Lumière Skin — Privacy & Legal

Privacy Policy

Effective date: April 13, 2026 · Last updated: April 13, 2026

This policy explains what information Lumière Skin ("Lumière", "we", "us") collects, how we use it, and the choices you have. It applies to the Lumière Skin mobile application (Android package skin.lumiere.app), the iOS app, and the website at lumiere-skin.us.

At a glance. We collect only what we need to run the app: your account info, your skin scans, and your routine activity. Photos and skin scores are processed by Google Gemini AI so we can analyse your skin. We never sell your data, never share it with advertisers, and you can delete everything from inside the app at any time.

1. Information we collect

Account information — your name, email address, date of birth (used for 13+ age verification), and a unique user ID generated by Firebase Authentication.

Skin profile — answers you provide in the onboarding quiz, including self-reported skin type, concerns, sensitivity, lifestyle, and goals.

Face scan photos — three guided photos (front, left, right) you capture in the app. These are analysed to produce skin insights.

Skin health data — scores and characteristics generated from your scans (hydration, clarity, glow, texture, firmness, Fitzpatrick type, undertone, detected conditions) and your skin journey history over time.

Routine and journal data — routines you follow, ritual completions, and journal entries (mood, skin feeling, sleep, hydration).

Chat history — messages you exchange with the in-app AI assistant.

Community content (optional) — posts, comments, likes, bookmarks, reports, and your public community profile.

Approximate location (optional) — to fetch local weather, UV index, and air quality. You can decline at signup and turn this off in Privacy Controls.

Device and app activity — device identifiers for push notifications, basic interaction logs for analytics and reliability.

Payment information — if you subscribe through the web, Stripe processes your payment. We store only the subscription status, never full card numbers.

2. How we use your information

Create your account and keep you signed in.
Analyse your face scan photos and produce your skin insights, routines, and recommendations.
Track your skin journey and surface trends, anomalies, and milestones.
Personalise the AI chat assistant with context from your scans, journal, and routines.
Send push notifications you've opted into (morning/evening rituals, weekly scan reminders, weather alerts).
Power Skin Twin matching and the optional community feed.
Detect abuse, enforce Community Guidelines, and keep the app secure.
Comply with legal obligations.

3. AI processing (Google Gemini)

Your face scan photos and derived skin health data are sent to Google Gemini (Gemini 2.5 Flash) via Google's Generative Language API for the sole purpose of producing your skin analysis. We do not use your data to train third-party models. Face scans are used for skin-characteristic analysis only — not for facial recognition, identity verification, or advertising.

4. How we store your data

Photos are stored in encrypted AWS S3 buckets (AES-256 at rest) with signed short-lived access URLs.
Account, scan, routine, journal, and community data are stored in a managed MySQL database.
All traffic between the app and our servers uses TLS (HTTPS).
Authentication is handled by Firebase Authentication.

5. Data retention

Face scan photos: 24 months after capture (or immediately on account deletion).
AI chat history: 12 months (or immediately on account deletion).
Journal entries, routines, scan history: kept until you delete them or your account.
Account and profile data: kept until you delete your account.
Backups: purged within 30 days of primary deletion.

6. Sharing your data

We share data only with these service providers, and only as needed to run the app: Google Gemini (skin analysis), AWS S3 (encrypted photo storage), Firebase/Google (authentication and push notifications), Stripe (web subscription billing), and Open-Meteo + OpenStreetMap Nominatim (weather and reverse geocoding).

We do not sell your personal information, and we do not share it with advertisers or data brokers. We do not share your data with other Lumière users unless you opt into Skin Twin sharing or post in the community feed.

7. Your choices and rights

Access & export: Profile → Privacy Controls → Export Data.
Delete: Profile → Privacy Controls → Delete Account, or see Account Deletion below.
Location: opt in or out anytime in Privacy Controls.
Notifications: manage push preferences in Notification Settings.
GDPR / UK GDPR / CCPA: right to access, correct, port, delete, object to, and restrict processing. Email privacy@lumiere-skin.us.

8. Children

Lumière Skin is for users aged 13 and over. We age-gate at signup and do not knowingly collect data from anyone under 13. If you believe a child has created an account, email privacy@lumiere-skin.us and we will delete it.

9. Security

We use TLS in transit, AES-256 at rest, principle-of-least-privilege access, and regular dependency reviews. No system is perfectly secure; vulnerabilities can be reported to security@lumiere-skin.us.

10. International transfers

Your data may be processed in the United States and other countries where our service providers operate. We rely on standard contractual clauses and provider commitments where required.

11. Changes to this policy

If we make material changes we will notify you in the app and update the "Last updated" date above.

12. Contact

Questions? Email privacy@lumiere-skin.us or support@lumiere-skin.us.

Terms of Service

Effective date: April 13, 2026

By creating an account or using Lumière Skin, you agree to these terms. If you don't agree, please don't use the app.

1. Eligibility

You must be at least 13 years old. If you are under 18, you may only use the app with the consent of a parent or guardian.

2. Medical disclaimer

Lumière Skin is not a medical device. The AI skin analysis, scores, and recommendations are for informational and educational purposes only. They do not diagnose, treat, cure, or prevent any disease or condition. Always consult a qualified dermatologist or healthcare professional for medical concerns about your skin.

3. Acceptable use

You agree not to upload photos of anyone other than yourself without their consent, upload illegal or harmful content, impersonate others, reverse engineer or abuse the service, or use Lumière to provide medical advice to others. Community posts must follow our Community Guidelines.

4. User-generated content

You keep ownership of the photos, posts, and content you create. By posting in the community you grant Lumière a non-exclusive, worldwide licence to display and distribute that content within the app and for operating the service. You can delete your content anytime.

5. Subscriptions

Paid subscriptions on the web are billed through Stripe and renew automatically until you cancel. Cancel anytime from Profile → Subscription. The Android app on v1.0.0 is entirely free and contains no in-app purchases.

6. Termination

You can delete your account any time. We may suspend or terminate accounts that violate these terms or pose a safety risk. On termination we delete your data as described in the Privacy Policy.

7. Disclaimers & liability

Lumière Skin is provided "as is". To the maximum extent permitted by law, we disclaim all warranties and are not liable for indirect, incidental, or consequential damages. Our total liability will not exceed the amount you have paid us in the last 12 months (or USD 50 if you haven't paid anything).

8. Governing law

Laws of the user's country of residence apply where required by consumer-protection law; otherwise Delaware, USA.

9. Changes

Material changes will be notified in the app. Continued use after a change means you accept the new terms.

10. Contact

Questions: support@lumiere-skin.us.

Account & Data Deletion

Required by Google Play — how to delete your Lumière Skin account and all associated data.

Delete from inside the app (fastest)

Open Lumière Skin.
Tap Me in the bottom navigation.
Tap Privacy Controls.
Tap Delete Account and confirm.

Your account, face scans, photos, routines, journal entries, chat history, community posts, and any other associated data are permanently deleted immediately. Backups are purged within 30 days.

Delete by email

If you can't access the app, email privacy@lumiere-skin.us from the address associated with your account with subject "Delete my account". We'll confirm and complete the deletion within 30 days.

What gets deleted

Your profile (name, email, date of birth, user ID).
All face-scan photos and derived skin-health scores.
All routines and ritual-completion history.
All journal entries.
All AI chat history.
All community posts, comments, likes, bookmarks, reports, and your community profile.
All Skin Twin matches and shared items.
Push notification subscriptions and preferences.
Referral records, product wishlist, affiliate click history.
Subscription and payment history (we retain only minimal records required by tax law).

What we may retain

Minimal records required for legal or tax obligations (e.g., invoices, fraud-prevention logs) for up to the period required by law, and aggregated non-identifying analytics that can no longer be linked back to you.

Contact

Lumière Skin · lumiere-skin.us