Privacy Policy for Skinory

Effective Date: Jun 2026

Skinory ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application ("App") on iOS devices.

By using Skinory, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our App.

1. Our Privacy Commitment

2. Information We Collect

2.1 Information You Provide Directly

When you use Skinory, you may provide the following information, all of which is stored locally on your device:

Skin Profile Information:

• Skin type (dry, oily, combination, normal, sensitive)
• Skin concerns (acne, anti-aging, redness, pigmentation, texture, etc.)
• Sensitivity level (low, medium, high)
• Budget tier preference
• Birth year (optional, used only for age-appropriate skincare guidance)

Skincare Routine Data:

• AM and PM routine configurations (step types, product names, active ingredients)
• Daily routine completion logs and adherence data
• Routine streak and milestone records

Skin Diary Entries:

• Daily skin metrics (hydration, oiliness, breakout count, irritation level)
• Lifestyle factors (mood, sleep hours, stress level, cycle day)
• Weather/season notes and free-text observations

Product Information:

• Product names, brands, and categories you choose to log
• Ingredient lists (INCI text) you choose to enter or scan
• Period After Opening (PAO) dates and product usage status

Progress Photos:

• Photos you choose to import from your photo library for skin progress tracking
• Photos are stored locally in the App's private storage directory on your device
• Photos are never uploaded, transmitted, or shared with us or any third party

2.2 Information Collected Automatically

Local Analytics Events:

• The App records basic usage events (e.g., feature accessed, routine completed) locally on your device
• These analytics events are stored in the on-device database and are never transmitted to any server
• They are used solely for local features such as the 30-Day Change Report

No Remote Data Collection:

• We do not collect device identifiers, IP addresses, or location data
• We do not use third-party analytics, advertising, or tracking SDKs
• We do not collect crash reports or diagnostics remotely

2.3 Camera Access

Barcode Scanner:

• We request camera permission solely to enable barcode scanning of skincare products
• Camera data is processed locally and in real-time to detect barcodes
• No images or camera data are recorded, stored, or transmitted

2.4 Photo Library Access

• We request photo library access to allow you to import progress photos
• We only access photos you explicitly select through the system photo picker
• We do not browse, scan, or access other photos in your library
• Imported photos are copied to the App's private storage and are never uploaded

3. How We Use Your Information

3.1 To Provide App Functionality

• Generate personalized skincare routines based on your skin profile
• Track your daily routine completion and calculate streaks
• Analyze ingredient compatibility between your products
• Display skin diary trends and generate 30-Day Change Reports
• Look up scanned product barcodes against the bundled product catalog
• Send local notification reminders for your routines and product expiry

3.2 All Processing Is Local

• All data processing, analysis, and computation occurs entirely on your device
• Routine generation, ingredient compatibility checks, and streak calculations are performed by on-device algorithms
• No data is sent to remote servers for processing

4. Data Storage and Security

4.1 Local Storage

All user data is stored exclusively on your device:

• Structured data (profile, routines, logs, diary entries, products, milestones) is stored using Apple's SwiftData framework (backed by an on-device SQLite database)
• Progress photos are stored as JPEG files in the App's private Application Support directory
• No data is stored on external servers, cloud services, or third-party databases

4.2 Data Security

• Data is protected by iOS's built-in sandboxing and encryption features
• The App's private storage is inaccessible to other apps
• If your device has a passcode or biometric lock, your data is encrypted at rest by iOS
• We do not collect or store passwords, authentication tokens, or credentials

4.3 Data Retention

• Your data is retained on your device for as long as the App is installed
• You can delete all data at any time from Settings within the App
• When you delete the App, all locally stored data — including the database and progress photos — is removed by iOS
• We do not retain copies of your data because we never receive it

5. Data Sharing and Disclosure

5.1 We Do Not Sell Your Data

We do not sell, trade, rent, or share your personal information with any third party. We cannot do so because your data never leaves your device.

5.2 Limited Third-Party Interaction

Apple Services:

• In-app purchase and subscription transactions are processed by Apple through StoreKit
• We receive only subscription status confirmation (active/inactive) from Apple
• We do not have access to your payment information (handled entirely by Apple)

Legal Requirements:

• We may disclose information if required by law or legal process
• In practice, since we do not collect or store your data on our servers, we have no data to disclose

5.3 No Third-Party Services

• We do not use third-party analytics services
• We do not use advertising networks or ad SDKs
• We do not integrate with social media platforms
• We do not use crash reporting services
• We do not use push notification services (notifications are local only)

6. Your Rights and Choices

6.1 Access and Control

Because all data is stored on your device, you have full control at all times:

Profile and Data:

• View and edit your skin profile in Settings
• Add, edit, or delete routines, products, diary entries, and photos at any time
• View all your data directly within the App — nothing is hidden on remote servers

Permissions:

• Grant or revoke camera permission in iOS Settings at any time
• Grant or revoke photo library permission in iOS Settings at any time
• Grant or revoke notification permission in iOS Settings at any time

6.2 Data Deletion

• Use "Delete All Data" in the App's Settings to erase all data while keeping the App installed
• Or delete the App from your device — iOS automatically removes all associated data
• Deletion is immediate and complete because no data exists on external servers

6.3 Data Export

• The App provides a shareable 30-Day Change Report that you can export as an image
• A full data export feature is planned for a future update

6.4 User Privacy Choices

To exercise your privacy choices or ask questions about our practices, contact us via the contact form or the details in Section 14. Since we do not collect data on our servers, all data is under your direct control on your device.

7. Children's Privacy

Skinory is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. Since all data is stored locally and we do not collect any data remotely, there is minimal risk. However, if you are a parent or guardian with concerns, please contact us.

8. In-App Purchases and Subscriptions

8.1 Subscription Services

Skinory offers premium subscriptions through Apple's App Store:

• Monthly subscription
• Annual subscription

8.2 Payment Processing

• All payments are processed by Apple through StoreKit
• We do not collect, store, or have access to your payment information
• Subscription management is handled through Apple's systems
• You can manage subscriptions in iOS Settings → Apple ID → Subscriptions

8.3 Subscription Data

• Subscription status is verified through Apple's StoreKit API on your device
• We only check whether you have an active subscription locally
• We do not store payment details, transaction IDs, or purchase history on any server

9. Skincare Guidance Disclaimer

Skinory provides general, educational information about cosmetic ingredients and skincare routines. The ingredient compatibility analysis, routine suggestions, and skin diary features are for informational purposes only.

• The App is not a medical device and does not provide medical advice
• Routine and ingredient recommendations are based on general cosmetic science guidelines, not a diagnosis
• If you have a skin condition or experience a reaction, consult a healthcare professional or dermatologist

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the updated Privacy Policy at this URL
• Updating the "Last Updated" date at the top of this policy
• For material changes, we may provide additional notice within the App

Your continued use of the App after any changes constitutes acceptance of the updated Privacy Policy.

11. International Users

Skinory is operated from Germany. Since all data is stored locally on your device and we do not transfer data to any server, there is no cross-border data transfer. Your data remains on your device regardless of your location.

By using the App, you agree to this Privacy Policy.

12. California Privacy Rights (CCPA)

If you are a California resident, you have certain rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You can request information about what personal information we collect. Since all data is local, you can view it directly in the App.
• Right to Delete: You can delete all your data at any time from the App's Settings.
• Right to Opt-Out: We do not sell personal information.

13. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have the following data protection rights. Because Skinory stores all data locally on your device and we do not collect or process your data on any server, you can exercise most of these rights directly within the App:

• Right to Access: View all your data within the App
• Right to Rectification: Edit your profile, routines, products, and diary entries at any time
• Right to Erasure: Delete all data from Settings or by deleting the App
• Right to Restrict Processing: Revoke permissions (camera, photos, notifications) in iOS Settings
• Right to Data Portability: Export your 30-Day Change Report; full export coming soon
• Right to Object: You can stop using the App at any time

For GDPR-related inquiries, please contact us through the contact form below with "GDPR Inquiry" in the subject line.

14. Contact Us

We will respond to your inquiry within a reasonable timeframe.

15. Consent

By using Skinory, you consent to:

• The local storage and processing of your skincare data on your device
• Camera access for barcode scanning (when you grant permission)
• Photo library access for progress photos (when you grant permission)
• Local notification delivery for routine and product expiry reminders (when you grant permission)