Privacy Policy for Glancely

Last updated: November 12, 2025

Glancely ("Glancely", "we", "us", or "our") provides a mobile application that lets you preview hairstyles and hair colors using AI (the "App" or "Service").

We care a lot about privacy and face data. This Privacy Policy explains what we (and our partners) collect, how we use it, and what choices you have.

By using Glancely, you agree to this Privacy Policy.

1. What We Do (and Don't) Collect

1.1 User Content: Photos and Facial Data (Sensitive Data)

Definition: "User Content" refers to any photos, images, or visual content you upload or capture through Glancely. This includes photos containing your face and is treated as sensitive personal data subject to the highest privacy protections.

We do NOT store your User Content (photos) on our backend servers. All User Content is processed transiently and stored only on your device.

Facial Analysis for Style Recommendations

When you first use Glancely, you may choose to upload a photo for facial analysis to receive personalized hairstyle recommendations based on your face shape.

How it works:

• You upload a photo of yourself
• Our AI analyzes your face shape to recommend suitable hairstyles
• Your photo is NOT stored on our backend servers
• The facial analysis results are NOT stored on our backend servers
• The analysis results are stored only on your device using secure, private local storage (SwiftData and CoreData)
• This data never leaves your device and is accessible only by you

Hairstyle Try-On Features

When you try on a specific hairstyle or request AI-generated suggestions:

How it works:

• You upload or capture a photo of yourself
• Your photo is sent securely to our AI service providers (OpenRouter, which routes to models from OpenAI, Google Gemini, or Anthropic) to generate the hairstyle transformation
• Your input photo is NOT stored on our backend servers
• The generated output image is NOT stored on our backend servers
• Both input and output exist only temporarily in memory during processing (typically seconds)
• After processing, the transformation result is sent back to your device and immediately deleted from our systems

Local Storage on Your Device

If you choose to save a hairstyle result:

• Saved images are stored exclusively on your device using SwiftData and CoreData
• This local storage is secure, private, and encrypted by iOS
• We do NOT have access to your saved images
• If you enable iCloud backup on your device, Apple may back up this data to your personal iCloud account (subject to Apple's privacy policy)

Complete Data Deletion

You can delete ALL your data at any time by simply uninstalling the Glancely app from your device. Because all User Content and facial analysis data is stored locally using SwiftData/CoreData, deleting the app removes all associated data permanently. There is no backend data to delete.

What We Do NOT Do

We do not:

• Store your User Content (photos) on our backend servers
• Build or store biometric templates or facial recognition signatures
• Use facial analysis for identity verification or authentication
• Sell, rent, or monetize your photos
• Use your photos to train our own AI models or any AI models
• Share your photos with advertisers or third-party marketers
• Create a database or permanent archive of user photos

In summary: Your User Content is treated as sensitive personal data. Photos are processed transiently for the sole purpose of generating your requested transformation, then immediately deleted from our systems. All persistent storage is local on your device under your control.

2. Information You Provide

2.1 Account and Authentication Data

If you sign in (e.g. via Firebase Authentication):

• Email address
• A pseudonymous user identifier (UID)
• Basic profile info (name, avatar) if you choose to share it

This data is stored via Firebase (Google) and used to:

• Let you access your account,
• Sync purchases/credits across devices,
• Prevent abuse and fraud.

Firebase encrypts data in transit and at rest and is certified under standards such as ISO 27001 and SOC 2. View Firebase Privacy Policy

2.2 Subscription & Purchase Data

We use the App Store's in-app purchase system and a third-party subscription infrastructure provider (such as RevenueCat) to manage subscriptions.

From these providers we receive:

• Which product you purchased (e.g. weekly / monthly / yearly),
• Subscription status (active, cancelled, in trial),
• Renewal dates and transaction identifiers (not full payment details).

Payments are handled by Apple directly; we never see your full card number. RevenueCat processes subscription data as our processor. View RevenueCat Privacy Policy

2.3 Onboarding Answers & Hair Profile

During onboarding and later settings, you may answer questions such as:

• Gender / style preference
• Hair length, texture, color
• Hair goals (grow, maintain length, go shorter)
• Color rules (natural vs bold, etc.)
• Pain points (e.g. "too flat", "too frizzy")

We use these answers to:

• Build a personalized hair profile,
• Recommend suitable cuts and colors,
• Improve future recommendations in the app.

We do not sell or share these answers with advertisers.

2.4 Support & Communication

If you email us or contact support, we'll process:

• Your email address,
• The content of your message.

This is used only to respond and keep a record of support.

3. Automatic Data We Collect (Anonymized Analytics)

To understand how the app is used and to keep it running, we may collect anonymized and aggregated usage data. This data does NOT include your User Content (photos) or any personally identifiable information.

Analytics data collected (anonymized):

• Device type, OS version, language, region
• App version
• Approximate usage events (e.g. "onboarding completed", "first try-on completed", "paywall shown")
• Subscription status (to compare behavior of subscribers vs non-subscribers)

Important: Analytics data is anonymized and aggregated. We cannot identify individual users from this data. Analytics providers do NOT receive your User Content (photos), facial data, or any sensitive personal information.

We may use providers like Firebase Analytics or other analytics tools to collect aggregated, non-sensitive usage events. Firebase encrypts data in transit and at rest and is certified under major privacy standards.

What we do NOT collect:

• Your User Content (photos) in analytics
• Facial analysis results in analytics
• Precise GPS location
• Contacts, SMS, or call logs
• Browsing history
• Any data that can personally identify you in analytics

4. AI Processing via Third-Party Providers

We use third-party AI service providers to generate hairstyle transformations. These providers process your User Content transiently and do not use it to train AI models.

4.1 What We Send to AI Providers

When you request a hairstyle or color try-on, we send:

• Your User Content (input photo)
• A text prompt describing the desired hairstyle, color, and styling context

Processing is transient only: Your photo exists in the AI provider's systems only during active processing (typically seconds), then is immediately deleted.

4.2 AI Service Providers We Use

We use the following AI service providers:

OpenRouter (AI routing service):

• Acts as a routing layer to access multiple AI model providers
• Does not store your User Content or prompts by default
• Stores only limited request metadata (model used, token counts, timestamps) for billing
• We configure our integration to disable prompt and image logging
• View OpenRouter Privacy Policy | Privacy Documentation

OpenRouter routes requests to these AI model providers:

OpenAI:

• According to OpenAI's privacy policy, they do not use data submitted via their API to train their models
• View OpenAI Privacy Policy | API Data Usage Policy

Google (Gemini):

• According to Google's privacy policy, they do not use content processed through Gemini API to train their models
• View Google Privacy Policy | Gemini API Terms

Anthropic (Claude):

• According to Anthropic's privacy policy, they do not use API data to train their models
• View Anthropic Privacy Policy | Commercial Terms

4.3 Our Commitment to Your Privacy

Important: We do not use your User Content to train AI models.

Your User Content and account information are used solely to provide you with the Services.

According to the stated policies of our AI service providers (OpenAI, OpenRouter, Google Gemini, and Anthropic), they do not train on user data processed through their APIs. We explicitly configure our integrations to opt out of any data training or retention wherever such options are available.

While we select providers based on their privacy commitments and configure our integrations for maximum privacy, each provider operates under its own privacy policy and terms of service. We encourage you to review the linked privacy policies above for complete details.

5. How We Use Your Information

5.1 How We Use Your User Content (Photos)

User Content is used for ONE PURPOSE ONLY: to generate the hairstyle transformation you request.

Specifically:

• Facial analysis: to determine your face shape and recommend suitable hairstyles
• Hairstyle try-on: to generate AI-powered hairstyle and color transformations
• Display results: to show you the generated previews

We do NOT use your User Content for:

• Training AI models (ours or third-party)
• Building databases or archives
• Marketing or advertising
• Analytics or research
• Any purpose other than generating your requested transformation

5.2 How We Use Other Information

We use non-photo information (account data, usage analytics, preferences) to:

Provide core functionality:

• Enable personalized style recommendations (based on face shape analysis stored locally on your device),
• Maintain your subscription and credits,
• Sync your preferences across devices.

Improve the product:

• Analyze aggregated usage patterns,
• Measure onboarding and feature performance,
• Fix bugs and crashes.

Communicate with you:

• Respond to support requests,
• Send important updates about the App (e.g. changes to terms, critical issues).

We do not sell your personal data, User Content, facial analysis data, or hair profile to third parties.

6. Legal Bases (EEA/UK users)

If you are in the EU/EEA or UK, we process your data under one or more of the following legal bases:

• Contract – to provide the App and related services you request.
• Legitimate interests – such as improving the app, preventing fraud, and securing our services, where these interests are not overridden by your rights.
• Consent – for optional analytics, marketing, or where required by law.

You can withdraw consent at any time (for example, by disabling certain analytics or uninstalling the app).

7. Data Retention

Backend Server Retention

On our backend servers, we retain:

• Account & subscription data: As long as your account or subscription is active and for a reasonable period thereafter for legal, tax, and anti-fraud purposes.
• Support communications: As long as needed to handle the request and maintain records.
• Usage analytics (anonymized): In aggregated, anonymized, and pseudonymous form for as long as necessary to analyze trends and improve the product. This data does NOT include User Content (photos) or personally identifiable information.

User Content (Photos and Facial Data) Retention

We do NOT retain your User Content on our backend servers.

User Content retention policy:

• During processing: Exists transiently in memory during active AI processing (typically 5-30 seconds), then immediately deleted
• After processing: 0 days retention on our backend servers - your photos are deleted immediately after the transformation is generated and sent to your device
• Facial analysis results: NOT stored on our backend servers - stored only locally on your device
• On your device: Stored indefinitely if you choose to save results, using SwiftData and CoreData (secure, private, local storage)
• Third-party AI providers: Processed transiently only, not stored per their privacy policies

Complete Data Deletion

You have complete control over your data:

• Delete saved looks within the app at any time
• Uninstall the app to permanently delete all local data (User Content, facial analysis results, saved looks, preferences)
• Because User Content is not stored on our backend, there is no backend data to delete
• Account data can be deleted by contacting us at [email protected]

8. Data Sharing

8.1 User Content (Photos) Sharing

Your User Content (photos and facial data) is shared ONLY with AI service providers for transient processing:

• AI providers (OpenRouter, OpenAI, Google Gemini, Anthropic) - to generate hairstyle transformations
  • Shared: Your input photo and text prompts
  • Purpose: Generate the requested hairstyle transformation
  • Duration: Transient processing only (seconds), then deleted
  • Storage: NOT permanently stored by these providers per their privacy policies
  • Training: NOT used to train AI models per their stated policies

Your User Content is NOT shared with:

• Firebase (does not receive photos)
• RevenueCat (does not receive photos)
• Analytics providers (does not receive photos)
• Advertisers or marketing companies
• Data brokers or aggregators
• Any party for purposes other than generating your requested transformation

8.2 Other Information Sharing

We share non-photo information (account data, usage analytics, preferences) with:

• Service providers acting on our behalf:
  • Firebase (Google) - authentication, database, analytics | Privacy Policy
  • RevenueCat - subscription infrastructure and purchase validation | Privacy Policy
  • Analytics tools - to measure aggregated usage and performance
• Apple (App Store) - for purchases and billing, governed by Apple's terms and privacy policy
• Authorities or legal entities - if required by law or to protect our rights, safety, or property

We do not share your User Content (photos), personal information, or facial analysis data with advertisers, data brokers, or third-party marketers.

9. Children's Privacy

Glancely is not intended for children under 13 and we do not knowingly collect personal data from children under 13.

If you believe a child has provided us personal data, please contact us and we will delete it.

10. Your Rights

Depending on your location, you may have rights such as:

• Access the personal data we hold about you,
• Request correction or deletion,
• Object to or restrict certain processing,
• Request a copy of your data in a portable format.

To exercise these rights, contact us at the email below.

We may need to verify your identity before fulfilling your request and may keep limited information as required by law.

If you are in the EU/EEA/UK, you also have the right to lodge a complaint with your local data protection authority.

11. Security

We use reasonable technical and organizational measures to protect your data, including:

• Encryption in transit (HTTPS),
• Secure storage provided by trusted cloud providers like Firebase,
• Access controls and limited internal access.

No method of transmission or storage is 100% secure, but we work to keep your data as safe as reasonably possible.

12. Changes to This Policy

We may update this Privacy Policy from time to time.

If changes are material, we will notify you in the app or on our website. The "Last updated" date at the top will always show the current version.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Email: [email protected]
Subject line: "Glancely – Privacy"