This Privacy Policy contains the principles regarding how personal data collected from users of the Klaris - Skin Analysis Assistant mobile application ("Application") is processed, stored, and protected. This Privacy Policy complies with the General Data Protection Regulation (GDPR) for users in the European Union and the United Kingdom, and with the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) for users in California, United States. Users are deemed to have accepted this Privacy Policy by using the application.
The following personal data may be collected from users through the application:
Data may be collected through the application via user declarations and automatically during application use.
Legal basis:
Collected data may be processed for the following purposes:
Users' personal data is stored on secure servers located domestically and/or internationally, with technical and administrative measures taken. Data is stored while the application is used and is retained for 2 years from the termination of the user's membership. After this period, data is deleted or anonymized. The application administrator decides whether data will be anonymized.
Facial photographs uploaded by the user are processed solely for the purpose of performing artificial intelligence-supported skin analysis. These images are stored securely in the Supabase infrastructure and are retained as long as the user account is active. If the user deletes their account or requests deletion of their data, these images and related analysis results are permanently deleted. Klaris shares facial data only with business partners for the provision of services. In this context, images are analyzed by Face++ (Megvii), and this third-party service provider does not store facial photographs in their systems after analysis is completed. Facial data is not shared with unauthorized third parties or used for commercial purposes in any way.
Data is not shared with third parties and institutions except in the following cases:
Some third-party analytics tools are used in our application to improve user experience, measure application performance, and detect technical errors. In this context, services such as PostHog and Meta App Events (Facebook Analytics) may process anonymous usage data. These tools may collect technical information such as in-app behaviors, navigation data, specific button clicks, and subscription-related interactions.
This data does not contain your personal identification information and is not used for advertising targeting. All anonymous data collected is processed solely for application development and performance analysis.
Personal data is transferred internationally within the scope of the application. This transfer is notified to the user together with the Terms and Conditions, Privacy Notice, and Explicit Consent, and is carried out with explicit consent.
The application is closed to use by individuals under 18 years of age. Data belonging to users identified as belonging to this age group is immediately deleted.
For US Users: In accordance with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect personal information from children under 13 years of age. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information immediately.
For EU/UK Users (GDPR Rights):
In accordance with Articles 15-22 of the GDPR, users have the right to:
For California Users (CCPA/CPRA Rights):
In accordance with the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have the right to:
Users can apply through info@klarisai.app to exercise these rights.
This Privacy Policy may be updated by the application administrator when necessary. The most current version is published within the application and/or through the website.