Privacy Policy
TwachaLens ("we", "us", "the App") is a skin analysis and skincare-routine app. This Privacy Policy explains what information we collect, how we use it, and your rights.
By using TwachaLens you agree to this policy.
1. Information we collect
Information you provide directly
- Account information — your name and email address when you sign up with email, Google, or Apple. If you sign in with Apple's "Hide My Email" option, we only see Apple's relay address.
- Profile content — optional information you add, such as a display name or routine details.
- Skin scan photos — photos you take or select for skin analysis. These are sent to our analysis service to compute scores and recommendations.
- Lifestyle entries — water, sleep, food, cycle, and routine logs you choose to record.
- Community posts and comments — text and any optional images you publish in the in-app community feed.
- Customer support correspondence — messages you send to twachalens@zohomail.com.
Information collected automatically
- Approximate location — derived from your IP address by a third-party geolocation service (ipapi.co) only to fetch local UV index and weather. We do not store your IP address or precise GPS location.
- Device-local app data — scan history, preferences, and routines are stored locally on your device using AsyncStorage. They are not uploaded unless you explicitly post them to the community feed.
Information we do NOT collect
- We do not collect precise GPS location.
- We do not access your contacts, calendar, microphone, or other media.
- We do not use third-party advertising or analytics SDKs.
- We do not sell or rent your personal information to anyone.
2. How we use your information
| Purpose | Data used |
|---|---|
| Create and authenticate your account | Email, name, Apple/Google ID |
| Run skin analysis | Skin scan photos (sent to our analysis service for processing) |
| Personalize recommendations and reminders | Scan results, lifestyle entries, preferences |
| Operate the community feed | Username, posts, comments, optional images |
| Show local UV index | Approximate (city-level) location |
| Communicate with you | Email address (support replies, important updates) |
| Comply with law and prevent abuse | Account information, reports of inappropriate content |
We do not use your data for advertising or to train third-party AI models.
3. Skin scan photos
Skin scan photos are the most sensitive data the app handles. We treat them carefully:
- Photos are sent over HTTPS to our analysis service (hosted on Railway) only at the moment you run a scan.
- The analysis service processes the photo to return numeric scores. We do not retain copies of your photos on the analysis service after the request completes.
- The analyzed photo is saved locally on your device alongside the scan record, so you can compare progress over time.
- Photos are never shared with the community feed unless you explicitly attach one to a post.
- When you delete a scan, or delete your account, the photo file is removed from your device.
4. Third-party services
TwachaLens relies on a small number of vendors. Each only receives the minimum data needed:
| Service | Data shared | Purpose |
|---|---|---|
| Google Firebase (Authentication & Firestore) | Email, name, community posts | Account auth, community storage |
| Google Sign-In | Email, name, profile picture | Optional sign-in |
| Apple Sign-In | Email (or relay), name | Optional sign-in |
| Skin analysis service (Railway) | Scan photo (transient) | Run the ML analysis and return results |
| Open-Meteo | Approximate coordinates | UV index / weather |
| ipapi.co | IP address (transient) | Approximate location for UV |
These vendors process data on our behalf under their own privacy and security commitments.
5. Data retention
- Account information and community posts — retained until you delete your account.
- Skin scans and lifestyle data — retained on your device until you delete the entry, clear your history, or delete your account.
- Photos sent to the analysis service — not retained after the request completes.
- Support correspondence — retained for up to 24 months.
6. Your rights
You can, at any time:
- Access your data — view your scans, posts, and routines inside the app.
- Correct your data — edit your profile and entries inside the app.
- Delete your data — delete individual scans or posts, clear your history, or delete your entire account from Settings → Account → Delete Account. Account deletion removes your scans, profile, and community posts, including photo files on your device.
- Withdraw consent — by signing out and deleting your account.
- Contact us — for any other request, email twachalens@zohomail.com.
If you are in the EU/UK, you also have the right to lodge a complaint with your data-protection authority. If you are in California, you have the rights described under the CCPA — including the right to know, delete, and opt out of sale (we do not sell personal information).
7. Children
TwachaLens is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us information, contact twachalens@zohomail.com and we will delete it.
8. Security
We use HTTPS for all data in transit and rely on Firebase's standard security model for stored data. No system is perfectly secure — please use a strong, unique password and protect access to your device.
9. International transfers
Our vendors (Google Firebase, Railway, Open-Meteo, ipapi.co) may process data in regions outside India. By using the app you consent to this transfer. We require vendors to apply appropriate safeguards.
10. Changes to this policy
We may update this policy when the app changes. The "Last updated" date at the top will reflect the latest revision. Material changes will be communicated in-app or by email.
11. Contact
Email: twachalens@zohomail.com
If you contact us, please include "Privacy" in the subject line so we can route it correctly.