.
c. Usage Data
Interaction data such as features used, frequency of use, and in-app actions is automatically collected during the use of the Bloom Skin application.
Device information including device model, operating system version, language, and region may also be automatically collected when the app is used.
This information helps us understand how the app is used and allows us to improve performance and user experience.
d. Cookies and Analytics
Anonymous usage patterns are automatically collected through analytics tools such as Google Firebase.
These analytics tools help us monitor app performance, detect crashes, understand feature usage, and improve the overall user experience. This data is aggregated and cannot be used to identify individual users.
Purpose of Data Collection
We use your data exclusively for the following purposes:
Providing personalized skin health analyses and reports.
Track progress and offer AI-based recommendations.
Improve the accuracy of our algorithms and user experience.
Communicate essential updates, such as feature improvements or health insights.
Maintain security, prevent misuse, and ensure compliance with applicable regulations.
We never use personal or facial data for advertising, marketing profiling, or sale to third parties.
Facial images are used exclusively to generate skin analysis results.
Face Data Collection and Processing
This section explains how facial images are captured, transmitted, processed, and protected when using Bloom Skin’s skin scan feature.
When a user performs a skin scan inside the Bloom Skin app, a facial image is captured using the device camera.
This facial image is securely transmitted to our AI processing partner Haut.AI, a dermatological AI technology provider based in Estonia within the European Union.
The image is transmitted solely for the purpose of generating skin analysis results. The image is never used to identify the user or build biometric identifiers.
Haut.AI analyzes the image to extract non-identifiable skin parameters such as hydration levels, acne indicators, pigmentation markers, pores, wrinkles, and other visible skin characteristics.
Haut.AI does not perform facial recognition and does not attempt to identify the individual in the image.
The facial image is transmitted using encrypted connections (SSL/TLS) and is processed only for the duration required to generate the analysis results.
Facial images are not stored permanently by Bloom Skin.
Only anonymized skin analysis results (such as hydration scores or acne indicators) are returned to Bloom Skin and stored in the user's account to allow skin progress tracking over time.
Bloom Skin and Haut.AI operate under a strict Data Processing Agreement (DPA) and comply with applicable GDPR data protection regulations.
Users may delete their stored results at any time within the app or by contacting our support team.
Data Sharing and Third Parties
We do not sell, rent, or trade user data.
Bloom Skin only shares limited information with trusted service providers that are necessary to operate the app and deliver its core features.
These service providers include:
Haut.AI (Estonia, European Union)
Processes facial images submitted during the skin scan to generate AI-powered skin analysis results on behalf of Bloom Skin.
Amazon Web Services (AWS)
Provides secure cloud infrastructure and encrypted storage used by the Bloom Skin platform.
Google Firebase
Used for analytics, performance monitoring, and crash reporting to improve the app experience.
Apple In-App Purchases
Handles subscription payments and billing through Apple’s secure payment system.
All partners operate under strict GDPR-compliant data protection agreements and cannot use user data for their own independent purposes.
All third-party service providers are contractually required to provide the same or an equivalent level of personal data protection as described in this Privacy Policy, in accordance with Article 28 of the General Data Protection Regulation (GDPR).
Data Retention
Facial images are deleted immediately after the AI analysis process is completed.
Skin analysis results may be securely stored in the user's Bloom account to allow progress tracking over time.
Account information is retained for as long as the user account remains active or as required by law.
Encrypted backups may be stored temporarily for system security and are automatically deleted after 30 days.
Users may delete their account and all associated data at any time through the app or by contacting support.
Legal Basis for Processing
We process personal data based on the following legal grounds under GDPR Article 6:
Consent: when users upload images or provide optional profile information.
Contractual necessity: to provide the Bloom Skin service requested by the user.
Legitimate interest: to improve product functionality, analytics, and security.
Users may withdraw their consent at any time without affecting the lawfulness of previous processing.
Data Security
We implement strong technical and organizational measures to protect your information, including:
Encrypted transmission of images and data.
Secure cloud infrastructure and encrypted databases.
Access controls and internal data protection protocols.
Continuous monitoring and GDPR-aligned compliance practices.
Facial images are processed temporarily for analysis purposes and are deleted after the analysis process is completed.
International Data Transfers
If personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:
Standard Contractual Clauses approved by the European Commission.
GDPR-compliant agreements with all third-party service providers.
User Rights
Users have the right to:
Access their personal data.
Correct inaccurate information.
Request deletion of their data.
Withdraw consent.
Request a copy of their data.
File a complaint with a Data Protection Authority.
Requests can be made by contacting:
Children’s Privacy
Bloom Skin is not intended for children under the age of 16.
We do not knowingly collect personal data from minors. If such data is discovered, it will be deleted immediately.
Changes to This Policy
We may update this Privacy Policy as Bloom Skin evolves.
If significant changes occur, users will be notified through the app or by email. Continued use of the app after updates indicates acceptance of the revised policy.
Contact Information
For any privacy-related questions or requests:
Email: marketing@bloomskin.ai