← Back to Lustra

Privacy Policy

Last updated: April 4, 2026

Lustra ("we," "our," or "us") operates the Lustra mobile application. This Privacy Policy explains how we collect, use, store, and protect your information when you use our app.

1. Information We Collect

Account Information

• Email address and name (when you create an account)
• Age (collected during onboarding)
• Authentication data via email/password, magic link, or Apple Sign-In

Skin Profile Data

• Skin type, skin feel, breakout frequency, healing response, product reactions
• Skin conditions, sunscreen usage, stress level, skin priorities
• Routine consistency preferences

Face Photographs (Biometric Data)

• Front, left, and right face photos captured during skin scans
• Face detection data used for positioning guidance during capture (not for facial recognition)

Skin Analysis Results

• Five skin metric scores: Complexion, Oil Balance, Pore & Texture, Inflammation Control, Youthfulness
• Overall Lustra Score (0-100)
• AI-generated skin insights and recommendations
• Detected skin concerns and their severity

Routine & Product Data

• Skincare routines you create (morning/evening steps)
• Product selections and wishlist/saved products
• Routine completion history and streak data

Device & Usage Data

• Device type, operating system version
• Push notification tokens (if notifications are enabled)
• App usage patterns for improving the experience

2. How We Process Your Face Photos

On-Device Analysis

Skin metric scoring (Complexion, Oil Balance, Pore & Texture, Inflammation Control, Youthfulness) is performed entirely on your device using local image processing. No face images leave your phone for scoring purposes.

Privacy Protection

Before computer vision processing, eye regions in your photos are automatically blurred to protect your privacy. This occurs on-device before any analysis.

Narrative Generation

After scores are computed on-device, the numerical scores and your skin profile context (skin type, concerns) are sent to OpenAI's API to generate personalized text insights. OpenAI does not receive your face images, name, email, or account information.

Photo Storage

Your scan photos are uploaded to our secure cloud storage (Supabase) so you can view scan history and compare results over time. Photos are associated with your account and are not shared with third parties. You can delete all photos by deleting your account.

Face Detection vs. Facial Recognition

Lustra uses face detection solely to guide you in positioning your face during the scan capture process. We do not perform facial recognition, facial identification, or facial comparison between users. Your face geometry is not used to identify you.

3. Biometric Data Notice

We collect face photographs for the sole purpose of analyzing skin health metrics. We disclose the following regarding biometric data:

• What is collected: Face photographs (front, left, and right angles)
• Purpose: Skin health analysis, progress tracking, and personalized recommendations
• Storage duration: Photos are retained as long as your account is active, or until you request deletion
• Destruction: When you delete your account, all associated photos and biometric data are permanently deleted from our servers within 30 days
• No sale or sharing: We do not sell, lease, trade, or otherwise profit from your biometric data
• Consent: You provide written consent via the in-app consent screen before your first skin scan

4. How We Use Your Information

• Provide skin analysis results and personalized recommendations
• Track your skin health progress over time
• Match products to your skin profile and concerns
• Manage your account and skincare routines
• Send push notifications (routine reminders, progress updates, skin tips) if you opt in
• Improve our analysis algorithms and app experience

5. Third-Party Services

We do not sell, rent, or trade your personal information. We share data only with the following service providers:

OpenAI

Receives: Numerical skin metric scores and skin profile context (skin type, concerns). Does not receive: face photos, name, email, or account identifiers. Purpose: Generating personalized text insights and recommendations.

Supabase

Receives: All account data, scan photos, and analysis results. Purpose: Secure database hosting, file storage, and user authentication. Data is encrypted at rest and in transit.

Expo (Push Notifications)

Receives: Device push notification tokens. Purpose: Delivering push notifications for routine reminders and progress updates.

Apple

Receives: Apple ID credentials (if you choose Apple Sign-In). Purpose: Account authentication.

We do not use any advertising networks, analytics trackers, or data brokers.

6. Data Security

• Encrypted data transmission (HTTPS/TLS) for all communications
• Secure token-based authentication
• Row-level security (RLS) policies ensuring you can only access your own data
• Secure credential storage on your device (iOS Keychain via SecureStore)
• Automatic eye-region blurring before computer vision processing

7. Data Retention & Deletion

Your account data, scan photos, and analysis history are retained as long as you maintain an active account. You may delete your account and all associated data at any time from the app's Settings screen. Upon account deletion:

• All personal data is permanently removed from our database
• All scan photos are permanently deleted from cloud storage
• Deletion is completed within 30 days of your request

8. Your Rights

All Users

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and all associated data
• Export your data in a portable format
• Opt out of push notifications at any time

California Residents (CCPA/CPRA)

You have the right to know what personal information we collect, the right to delete your information, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact us at the email below.

European Union Residents (GDPR)

You have the right to access, rectify, erase, restrict processing, and port your data. Our lawful basis for processing is your consent (provided during account creation and before your first scan). You may withdraw consent at any time by deleting your account. To exercise your rights, contact us at the email below.

9. Children's Privacy

Lustra is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately and we will promptly delete such information.

10. Push Notifications

If you opt in to push notifications, we may send you routine reminders, streak updates, skin tips, product recommendations, and progress summaries. You can manage notification preferences in the app's Settings, or disable notifications entirely through your device settings. Push notification tokens are stored solely for the purpose of delivering notifications.

11. Medical Disclaimer

Lustra is not a medical device and does not provide medical advice. Skin analysis scores, insights, and product recommendations are for informational and educational purposes only. They are not intended to diagnose, treat, cure, or prevent any skin condition or disease. Always consult a qualified dermatologist or healthcare professional for medical advice regarding your skin health.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the updated policy in the app or via push notification. Your continued use of Lustra after changes are posted constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy, your data, or wish to exercise your rights, contact us at:

Email: lustraskincare2025@gmail.com

Website: lustraglobal.com