Privacy Policy
Effective Date: March 18, 2026 · Last Updated: March 18, 2026
1. Introduction
Welcome to Curltine ("we", "our", or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Curltine mobile application ("App").
Please read this policy carefully. If you disagree with its terms, please discontinue use of the App.
2. Information We Collect
2.1 Information You Provide Directly
- Account Information: Your name, email address, and password (stored as a one-way hash — we never store your plain-text password).
- Profile Photo: An optional avatar image you upload to personalise your account.
- Hair Profile: Goals, concerns, lifestyle preferences, and wash frequency you provide during onboarding.
- Progress Photos: Photos you voluntarily upload to track your hair journey over time.
- Routine Logs & Notes: Daily routine completion data and personal notes you add.
2.2 Information Collected Automatically
- Hair Scan Images: Photos of your hair you submit for AI analysis. These images are processed to generate your hair health report and are stored to display your scan history.
- Product Scan Images: Photos of product labels you submit for ingredient analysis.
- AI Analysis Results: Curl type, porosity, density, damage level, frizz level, health score, and care recommendations derived from your hair scans.
- Usage Data: Information about how you interact with the App (e.g., features used, screens visited) for the purpose of improving the service.
2.3 Location Information
The App requests access to your device location only to look up local weather and humidity conditions. This information is used solely to tailor same-day hair care tips (for example, recommending an anti-frizz product on humid days).
Your location is never stored on our servers and is never shared with any third party.
Location access is requested only while the App is in use. Background location access is never requested or used.
3. How We Use Your Information
We use the information we collect to:
- Create and manage your account
- Analyse your hair photos using AI to generate personalised health reports and care plans
- Analyse product ingredient photos to generate compliance and safety reports
- Generate and update your personalised hair care routine
- Track your hair progress over time
- Send you notifications relevant to your care routine (if you have opted in)
- Provide customer support
- Improve and develop new features for the App
- Process your subscription payments and manage your billing history
- Comply with our legal obligations
We do not use your data for advertising purposes and do not sell your data to third parties.
4. How We Share Your Information
We do not sell, trade, or rent your personal information. We may share it only in the following limited circumstances:
4.1 AI Processing Partner
Your hair and product scan images are sent to OpenAI for AI analysis. OpenAI processes this data on our behalf to generate your reports. OpenAI's use of data submitted via API is governed by OpenAI's Privacy Policy. OpenAI does not use API-submitted data to train its models.
4.2 Subscription & Payment Processing
Subscription management is handled by RevenueCat. Purchases are processed directly by Google Play (Android) or the App Store (iOS). We receive confirmation of your subscription status but do not receive your full payment card details. RevenueCat's privacy practices are described at revenuecat.com/privacy.
4.3 Legal Requirements
We may disclose your information if required to do so by law or in response to a valid legal request (such as a court order or government inquiry).
4.4 Business Transfers
In the event of a merger, acquisition, or sale of all or part of our assets, your information may be transferred. We will notify you via email and/or a prominent notice in the App before your data becomes subject to a different privacy policy.
5. Data Storage and Security
Your data is stored on servers located in the United States. We implement industry-standard security measures including:
- Encrypted data transmission (HTTPS/TLS)
- Password hashing (bcrypt)
- Access controls limiting who can access your data
No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
6. Data Retention
We retain your data for as long as your account is active. You may delete your account at any time (see Section 8). Upon account deletion:
- Your personal information, scan history, progress photos, and routine logs are permanently deleted after a 7-day grace period.
- Aggregated, anonymised data (not linked to your identity) may be retained for analytics and service improvement purposes.
- Subscription records may be retained as required by financial regulations.
7. Children's Privacy
The App is not directed to children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.
8. Your Rights and Choices
Depending on your location, you may have the following rights:
| Right | Description |
|---|---|
| Access | Request a copy of the personal data we hold about you |
| Correction | Request correction of inaccurate or incomplete data |
| Deletion | Request deletion of your personal data ("right to be forgotten") |
| Portability | Request your data in a machine-readable format |
| Objection | Object to certain types of processing |
| Withdraw Consent | Withdraw consent where processing is based on consent |
To exercise any of these rights, contact us at [email protected].
8.1 Account Deletion
You can delete your account from within the App at any time by following these steps:
- Open the Curltine App on your mobile device.
- Go to the Profile tab (bottom right icon).
- Tap on Account in the settings list.
- Select Delete Account at the bottom of the page.
- Confirm your choice in the confirmation dialogue.
Once you request deletion, your account and all associated data will be scheduled for permanent removal after a 7-day grace period. This period allows you to change your mind; if you wish to cancel the deletion, simply log back into the App within 7 days and follow the cancellation prompt. If no action is taken, your profile, scan history, progress photos, and all other data will be automatically and permanently deleted after the 7th day.
8.2 Notifications
You can opt out of push notifications at any time through your device's notification settings.
8.3 Location Access
You can revoke location access at any time through your device's app permission settings. Revoking location access will disable weather-based hair tips but will not affect other App functionality.
9. Third-Party Services
The App integrates with the following third-party services. Each has its own privacy policy:
| Service | Purpose | Privacy Policy |
|---|---|---|
| OpenAI | AI-powered hair and product analysis | openai.com/policies/privacy-policy |
| RevenueCat | Subscription management | revenuecat.com/privacy |
| Google Play | Android payment processing | policies.google.com/privacy |
| Apple App Store | iOS payment processing | apple.com/legal/privacy |
| Expo / EAS | App delivery and over-the-air updates | expo.dev/privacy |
10. International Data Transfers
If you are located outside of the United States, please be aware that your information may be transferred to and processed in countries that may have different data protection laws. We take steps to ensure adequate protections are in place for such transfers.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes, we will notify you through the App or by email. The "Last Updated" date at the top of this page reflects the most recent revision. Your continued use of the App after any changes constitutes your acceptance of the updated policy.
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy, please contact us:
- Email: [email protected]
- Website: curlyhair.app
- App: Curltine (com.curlyapp.routine)
Last updated: March 18, 2026