Baldy← Back to home

LEGAL

Privacy Policy

Last Updated: January 16, 2026

At Baldy (“We”, “Our”, “Us”), we take your privacy seriously. This Privacy Policy explains how we collect, use, and protect your information when you use our mobile application (the “App”).

1. Information We Collect

A. Health & Biometric Data (Scalp Scans)

  • What:We collect images of your scalp that you capture via the App’s camera.
  • Storage: Images are stored locally on your device. We do not permanently store your raw scan images on our cloud servers.
  • Processing: For the purpose of analysis, the image data is transiently sent to our secure Edge Functions and third-party AI provider (Google Gemini) to generate metrics (Density, Norwood Stage). Once analysis is complete, the raw image data is not retained by our servers.

B. Personal Usage Data

  • Onboarding Data: Age, gender, hair goals, and treatment history provided during the quiz.
  • Habit Logs:Records of your daily routines (e.g., “Minoxidil applied”).
  • Device Data: Device model, OS version, and general usage statistics.

C. Permissions

  • Camera: Required to capture scalp images for analysis.
  • Photo Library: Required if you choose to upload existing photos or save results to your library.
  • Notifications: Used to send daily reminders and progress updates.

2. How We Use Your Information

We use your data strictly to:

  • Provide the hair health analysis and tracking features.
  • Generate personalized routine recommendations.
  • Monitor usage trends to improve App performance.

We do NOT sell your personal data to third parties.

TrueDepth Camera & Face Data

Our app uses Apple’s TrueDepth camera and ARKit face tracking technology to enhance the scalp photo capture experience. This section explains exactly how this technology is used and how your data is handled.

What We Collect

The app reads only the face orientation data (pitch, yaw, and roll angles) derived from the ARFaceAnchor transform matrix provided by ARKit. This data tells us which direction your head is facing. We do not access facial geometry, face mesh data, blend shapes, or any biometric identifiers.

How We Use It

Face orientation data is used solely to provide real-time on-screen guidance during scalp scanning. The app detects your head angle and automatically captures a photo when your head is positioned correctly for each scan direction (front, left, right, top). This data is processed entirely on your device in real time.

Storage & Retention

Face orientation data is held only in temporary memory during an active scanning session. It is never written to disk, saved to a database, or included in any persistent storage. Once the scanning session ends, this data is discarded completely.

Third-Party Sharing

Face orientation data is never transmitted to our servers or shared with any third parties. Only the standard camera photos captured during scanning are sent to our backend for AI-powered hair analysis. These photos contain no embedded face tracking data.

Devices Without TrueDepth

On devices that do not support TrueDepth (such as certain iPad models), the face tracking feature is unavailable. In this case, the app provides a manual capture mode where users can take photos by tapping the capture button. No face data is collected or processed on these devices.

3. Third-Party Services

We trust the following third-party providers to help operate the App:

  • Supabase: Used for checking authentication and storing non-image metadata (e.g., your scores, streak counts).
  • Google Gemini (AI): Used to analyze scan images. We use the Enterprise tier, which ensures your input data is notused to train Google’s AI models.
  • RevenueCat: Used to process and manage subscriptions.
  • Apple iCloud: Used for syncing purchase history.

4. Data Security

We use industry-standard encryption (SSL/TLS) when transmitting data between your device and our processing servers. Your actual scan photos remain in your device’s secure file system sandbox or Photo Library.

5. Data Retention and Deletion

  • Retention: We retain your profile metadata (scores, logs) as long as your account is active.
  • Deletion: You have the right to delete your account and all associated data at any time. You can do this directly within the App via Settings > Delete All Data. This action is irreversible.

6. Children’s Privacy

The App is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children.

7. Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date.

8. Contact Us

If you have any questions about this Privacy Policy, please contact us at: info@wearefakt.com