Privacy Policy
This Privacy Policy explains what personal data FaceUp Studio collects, why we collect it, how we use it, who we share it with, and the rights you have over it. We've written this in plain language. If anything is still unclear, email privacy@faceup.studio.
1. Who we are
"FaceUp Studio," "we," "us," and "our" refer to the operator of the FaceUp Studio mobile application and the website at faceup.studio. We act as the data controller for the personal data described in this policy.
For privacy questions: privacy@faceup.studio
2. The data we collect
2.1 Photos and generations
- Photos you upload — face photos, body photos, and any reference images (e.g. an outfit you'd like to try on). Used solely to generate the result you requested.
- Generated outputs — the 4K images produced by the AI. Stored in your private gallery for 30 days and then auto-deleted unless you save them locally.
2.2 Account data
- Email address — if you sign in with email or via Sign in with Apple. Used for authentication and essential service emails.
- Apple user identifier — opaque, account-specific token from Sign in with Apple. We never see your real Apple ID.
2.3 Subscription and purchase data
- Subscription status — managed via RevenueCat and Apple's StoreKit. We see entitlement state ("active," "expired," etc.) and product identifiers, never your full payment card.
- Receipt validation tokens — used to verify your subscription on our backend.
2.4 Device and usage data
- Device model, OS version, language, region, app version — for compatibility and crash diagnostics.
- Anonymous identifiers — Firebase Installation ID and similar service-scoped tokens. These are not linked to your real-world identity.
- Crash reports and performance traces — via Firebase Crashlytics. Includes stack traces, but never the contents of your photos.
- App-event analytics — which Studio you opened, how long generation took, whether it succeeded. Used to improve product performance.
2.5 Marketing attribution (with consent)
- App Tracking Transparency (iOS) — if you opt in to tracking via the iOS prompt, we use AppsFlyer to measure which marketing campaign brought you to the app. If you opt out, no tracking identifier (IDFA) is shared.
2.6 Push notification tokens
- APNs / FCM device tokens — only if you grant push notification permission. Used to send subscription expiry reminders and generation-complete alerts.
3. How we use your data
| Purpose | Legal basis (GDPR) |
|---|---|
| Generate AI outputs you requested | Performance of contract |
| Authenticate your account | Performance of contract |
| Manage your subscription | Performance of contract |
| Crash reporting and performance debugging | Legitimate interest |
| Product analytics (anonymised event-level) | Legitimate interest |
| Marketing attribution (post opt-in only) | Consent |
| Push notifications (post opt-in only) | Consent |
| Comply with legal obligations | Legal obligation |
4. AI generation: how your photos are processed
When you submit a photo for AI generation, the file is transmitted to our generation backend (Google Cloud / Vertex AI and, as a fallback, Replicate). The original upload is held only for the seconds required to generate your output, then deleted. The generated output is returned to your app and stored in your private gallery for 30 days.
We do not train AI models on your photos. We do not share your photos with any third party for marketing, advertising, or model-training purposes.
5. Third-party processors we use
We rely on these vendors to operate the service. Each is contractually bound to process your data only on our instructions and in line with this policy.
- Apple — App Store distribution, in-app purchases, Sign in with Apple, push notifications. apple.com/legal/privacy
- Google Cloud / Vertex AI — AI image generation. cloud.google.com/terms/cloud-privacy-notice
- Replicate — fallback AI image generation. replicate.com/privacy
- Firebase (Google) — authentication, storage, crash reporting, push delivery. firebase.google.com/support/privacy
- RevenueCat — subscription management. revenuecat.com/privacy
- AppsFlyer — marketing attribution (only when you opt in via ATT). appsflyer.com/legal/services-privacy-policy
6. International transfers
Some of the processors above are based in the United States. Where data is transferred outside the EU/UK, we rely on Standard Contractual Clauses (SCCs) and equivalent legal mechanisms to ensure protection equivalent to your local law.
7. Data retention
- Generated outputs: 30 days, then auto-deleted from our servers.
- Original uploads: deleted within seconds of generation completing.
- Account data: kept for as long as your account exists. Deleted within 30 days of account deletion request.
- Subscription records: kept for 7 years after the last transaction (statutory accounting requirement).
- Crash logs and analytics: kept for up to 90 days, then aggregated or deleted.
8. Your rights
If you live in the EU, UK, EEA, or California, you have the following rights over your personal data:
- Access — request a copy of the data we hold about you.
- Rectification — correct any inaccurate data.
- Erasure — request that we delete your account and all associated data.
- Portability — receive your data in a machine-readable format.
- Restriction — pause processing while a dispute is resolved.
- Objection — object to processing based on legitimate interest.
- Withdraw consent — for any processing based on consent (analytics, marketing attribution).
- Lodge a complaint — with your local data protection authority.
To exercise any of these rights, email privacy@faceup.studio. We respond within 30 days.
9. Account deletion
You can delete your account at any time:
- In the app: Settings → Account → Delete account.
- By email: privacy@faceup.studio with subject "Delete my account."
All your data (account, photos, generations, analytics records linked to your user ID) is permanently erased within 30 days. Anonymised statistics — i.e. records that can no longer be tied to you — may be retained.
10. Children
FaceUp Studio is not directed at children. The minimum age to use the service is 13 years (or 16 in the EU/EEA, or higher where local law requires). We do not knowingly collect data from minors below the applicable age threshold. If you believe a child has provided us with personal data, please email privacy@faceup.studio and we'll delete it immediately.
11. Security
We protect your data using industry-standard practices: encryption in transit (TLS 1.2+), encryption at rest, scoped IAM permissions, audit logging, and regular security review. No system is perfectly secure, but we treat the data you give us with the seriousness it deserves.
12. Changes to this policy
If we make a material change to this policy, we'll notify you in-app and by email (where you've provided one) at least 30 days before the change takes effect. The "Last updated" date at the top reflects the most recent revision.
13. Contact
Questions, concerns, or to exercise any right above:
- Email: privacy@faceup.studio
- General support: support@faceup.studio