Privacy Policy

Overglow AI · Last updated: April 28, 2026 · Effective: April 28, 2026

The short version: Overglow AI analyzes selfies you take to give you personalized facial scores and a daily glow-up routine. Your photos and profile data are stored encrypted on your device. Photos are sent to Google’s Gemini API only when you explicitly request an analysis — we do not keep them on our servers (we don’t have any), we do not sell your data, and we do not use your data to train any AI model.

Who we are
What information we collect
How we use your information
Legal basis (GDPR users)
How we share your information
Third-party services we use
Where your information is stored
How long we keep your information
Security
Your privacy rights
Face data
Children’s privacy
California residents (CCPA/CPRA)
European users (GDPR)
Changes to this policy
Contact us

1. Who we are

Overglow AI (“Overglow,” “we,” “us,” or “our”) is an iOS application that uses artificial intelligence to analyze selfies and provide personalized self-improvement recommendations. The app is published on the Apple App Store under the bundle identifier com.shabgagan.overglowai.

This Privacy Policy explains what information the Overglow AI app collects, how it is used, who it is shared with, and what rights you have regarding it. By installing or using Overglow AI, you agree to the practices described below. If you do not agree, please uninstall the app.

2. What information we collect

2.1 Information you give us directly

During the onboarding flow and ongoing use of the app, you may provide:

Profile data. Gender, age, primary glow-up goal, self-rating, biggest concerns, weakest attribute, things holding you back, skin type, skin concerns, current skincare routine, exercise frequency, sleep hours, water intake, current habits, diet type, stress level, motivation, commitment level, and referral source.
Photos. Front-facing and (optionally) side-profile selfies you take or select from your photo library so the AI can analyze them. EXIF metadata (including any GPS coordinates, timestamps, and device model embedded by your camera) is stripped before the photo is stored or transmitted.
Chat messages. Text you send to the in-app AI Glow Coach.

2.2 Information generated by your use of the app

Analysis results. Numerical scores and written feedback returned by the AI for each scan, including overall, jawline, skin quality, eye area, nose proportion, cheekbones, facial symmetry, hair, facial harmony, lips, and (depending on your declared gender) a masculinity or femininity score.
Daily tasks & progress. Personalized to-do items, completion status, streak counts, badges earned, XP, and level.
Subscription state. Whether you have an active Pro subscription, when it expires, and your purchase history (managed via RevenueCat — see below).

2.3 Information collected automatically

Anonymous product analytics. If analytics is enabled, an anonymous device identifier and a record of which screens you opened or buttons you tapped is sent to PostHog. We do not associate this with your name, email, photos, or profile answers.
Crash and performance logs. The Apple unified logging system (visible only via Console.app on a connected Mac) records app errors. These logs never leave your device unless you choose to share them with Apple as part of a crash report.

2.4 Information we do not collect

Your name, email address, phone number, postal address, or government-issued ID.
Your precise or approximate location.
Your contacts, calendar, or messages from other apps.
Health, fitness, or HealthKit data — we do not request HealthKit permissions.
Anything from other apps on your device.

3. How we use your information

We use the data described above only for the following purposes:

To run the core analysis feature. Your selfies and profile data are sent to Google’s Gemini API so it can return facial scores and feedback. This is the entire purpose of the app and cannot be opted out of while still using the analysis feature.
To generate your personalized daily routine. Your profile, latest analysis, and recent task history are sent to the Gemini API to produce a fresh set of daily tasks.
To power the AI Glow Coach chat. Your chat messages, the last few replies, your profile summary, and your latest analysis scores are sent to the Gemini API so the model can respond contextually.
To track your progress. Your task completions, streaks, scans, and XP are stored locally so we can show your timeline, gamification level, and badges.
To process subscription purchases. Apple In-App Purchase handles the actual transaction; RevenueCat keeps track of whether your subscription is active so the app can unlock or lock Pro features.
To improve the product. Anonymous event analytics help us understand which features are used and where users get stuck. We never analyze the content of your photos, profile answers, or chat messages for this purpose.

4. Legal basis (GDPR users)

If you are in the European Economic Area, the United Kingdom, or Switzerland, our legal bases for processing your information under the General Data Protection Regulation are:

Performance of a contract — using your photos and profile to deliver the analysis and daily routine you requested.
Legitimate interest — running anonymous product analytics and securing the app against abuse.
Consent — sending you optional reminder notifications. You can revoke this in iOS Settings at any time.

Overglow AI does not run any backend servers of its own. We share information only in these specific situations:

With Google (Gemini API) when you trigger an analysis, generate daily tasks, or send a chat message. The request includes the relevant photo bytes (analysis only) and the relevant subset of your profile.
With Apple for App Store In-App Purchases.
With RevenueCat to verify and manage your subscription state.
With PostHog for anonymous product analytics, only if a PostHog API key has been configured in the build.
With law enforcement if we are legally compelled to disclose information by a valid order. Because we do not operate servers, in practice we hold almost no data that could be turned over.

We do not sell, rent, or trade your information to data brokers or advertisers. We do not use your data to train any AI model.

6. Third-party services we use

Service	Provider	Data shared	Purpose
Gemini API	Google LLC	Selfie image bytes, profile summary, chat messages, analysis history	Run AI facial analysis, generate daily tasks, power AI Coach chat
RevenueCat	RevenueCat, Inc.	App-generated user ID, subscription product ID, purchase receipt	Validate App Store receipts, manage subscription entitlements
PostHog	PostHog Inc.	Anonymous device ID, event names, basic device info (OS version, app version)	Anonymous product analytics
Apple In-App Purchase	Apple Inc.	Apple ID, payment method, transaction history	Process subscription purchases — governed entirely by Apple’s privacy policy
Apple Push Notification service (APNs)	Apple Inc.	Anonymous push token	Deliver reminder notifications you opted in to

Each provider listed above is itself bound by their own privacy policies. We encourage you to read them: Google, RevenueCat, PostHog, Apple.

7. Where your information is stored

On your device. Profile data, photos, analysis results, daily tasks, chat history, gamification state, and the encryption key used to protect them all live in the iOS app sandbox on your iPhone or iPad. They never leave your device except as described above.
At Google. Gemini API requests are processed in Google’s data centers. According to Google’s API terms, Gemini API requests sent through paid tiers are not used to train Google’s models.
At RevenueCat. Subscription metadata is stored in RevenueCat’s servers (United States).
At PostHog. Anonymous analytics events are stored in the PostHog region you configure (we recommend the EU region for European users).

8. How long we keep your information

We retain each category of information only for as long as it is needed to deliver the feature you used it for. The specific limits are:

On your device (general profile, daily tasks, gamification state, chat history). Kept inside the Overglow AI app sandbox on your iPhone or iPad only for as long as the Overglow AI app remains installed on your device. When you uninstall the app, iOS automatically and permanently deletes the entire app sandbox — including the AES-256 encryption key stored in the iOS Keychain that protects your data — making everything unrecoverable. The maximum retention period is therefore bounded by your active installation of the app.
On your device (face data — selfies and derived facial scores). See Section 11.5 for the dedicated face-data retention policy, including the specific reasons for storing face data and the specific length of time it is stored.
At Google (Gemini API). Google may retain API request logs (which include the photo bytes and text you submitted) for up to a few weeks for the sole purpose of abuse detection and policy enforcement, per their Generative AI API terms. After that period Google deletes the data. We have no ability to access, retrieve, or extend the retention of these logs.
At RevenueCat. Subscription metadata (an anonymous app-generated user ID, the product identifier, and the purchase receipt) is kept for as long as your subscription is active and for a reasonable period afterward (typically up to 24 months) for receipt validation, refund handling, and tax records.
At PostHog. Anonymous analytics events are kept per the retention policy configured on the PostHog instance, typically up to 12 months.

9. Security

We take the following technical measures to protect your data:

At-rest encryption. Your selfies and onboarding profile are encrypted on-device with AES-256-GCM. The encryption key is generated on first launch, stored in the iOS Keychain (accessible only to this app, only after first unlock), and never leaves your device.
EXIF stripping. Photos are redrawn through a metadata-free pipeline before being stored or sent over the network, so any GPS coordinates, timestamps, or device fingerprint embedded by the camera are removed.
HTTPS-only networking. The app does not allow unencrypted HTTP requests.
Certificate pinning. Calls to Google’s Gemini API are validated against pinned Google Trust Services root certificates, blocking man-in-the-middle attacks on hostile networks.
API key protection. Third-party API keys are injected at build time from gitignored configuration files and restricted by Apple bundle identifier where the provider supports it.
Apple sandbox. The app runs inside the standard iOS app sandbox, isolating its data from other apps on your device.

No system can be 100% secure. If you believe you’ve found a security vulnerability, please contact us at the address below.

10. Your privacy rights

Regardless of where you live, the following options are always available to you:

View your data. Your profile summary is visible in the Settings & Profile screens of the app. Your scan history is visible in the History tab. Your latest analysis report is visible on the Home tab.
Delete your data. The fastest and most complete way to delete every piece of information Overglow AI has stored about you is to uninstall the Overglow AI app from your device. When you uninstall, iOS permanently and irreversibly deletes the entire app sandbox — including all selfies, analysis results, chat messages, profile answers, daily-task records, gamification state, and the AES-256 encryption key stored in the iOS Keychain. After uninstall there is no way for us, for Apple, or for anyone else to recover the data. If you would also like the limited subscription metadata held by RevenueCat (an anonymous user ID and your purchase history) to be deleted, contact us at the email address in Section 16 and we will request its deletion within 7 days.
Withdraw consent for notifications. Toggle off Notifications in iOS Settings > Overglow AI.
Withdraw camera or photo-library access. Toggle off Camera or Photos in iOS Settings > Overglow AI. The app will still run but cannot capture or analyze new selfies until you grant access again.

If you live in a region with additional rights under GDPR, CCPA, or similar laws, see the dedicated sections below.

11. Face data

Because Overglow AI is a facial analysis app, this section provides additional detail about how we handle face data specifically. “Face data” means the selfie photographs you take within the app and any facial feature scores, feedback, or measurements derived from those photographs.

11.1 What face data we collect

When you use the analysis feature, the app captures one front-facing selfie and, optionally, one side-profile selfie using your device’s camera or photo library. All EXIF metadata (GPS coordinates, timestamps, device model) is stripped from the photo before it is stored or transmitted. The photo is then resized to a maximum of 1,536 pixels on its longest edge. We do not use Apple’s Face ID, ARKit face-tracking, TrueDepth camera depth data, or any biometric identification framework. The app processes standard 2D photographs only.

11.2 How we use your face data

Your face data is used exclusively for the following purposes:

AI facial analysis. Your selfie is sent to Google’s Gemini API, which returns numerical scores (e.g., jawline, skin quality, symmetry) and written feedback. This is the core feature of the app.
Progress comparison. Previous selfies are stored encrypted on your device so you can compare scans over time and track improvement.
Personalized recommendations. The scores derived from your face data inform the daily tasks and coaching advice the AI generates for you.

We do not use your face data for facial recognition, biometric identification, user authentication, advertising, or any purpose other than providing you with the analysis and recommendations you requested.

11.3 Third-party sharing of face data

Your selfie photo bytes are shared with one third party only: Google LLC, via the Gemini API, solely to perform the facial analysis you requested. According to Google’s Gemini API Terms of Service, data sent through paid API tiers is not used to train Google’s models. Google may retain API request logs (which include the image bytes) for a short period (typically a few weeks) for abuse detection, after which the data is deleted.

Your face data is never shared with advertisers, data brokers, analytics providers, or any other third party. RevenueCat and PostHog do not receive your photos or analysis scores.

11.4 Where face data is stored

On your device. Your selfie photos are encrypted at rest using AES-256-GCM with a key stored in the iOS Keychain. They are kept inside the app’s iOS sandbox and cannot be accessed by other apps. We do not upload your photos to any server we operate — we do not operate any servers.
In transit to Google. Photos are transmitted over HTTPS (TLS 1.2+) to Google’s Gemini API endpoint. The connection is encrypted end-to-end.

11.5 Why we store face data, and for how long

This subsection directly addresses two questions Apple App Review requires every app handling face data to answer in plain language under Guideline 5.1.1(i): why we store face data, and for what specific length of time.

Reasons we store face data on your device

We store your selfies and the facial scores derived from them on your device for one specific, purpose-limited reason: to enable the progress-tracking experience that is the core value of the Overglow AI app. Concretely, retaining your previous selfies is what makes each of the following features possible:

Scan history. The History tab shows you your past analyses so you can re-open any previous report.
Side-by-side comparison. The Comparison feature lets you place a recent selfie next to an older one to see visible change over time.
Trend-aware coaching. Your daily routine and the AI Coach’s replies are adjusted based on how your scores change across scans, which requires keeping prior scores on hand.

Without retaining previous selfies, none of these features — which are the reason most people install Overglow AI — would work. We do not store face data for facial recognition, biometric identification, user authentication, advertising, training of any AI model, or any purpose other than those listed above.

Specific length of time face data is stored, and why this specific length

Face data is retained on your device only for as long as the Overglow AI app remains installed on your device. The maximum retention period is therefore the lifetime of your active installation, subject to these specific, finite limits:

Permanent deletion on uninstall. When you uninstall Overglow AI, iOS automatically and permanently deletes the entire app sandbox — including every stored selfie, every derived facial score, the encrypted database file, and the AES-256 encryption key stored in the iOS Keychain that was the only key able to decrypt that data. After uninstall, there is no copy of your face data anywhere we can reach, and any residual encrypted bytes that may briefly remain on the underlying flash storage cannot be decrypted by us, by Apple, or by anyone else.
Bounded by purpose. While the app is installed, face data is retained only for the progress-tracking purposes listed above. It is never copied to any server we operate (we operate no servers of our own). It is never used to train an AI model. It is never shared with advertisers, data brokers, or analytics providers.
Bounded by your installation. Because the encryption key that decrypts your selfies is generated freshly on first launch and stored only in the iOS Keychain entry tied to this specific installation, reinstalling Overglow AI starts you with an empty face-data store. Old face data from a previous installation cannot carry over to a new installation.
You may end retention at any time. You can permanently end retention of your face data at any moment, with one action, by uninstalling the Overglow AI app. There is no waiting period and no server-side delay; deletion is immediate and irreversible.

Why we chose this specific duration. We chose “lifetime of your active installation, with permanent deletion on uninstall” as the retention bound because it is the shortest period that still lets the progress-tracking feature you installed the app for actually work. A shorter automatic purge would silently destroy your scan history without your consent and break the core value of the app for you. A longer period — for example, off-device backup, cross-device sync, or server-side retention — would mean retaining face data we have no business keeping. We deliberately do not store face data on any server we operate, so the on-device retention is the entire retention; there is no separate server-side retention period to disclose.

Retention at Google (Gemini API)

When you trigger an analysis, the selfie photo bytes are transmitted to Google’s Gemini API over HTTPS so Google can return the facial scores. Per Google’s Gemini API Terms of Service, Google may retain the request (including the photo bytes) for up to a few weeks for the sole purpose of abuse detection and policy enforcement. After that period Google deletes the data. We have no ability to access, retrieve, or extend the retention of these logs. Per Google’s paid-tier API terms, the data is not used to train Google’s models.

11.6 Your control over face data

You have full control over your face data at all times:

You initiate every capture. The app captures a selfie only after you explicitly tap the camera button and grant permission to use the camera or photo library. The app never captures or analyzes photos in the background and never accesses the camera or photo library without your explicit action.
You can revoke camera or photo-library access at any time via iOS Settings > Overglow AI. With access revoked the app continues to run but cannot capture or analyze new selfies until you grant access again.
You can permanently delete all of your face data at any time, instantly, by uninstalling Overglow AI from your device. iOS will permanently erase the entire app sandbox, including every stored selfie, every derived facial score, and the AES-256 encryption key in the iOS Keychain — making any residual encrypted bytes unrecoverable.
You can request out-of-band deletion of any subscription metadata held at RevenueCat by contacting us at the email address in Section 16. We will request deletion on your behalf within 7 days. RevenueCat does not receive your selfies or facial scores.

12. Children’s privacy

Overglow AI is intended for users 13 years of age or older. The onboarding flow asks you to confirm your age and prevents continuation if you indicate you are under 13. We do not knowingly collect any personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at the address below and we will take steps to delete that information.

If you are between 13 and the age of majority in your jurisdiction, please use the app only with the involvement of a parent or guardian.

13. California residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act and California Privacy Rights Act give you the following rights regarding your personal information:

Right to know. Request the categories and specific pieces of personal information we collect, use, and disclose.
Right to delete. Request deletion of personal information we hold about you.
Right to correct. Request correction of inaccurate personal information.
Right to opt out of sale or sharing. We do not sell or share your personal information for cross-context behavioral advertising. There is nothing to opt out of.
Right to non-discrimination. We will not deny service, charge different prices, or provide a different quality of service because you exercised any of these rights.

To exercise any of these rights, contact us at the address below. We will verify your identity through your in-app account state and respond within the timelines required by law (typically 45 days, extendable by another 45 days).

14. European users (GDPR)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation:

Right of access — obtain a copy of the personal data we hold about you.
Right to rectification — correct inaccurate or incomplete data.
Right to erasure (“right to be forgotten”) — have your data deleted.
Right to restrict processing — pause certain uses of your data.
Right to object — object to processing based on legitimate interest.
Right to data portability — receive your data in a machine-readable format.
Right to withdraw consent — revoke previously given consent at any time.
Right to lodge a complaint with your local data protection authority.

Because Overglow AI stores your data locally on your device, you can exercise most of these rights yourself by deleting items from the Settings, History, or Chat screens, or by uninstalling the app. For anything that cannot be exercised in-app, contact us at the address below.

15. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the third-party services we use, or applicable law. When we make material changes, we will update the “Last updated” date at the top of this page and, where appropriate, surface a notice inside the app the next time you open it. The current version of this policy is always available at https://overglow-legal.vercel.app/privacy.

Continued use of the app after a policy update constitutes acceptance of the updated terms. If you do not agree with a change, please uninstall the app.

16. Contact us

For privacy questions, data deletion requests, or to exercise any of the rights described above, contact us at:

Email: adgan.business@gmail.com

Please include “Privacy Request” in the subject line and describe the request as specifically as you can. We aim to respond within 7 days.

Contents