Privacy Policy
Last updated: December 11, 2025
This Privacy Policy explains how Maksim Iurchin (referred to in this Policy as “we”, “us”, or “our”) collects, uses, stores, and protects your personal data when you use our website and our iOS application SkinAddict (together, the “Services”).
We care about your privacy and aim to handle your information in a transparent and lawful way. This Policy also describes your rights under applicable data protection laws (including the EU General Data Protection Regulation (“GDPR”) where it applies).
1. What data we collect and why
1.1 Categories of data
Depending on how you use the Services, we may process the following types of data:
| Data category | How we receive it | Purpose | Legal basis (GDPR, if applicable) |
|---|---|---|---|
| Device and technical information (e.g. device model, operating system version, IP address, language, system settings, crash logs) |
Collected automatically when you use the app or visit the website. | To provide and maintain the Services, diagnose issues, improve performance, and protect against abuse. |
Article 6(1)(b) – performance of a contract Article 6(1)(f) – our legitimate interest in running, protecting, and improving the Services |
| Usage data (e.g. screens you view, features you use, in-app events) |
Collected automatically within the app. | To understand how users interact with the app, improve features, and make product decisions. |
Article 6(1)(b) – performance of a contract Article 6(1)(f) – our legitimate interest in product improvement |
| Purchase and subscription information (e.g. product identifier, subscription status, limited transaction data from Apple and RevenueCat) |
Provided by Apple and RevenueCat when you make in-app purchases or subscriptions via the App Store. | To verify purchases, provide paid features, and manage subscriptions (e.g. access, renewals, and entitlement checks). |
Article 6(1)(b) – performance of a contract Article 6(1)(f) – our legitimate interest in preventing fraud |
| Application use data shared with Apple (iOS) | Collected automatically by the app and may be shared with Apple in connection with App Store refund requests. | To allow Apple to review your use of purchased content when assessing a refund request you submit through the App Store. |
Article 6(1)(b) – performance of a contract Article 6(1)(f) – our legitimate interest in handling refund and support processes |
| Account and contact details (e.g. email address, name or nickname if you choose to provide it) |
Provided directly by you when you contact us or create an account (if available). | To manage your account, respond to support requests, and send important service-related messages. |
Article 6(1)(b) – performance of a contract Article 6(1)(f) – our legitimate interest in providing support and a smooth user experience |
| Communication content (e.g. messages you send to our support email, bug reports, feedback) |
Provided directly by you. | To answer your questions, resolve issues, and improve the Services based on your feedback. |
Article 6(1)(b) – performance of a contract Article 6(1)(f) – our legitimate interest in support and product improvement |
| Optional profile / preference data (e.g. settings, preferences you choose in the app, optional demographic info if requested) |
Provided directly by you in the app. | To personalize your experience and remember your preferences. |
Article 6(1)(a) – your consent, where required Article 6(1)(f) – our legitimate interest in personalizing the app |
| User-generated content (if applicable) (e.g. notes, files, media or other content you choose to upload or create within the app) |
Provided directly by you while using the app. | To provide core app functionality and store the content you decide to create or upload. This content may be stored in our backend infrastructure (for example, Supabase). | Article 6(1)(b) – performance of a contract |
| Skin goals, skin issues, habits, behaviors, physical characteristics, including Face Data (defined below) | You provide it to us | To customize your experience by adjusting the content of the Services and providing content tailored to your personal preferences. | Article 6(1)(a) – you give your consent |
1.2 If you do not provide certain data
Some data is necessary for the basic operation of the Services (for example, technical data and purchase information). If you choose not to provide data that is required, certain features may not work properly or may become unavailable.
Please note that photos of your face (further will be referenced as "Face Data") made with SkinAddict are stored on your device. We delete them from all our systems upon completion of the visual analysis.
2. Face Data
2.1. Collection and Use of Face Data. We collect photos of your face to personalize your skincare programs based on the visual analysis of your facial skin conditions, such as pimples, wrinkles, pigmentation, and others. Photos may be collected either through the in-app camera or via your device's camera on our website when you upload a photo during your interaction with our services. Each time a photo is required, the application or web page will explicitly request your consent. We do not capture any photos without your active involvement, whether through the in-app camera or a web-based camera.
2.2. Disclosure and Sharing of Face Data. We do not disclose or share your Face Data with any third parties. Our automation only has access to your Face Data during the analysis. Once the analysis is complete, we can't access your Face Data with any automation. It is technically impossible to access your Face Data for our developers at any moment.
2.3. As a general rule, the Face Data is only stored on your device. The Face Data is deleted from your device upon uninstalling SkinAddict. We only store your Face Data on the server side during the analysis stage. Therefore, your data will no longer be present on our servers after the analysis is complete.
We only store your Face Data at the server side during the analysis stage. Therefore, your data is no longer present on our servers after the analysis is complete.
3. How long we retain your personal data
We store your personal data only for as long as necessary for the purposes described in this Policy, unless a longer retention period is required or permitted by law (for example, accounting or tax requirements, dispute resolution, or enforcement of our agreements).
In general:
- Technical and usage data are kept for a reasonable period to analyze performance and trends.
- Support communications are kept while your question or issue is being handled and for a limited period afterward for reference.
- Purchase and subscription records are kept for as long as required by financial and tax rules.
- If processing is based on your consent, we stop that processing when you withdraw your consent (see “Your data protection rights” below).
4. Your data protection rights
Where the GDPR or similar laws apply, you have a number of rights regarding your personal data. Subject to legal conditions and limitations, you may:
- Right of access – ask whether we process your personal data and receive a copy of that data.
- Right to data portability – request your personal data in a structured, commonly used and machine-readable format and ask us to transfer it to another controller where technically feasible.
- Right to rectification – ask us to correct inaccurate or incomplete personal data.
- Right to erasure – request deletion of your personal data, for example when you withdraw consent or when the data is no longer needed for the original purpose (subject to legal retention requirements).
- Right to restriction of processing – ask us to limit processing of your personal data in certain situations (for example, while we verify its accuracy).
- Right to object – object to processing based on our legitimate interests, including basic analytics or direct marketing, where applicable.
- Right to lodge a complaint – submit a complaint to your local data protection authority if you believe our processing does not comply with applicable law. We would, however, appreciate the chance to address your concerns first if you contact us directly.
To exercise any of these rights, please email us at maxim.yurchin@gmail.com and clearly describe your request. We may ask you for additional information to confirm your identity before fulfilling your request. We aim to respond within one month, and we may extend this period by up to two further months where necessary, as allowed by law.
5. Security measures
We apply reasonable technical and organizational measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
Please remember that no system or transmission over the internet can be guaranteed as completely secure. If we become aware of a security incident affecting your personal data, we will act promptly and, where required by law, inform you and/or the competent authorities.
6. Children’s privacy
The Services are not directed at children under the age of 13, and we do not knowingly collect personal data from anyone under this age. If you are located in the European Union or another region with a higher age threshold, we apply the relevant local age limit (for example, 16 years in some EU countries).
If you are a parent or guardian and believe that your child has provided personal data to us without your consent, please contact us at maxim.yurchin@gmail.com. We will take appropriate steps to delete such data and, if applicable, to remove the related account.
7. Sharing of your personal data
We do not sell your personal data. We may share your personal data with third parties in the following limited situations:
-
Service providers – trusted providers that help us operate and
improve the Services (for example, analytics, crash reporting, cloud hosting,
email delivery, subscription management). These providers process your data only
on our instructions and under data protection agreements. For SkinAddict, this may include:
- Supabase – cloud database, storage, and authentication.
- RevenueCat – in-app purchase and subscription management.
- Appmetrica – app usage and performance analytics.
- Apple – when you make purchases or subscriptions via the App Store, Apple is an independent controller of certain transaction and device-related data. We may also share limited usage information with Apple where necessary to process refund requests you submit through Apple’s systems.
- Legal obligations and protection – if required by law, court order, or governmental request, or if we believe disclosure is necessary to enforce our agreements or protect the rights, safety, or property of us, our users, or others.
- Business transfers – if we are ever involved in a merger, acquisition, or other reorganization, your data may be transferred as part of that transaction, subject to appropriate safeguards.
Where we transfer personal data outside of the European Economic Area (EEA), we will use appropriate safeguards (such as Standard Contractual Clauses) when required by law.
8. International data transfers
Because we may use global service providers (for example, cloud infrastructure or analytics located outside your country), your personal data may be processed in countries that may have different data protection rules than your country of residence. Where required, we implement safeguards to protect such transfers, such as approved contractual clauses or other lawful mechanisms.
9. Changes to this Privacy Policy
We may update this Privacy Policy from time to time, for example to reflect changes in the Services, legal requirements, or how we process your data. When we make material changes, we will take reasonable steps to notify you, such as updating the “Last updated” date at the top of this page and, where appropriate, sending an in-app or email notice.
The most current version of this Policy will always be available on our website or in the app.
10. Contact us
If you have questions about this Privacy Policy or our data practices, or if you want to exercise your data protection rights, you can contact us at:
Email: maxim.yurchin@gmail.com