Privacy Policy

Looksforge ("we", "us", "the Service") is built with a privacy-first architecture. We do not sell your data, run ads, or share your personal information with third parties for marketing purposes.

Key facts:

• Analysis photos are not stored by default. They are processed in server memory during your analysis and immediately discarded afterward — unless you explicitly opt in to save them to your result for later viewing and Before & After comparisons.
• Saved photos (opt-in) are stored in secure cloud storage linked to your analysis result. You can request deletion at any time.
• Community photos are stored only if you explicitly choose to share them to the community gallery. This is a separate, opt-in action.
• Analysis results (scores, metric values) are stored privately under your account to power your dashboard history.
• We do not use advertising cookies or tracking pixels.

Email address. Collected during sign-in. Used for authentication and purchase confirmation emails. Your email is stored in hashed form — we do not store plain-text emails in our database.

Account data. If you use Google sign-in, we receive your email address, display name, and email verification status from Google. We do not receive or store your Google password.

Analysis results. Scores, metric values, pillar scores, PSL score, AI-generated breakdown text, and measurement coordinates are stored under your account for your dashboard history. Photos are only stored if you explicitly opt in via the "Save my photos" checkbox.

Usage data. We collect IP addresses for rate limiting and abuse prevention only. These records expire automatically and are not linked to your identity.

Analysis photos: You upload up to four photos (face front, face side, body front, body side). You place all measurement landmarks manually in your browser. Only the front face photo is sent to our server for AI features assessment (skin, hair, and eye quality scoring). By default, once assessment completes and numerical results are extracted, all photos are discarded from server memory. If you check the "Save my photos" option before submitting, your photos are stored in secure cloud storage and linked to your analysis result so you can view them later and use Before & After comparisons. You can request deletion of saved photos at any time.

Community photos: If you choose to share your score to the community gallery and include a photo, that photo is uploaded to secure cloud storage as part of your community entry. This is an explicit opt-in action that requires confirmation. You can request deletion of your community entry and associated photo at any time.

What IS always stored from analysis: Numbers and text only — scores, metric values, measurement coordinates, and AI breakdown text. Photos are only stored if you explicitly opt in.

Looksforge supports sign-in via email (magic link or OTP) and Google OAuth. No password is required to use the Service. Sessions are stored as secure, encrypted cookies that expire automatically. Session records are invalidated on sign-out.

All data is encrypted at rest and in transit. We use industry-standard security practices including encrypted connections, hashed identifiers, and automatic data expiry for temporary records.

Our data model stores:

• Account records: Hashed email, username, creation date
• Sessions: Encrypted session tokens with automatic expiry
• Membership records: Plan type, analysis limits and usage. No payment card information is stored on our servers.
• Analysis records: Scores, metric values, measurement coordinates, AI breakdown text. No photos.
• Community entries: Display name, age, gender, scores, optional photo (if opted in)

We use the following categories of third-party services to operate:

• AI Assessment — Used for features assessment (skin, hair, eye quality) on the front face photo only. Photos sent via the API are processed according to the provider's data usage policy and are not used for model training.
• Email Delivery — Transactional email delivery for login links and purchase confirmation.
• Database — Stores account records, analysis results, and membership data. All data encrypted at rest and in transit.
• Payment Processing — Handles checkout and digital product delivery. We never receive or store your payment card details.
• Cloud Storage — Stores community photos that users explicitly opt in to share. Encrypted at rest.
• Hosting — Standard web hosting and deployment infrastructure.

We use only strictly functional cookies:

• Session cookie — Required for the service to function. Set after sign-in, expires automatically.
• Authentication state cookie — Used during the sign-in flow for security. Short-lived and deleted after use.

We do not use analytics cookies, advertising cookies, tracking pixels, or any third-party cookie-based tracking.

Our lawful bases for processing:

• Contract performance: Processing photos to deliver the analysis you requested; storing results for your dashboard; sending authentication emails; delivering purchased guides and analysis credits.
• Legitimate interest: Rate limiting and abuse prevention.
• Consent: Community photo sharing (explicit opt-in); third-party sign-in (user-initiated).

Data minimisation is a core principle — we store the minimum required, hash identifiers, and never retain analysis photos.

Under GDPR and applicable data protection laws, you have the right to:

• Access — request a copy of all data we hold about you
• Deletion — request deletion of your account, analysis history, community entries, and any associated data
• Correction — request correction of inaccurate data
• Portability — request your data in a machine-readable format
• Objection — object to processing of your data
• Withdraw consent — withdraw consent for optional processing (e.g. remove community entries) at any time

To exercise any of these rights, email looksforge.com@gmail.com with the subject line "Data Request". We will respond within 30 days.

We retain data as follows:

• Account and analysis records: Until you request deletion
• Community entries: Until you request deletion or remove the entry
• Session and authentication tokens: Short-lived with automatic expiry
• Rate limit records: Short-lived with automatic expiry
• Analysis photos: Discarded from memory after processing by default. If you opt in to save photos, they are retained until you request deletion.

Looksforge is not intended for users under 18. We do not knowingly collect data from minors. If you believe a minor has used the service, contact us immediately at looksforge.com@gmail.com and we will delete any associated data.

Our service providers may process data in the United States or other jurisdictions. By using the Service, you consent to the transfer of your data to these providers, which maintain appropriate security measures and data protection practices.

We may update this policy periodically. Material changes will be noted at the top of this page with a revised "last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

Privacy questions or data requests: looksforge.com@gmail.com