This Privacy Policy ("Policy") for LooksLab ("we," "us," or "our") describes how and why we access, collect, store, use, and share ("process") your personal information when you use our services ("Services"), including when you:
Download and use our mobile application (LooksLab) on iPhone
Visit our website at lookslab.de or related domains
Join our waitlist (e.g. via GetWaitlist)
Engage with us in other related ways, including support requests or marketing
Questions or concerns? Contact us at info@lookslab.de. If you do not agree with our policies, please do not use our Services.
2. Table of Contents
3. Summary of Key Points
What we process: Account data, profile data (gender, age, skin type, etc.), facial images for analysis, chat messages, usage data, and payment data (when applicable via RevenueCat).
Facial images: We process facial images for Face Harmony Scan, Skin, Teeth & Hair analysis. Images are stored securely in Supabase to provide your scan history and analysis results. We do not use facial images to train AI models or for marketing.
Face Harmony: Facial landmark analysis runs on your device (MediaPipe). Only scan results and optional images are stored in the cloud.
Third parties: We use Supabase (auth, storage, database), AI/analysis providers via Supabase Edge Functions, RevenueCat (payments), and analytics. We do not sell your data.
Your rights: Access, correction, deletion, data portability, and objection where applicable (GDPR, CCPA, etc.). Contact us at info@lookslab.de to exercise these rights.
4. What Information Do We Collect?
4.1 Information You Provide
Account data: When you sign up (e.g. anonymously via Supabase Auth), we store your user ID and session information.
Profile data: During onboarding or in settings, you may provide: gender, age, ethnicity, height, weight, fitness level, skin type, eye color, notification preferences, and camera permission status.
Facial images: Photos you capture or upload for Face Harmony Scan, Skin, Teeth, or Hair analysis.
Chat messages: Messages you send in the Chat Coach feature.
Waitlist: If you join our waitlist on the website, we receive your email address and any other information you provide via the GetWaitlist widget.
4.2 Sensitive Information
Facial images and biometric data derived from them (e.g. facial landmarks, analysis results) are processed for Face Harmony Scan, Skin, Teeth, and Hair analysis. These images are stored to provide your scan history, personalized Daily Task Plan, and analysis results. They are not used for facial recognition, identification, or marketing. We treat this data with heightened care and comply with applicable biometric and data protection laws.
Usage data: Screen views, feature usage, paywall interactions (e.g. paywall shown, plan selected, purchase completed) for analytics.
Technical data: IP address, timestamps, and similar identifiers when you use our Services.
5. How Do We Process Your Information?
We process your information to:
Provide Face Harmony, Skin, Teeth & Hair analysis
Create and manage your account
Generate your personalized Daily Task Plan
Store your scan history and analysis results
Power the Chat Coach feature
Process payments and manage subscriptions (via RevenueCat when applicable)
Improve our Services and analytics
Respond to support requests and communicate with you
Legal bases (where applicable, e.g. GDPR): We process your data based on (a) your consent, (b) performance of our contract with you, (c) our legitimate interests (e.g. improving the app, security), or (d) legal obligations.
6. Facial Image & Biometric Processing
When you use our scan features, you capture or upload photos. These images are:
Transmitted securely (HTTPS) to our servers
Stored in Supabase Storage to provide your scan history and analysis results
Processed for Face Harmony, Skin, Teeth & Hair analysis (which may involve AI services via Supabase Edge Functions)
Not used for facial recognition, identification, or training AI models
Not shared with third parties for marketing or advertising
6.1 Face Harmony Scan
Face Harmony analysis uses facial landmark detection that runs primarily on your device (e.g. via MediaPipe). Only the resulting scores, metrics, and optionally the image are stored in our cloud. Raw landmark data may be stored to support your scan history.
6.2 Skin, Teeth & Hair Analysis
For Skin, Teeth, and Hair analysis, images are sent to our Supabase Edge Functions (e.g. analyze-skin, analyze-teeth, analyze-hair). These functions may use AI/ML services to generate analysis. Images are resized and compressed before transmission. Analysis results and images are stored in our database and storage.
You can delete individual scan results or your entire account at any time. Contact us at info@lookslab.de to request deletion.
7. Feature-Specific Data Processing
7.1 Daily Task Plan
Your Daily Task Plan is generated based on your scan results, profile data, and preferences. The generate-daily-tasks Edge Function processes this data to create personalized recommendations. Task data is stored in our database.
7.2 Chat Coach
The Chat Coach feature sends your messages and context (e.g. goals, session info) to our chat-coach Edge Function. Responses are generated using AI and stored in our database to maintain conversation history.
7.3 Analytics
We track events such as paywall interactions, premium state changes, and feature usage via our analytics-track Edge Function. This helps us improve the app and understand usage patterns. Data is anonymized where possible.
7.4 Payments (RevenueCat)
When you subscribe or make in-app purchases, RevenueCat processes payment and subscription data. We receive subscription status and related identifiers to unlock premium features. We do not store full payment card details.
8. When and With Whom Do We Share Your Information?
We may share information with:
Supabase: Auth, database, and storage (hosting of your account, profile, scans, chat, and analysis data). Supabase is a service provider that processes data on our behalf.
AI/analysis providers: Our Edge Functions may use third-party AI services (e.g. for skin, teeth, hair analysis and chat) as needed to provide the service. These providers process data according to their respective privacy policies and our instructions.
RevenueCat: Payment and subscription processing. RevenueCat's privacy policy applies to their processing.
GetWaitlist: If you join our waitlist, your email and related data are processed by GetWaitlist according to their privacy policy.
Analytics: Anonymous or pseudonymous usage data to improve the app.
We do not sell your personal information. We may disclose information if required by law, to protect our rights, or in connection with a merger or acquisition.
9. How Long Do We Keep Your Information?
We keep your information for as long as your account is active or as needed to provide the Services. When you delete your account:
Your user profile, face scans, chat sessions, and related database records are deleted
Stored images in Supabase Storage associated with your account are removed
We may retain anonymized or aggregated data that no longer identifies you
You can request deletion of your account and data at any time via the app settings or by contacting us at info@lookslab.de.
10. How Do We Keep Your Information Safe?
We use industry-standard security measures to protect your data, including:
Encryption in transit (HTTPS/TLS)
Secure storage with access controls
Authentication via Supabase Auth
Limited access to personal data by authorized personnel only
No internet transmission is 100% secure. We cannot guarantee absolute security but we take reasonable steps to protect your information.
11. What Are Your Privacy Rights?
Depending on your location, you may have the following rights:
EU/UK (GDPR): Access, rectification, erasure, restriction of processing, data portability, objection, and the right to lodge a complaint with a supervisory authority.
California (CCPA/CPRA): Right to know, delete, correct, and opt out of "sale" or "sharing" of personal information. We do not sell personal information.
Other regions: Similar rights may apply under local laws (e.g. Australia, Canada).
To exercise these rights, contact us at info@lookslab.de. We will respond within the timeframe required by applicable law. You may also have the right to withdraw consent where processing is based on consent.
Do-Not-Track: Some browsers offer a "Do Not Track" signal. We do not currently respond to DNT signals, but we limit tracking to what is described in this Policy.
12. Children's Privacy
Our Services are not directed to individuals under 16 (or the applicable age in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us at info@lookslab.de and we will delete it promptly.
13. International Data Transfers
Your data may be processed in countries outside your residence (e.g. EU data may be processed in the US by Supabase or other providers). We ensure appropriate safeguards (e.g. Standard Contractual Clauses, adequacy decisions) where required by law.
14. Updates to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the latest version. Material changes may be communicated via the app or email. We encourage you to review this Policy periodically.
15. Contact Us
For questions, to exercise your rights, or to report a concern: