Glowlytics
BlogGuidesFAQGlossary
Get Glowlytics
Privacy

Your face stays on the phone.

Reading a face is intimate work. We treat it like a journal you've left out on the table, closed.

Effective
April 20, 2026
Company
BDQ Holdings LLC
Contact
drmustafa@bdqholdings.com
  1. 01

    Information we collect

    We collect the following types of information to provide and improve the Glowlytics experience:

    • Account information, name, email address, and authentication credentials managed through Clerk.
    • Skin scan photos, images captured via your device camera for skin analysis.
    • Face data used for scan alignment, a face bounding box, approximate face size, head angle, and facial landmark / mesh coordinates processed on-device during live camera preview so scans are framed consistently. We do not use this data for face recognition or identity verification.
    • Health metrics, skin scores, condition assessments, and trend data generated by our AI analysis.
    • Product usage data, skincare products you log, including barcode scans and usage patterns.
    • Demographic information, age, skin type, and related details you provide during onboarding.
    • Device information, device type, operating system, and app version for compatibility and troubleshooting.
  2. 02

    How we use your data

    Your data is used exclusively to deliver and improve the Glowlytics service:

    • Skin analysis, processing your scan photos through our fine-tuned AI model to identify conditions and generate scores.
    • Face alignment, using live face-position and landmark data on your device to guide framing, distance, and angle before a scan is captured.
    • Trend tracking, monitoring changes in your skin health over time to surface meaningful insights.
    • Personalized recommendations, providing evidence-based guidance informed by AAD and ACOG clinical guidelines via our RAG pipeline.
    • Service improvement, understanding aggregate usage patterns to improve app functionality and accuracy.

    We do not sell your data. We do not use your data for advertising.

  3. 03

    Face data

    When you open the guided camera, Glowlytics processes limited face data on-device so it can align your scan consistently. This face data may include a face bounding box, approximate face size, head angle, and facial landmark / mesh coordinates during live preview.

    • Purpose, center your face, confirm distance, and keep scan framing consistent over time.
    • Retention, live face-alignment data is discarded when the camera session ends and is not stored as a reusable biometric template.
    • Sharing, live face-alignment data is not shared with third parties. Captured scan photos may be processed by our secure backend and OpenAI under our API agreement to generate non-diagnostic skin insights.
    • What we do not do, Glowlytics does not use face data for identity verification, face recognition, emotion detection, advertising, or profiling.
  4. 04

    Storage and security

    Your data is stored using a combination of local and server-side storage:

    • Local device storage, scan history, preferences, and cached data are stored on your device using AsyncStorage.
    • Ephemeral face alignment data, live face bounding boxes and landmark / mesh coordinates stay on-device during camera preview and are discarded after the session ends.
    • Encrypted backend, data synced to our servers is stored in PostgreSQL with TLS encryption in transit.

    We employ industry-standard security practices to protect your information, including encrypted connections, secure authentication via Clerk, and server-side API key management to prevent exposure of credentials.

  5. 05

    Third-party services

    Glowlytics integrates the following third-party services:

    • Clerk, handles authentication, account management, and secure session tokens. Subject to Clerk's Privacy Policy.
    • OpenAI, powers our vision-based skin analysis via their API. Captured scan photos may include your face, but live face-mesh coordinates are not sent to OpenAI. Per OpenAI's API data usage policy, data sent through the API is not stored or used for model training.

    No other third-party services receive your personal data.

  6. 06

    Your rights (GDPR / CCPA)

    You have the following rights regarding your personal data:

    • Right of access, request a copy of the personal data we hold.
    • Right to deletion, request that we delete your personal data.
    • Right to portability, receive your data in a structured, machine-readable format.
    • Right to rectification, request correction of inaccurate personal data.
    • Right to restrict processing, limit how we process your data.
    • Right to object, object to certain types of data processing.
    • Right to opt out of sale, we do not sell personal data, but you may exercise this right at any time.

    To exercise any of these rights, contact drmustafa@bdqholdings.com. We will respond to all verified requests within 30 days.

  7. 07

    Data retention

    We retain your personal data for as long as your account remains active. You may delete your data at any time through Profile › Delete account in the app or by contacting drmustafa@bdqholdings.com.

    Upon receiving a deletion request, all associated personal data will be permanently removed from our systems within 30 days. Live face-alignment data is not retained beyond the active camera session. Captured scan photos that include your face are retained until you delete your account or request deletion.

  8. 08

    Camera and photo permissions

    Glowlytics requires camera access to capture skin scan photos. Here is how we handle photos that may include your face:

    • Photos are stored locally on your device in a secure application directory.
    • Photos are optionally sent to our backend for AI analysis, transmitted via encrypted connection.
    • Photos are never shared with third parties for marketing or advertising purposes.
    • You can revoke camera permissions at any time through your device settings.
  9. 09

    Health data disclaimer

    Glowlytics provides skin health insights for informational purposes only. Important limitations:

    • Our analysis is non-diagnostic and does not constitute medical advice.
    • Results should not be used as a substitute for professional medical consultation.
    • Health data is never shared with insurance companies or employers.
    • Always consult a qualified healthcare professional for medical concerns about your skin.
  10. 10

    Children's privacy

    Glowlytics is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children under 13.

    If you believe that a child under 13 has provided personal data to Glowlytics, please contact us immediately at drmustafa@bdqholdings.com and we will take steps to delete that information.

  11. 11

    Changes to this policy

    We may update this Privacy Policy from time to time. When we do:

    • The updated policy will be posted in the app and on this page.
    • The effective date at the top of this page will be updated.
    • For material changes, we will provide prominent notice within the app.
  12. 12

    Contact us

    If you have any questions about this Privacy Policy or our data practices, please contact us:

    • Company, BDQ Holdings LLC.
    • Email - drmustafa@bdqholdings.com.
    • Subject line, Glowlytics Privacy Inquiry.
    • Terms of Use, glowlytics.ai/terms.
    • Apple Standard EULA - apple.com/legal/internet-services/itunes/dev/stdeula.
Glowlytics

A glow companion that listens before it speaks. Built between Manhattan and Austin.

The app
How it worksWhat we watchPatternsShelf verdicts
Library
BlogGuidesFAQGlossary
Quiet print
PrivacyTermshello@glowlytics.ai
© 2026 Glowlytics · BDQ Holdings LLC