Privacy Policy
Last updated July 14, 2026
This Privacy Policy explains how Rhovie (“Rhovie”, “we”, “us”, or “our”) collects, uses, and protects your information when you use the Rhovie mobile app and related services (the “Service”). Because the Service analyzes photos of your face and other sensitive information, please read this policy carefully.
1.Who we are and what this covers
Rhovie operates the Service and is the controller of the personal information described here. For any privacy question, or to exercise your rights, contact us at info@rhovie.care.
This policy applies to the Rhovie mobile app. It does not cover third-party services we link to — such as retailers or the app stores — which have their own privacy policies.
2.Information we collect
Most of this information you provide during onboarding and while using the Service:
- Account information — your email address, how you sign in (email and password, Sign in with Apple, or Google), and a securely hashed password where applicable.
- Skin profile — your date of birth (used to calculate your age), gender, skin type, tone and sensitivity, skin concerns, any chronic or special conditions you choose to share, your current products, and routine preferences.
- Facial scan photos — the photos you capture for skin analysis. These are images of your face and are treated as sensitive information.
- AI-generated images — a synthetic “after” image generated from your scan to illustrate potential results.
- Product photos — images of skincare products you scan for analysis.
- Health data — if you connect Apple Health, we read sleep and, where offered, activity (such as steps) data on your device to relate it to your skin. Only an aggregate summary (for example, your average nightly sleep) is sent off the device; we do not transmit or store your raw nightly health records.
- Skin diary and check-ins — how your skin feels, routine completions, and the progress you log over time.
- Purchase information — if you buy a subscription, the app store processes your payment and shares your subscription status with us (through our subscription manager, Adapty) so we can unlock paid features. We never receive your full card number.
- Usage and device information — app interactions, a device or installation identifier, push-notification tokens, your coarse region (used to apply the correct consent rules), and diagnostic or crash data when enabled.
- Communications — messages you send us, such as support or feedback emails.
3.How we use your information
- Provide the core Service — analyze your skin, estimate skin metrics and skin age, generate your illustrative “after” image, and build a personalized routine.
- Power the AI assistant — answer your questions using your profile, scans, and routine as context.
- Send notifications — routine reminders, check-ins, and, with your consent, tips and product suggestions.
- Improve and secure the Service — troubleshoot problems, prevent abuse, and develop new features.
- Communicate with you — respond to support requests and send important service messages.
- Comply with our legal obligations.
We do not use your facial images or health data to train third-party AI models, and we do not sell your personal information.
4.AI features and automated processing
The Service uses artificial intelligence to analyze your photos and assist you, and we want to be transparent about how that works.
To run a face scan, your photo is securely transmitted to our AI provider, OpenAI, which estimates skin characteristics such as hydration, texture, and an approximate “skin age”, and — from the geometry of your face — attributes such as facial symmetry and an estimate of facial masculinity/femininity. A separate OpenAI model then generates an illustrative “after” image: this image is AI-generated and synthetic, is not a real photograph of you, and does not promise any particular result. We do not use your photos to train AI models.
The AI assistant uses OpenAI to generate responses based on the profile and scan context available to it.
These features are for informational and cosmetic purposes only. They are not a medical diagnosis, and we do not make decisions producing legal or similarly significant effects about you solely by automated means. You can stop using AI features, and delete your scans and account, at any time.
5.Legal bases for processing (EEA and UK)
If you are in the European Economic Area or the United Kingdom, we rely on the following legal bases under the GDPR and UK GDPR:
- Explicit consent — for processing your facial images, health data, and any information revealing sensitive characteristics (special-category data), and for marketing communications. You may withdraw consent at any time.
- Performance of a contract — to provide the features you ask for.
- Legitimate interests — to secure, maintain, and improve the Service, where not overridden by your rights.
- Legal obligation — where we must process information to comply with the law.
6.Sensitive, biometric, and health information
Your facial images, the characteristics we infer from them, and any health information you share are sensitive. We ask for your explicit consent before your first scan, and again in the app before you connect Apple Health. We use this information only to provide the skin-analysis and personalization features you request.
Depending on how it is used and where you live, facial-geometry data may be considered biometric information. We do not use it to identify you to third parties, and we do not share it for advertising. You can revoke consent, delete individual scans, or delete your account at any time.
7.How we share information
We share personal information only with service providers who process it on our behalf, and only as needed to run the Service:
- OpenAI — processes your scan photos, product photos, and assistant messages to generate analysis, images, and responses.
- Google Firebase and Google Cloud — provide authentication, database, secure file storage, hosting, and push-notification delivery.
- Resend — sends transactional emails such as verification and password-reset codes.
- Sentry — receives diagnostic and crash reports when enabled, configured to exclude your personal content.
- Adapty — manages subscriptions and entitlements; it receives your purchase and subscription status so we can unlock and maintain paid features.
- Affiliate and commerce partners — when you tap a “shop” link, partners such as iHerb, Skimlinks, Impact, Awin, or a retailer’s own program may receive standard referral information so we can earn a commission. See our Terms of Service for details.
- Apple and Google — process sign-in and, where offered, in-app purchases under their own terms.
8.Legal disclosures and business transfers
We may disclose information if required by law, to protect our rights or the safety of our users, or in connection with a merger, acquisition, or sale of assets — in which case we will honor this policy or notify you of any changes.
We do not sell your personal information, and we do not share it for cross-context behavioral advertising.
9.International transfers
Some of our providers are located in the United States and other countries. Where we transfer personal information across borders, we rely on appropriate safeguards, such as the European Commission’s Standard Contractual Clauses.
10.How long we keep your information
We keep your account and skin data for as long as your account is active, so you can track your progress over time. Your scan photos and generated images are stored until you delete the individual scan or your account.
When you delete your account, we delete your profile, scans, generated images, product data, and stored files. We may retain limited records for a short period where required for legal, security, or fraud-prevention purposes, and we may keep anonymized or aggregated data that can no longer be linked to you.
11.Your rights
Depending on where you live, you may have the right to:
- Access — request a copy of the personal information we hold about you.
- Correct — ask us to fix inaccurate information; you can edit most of it directly in the app.
- Delete — delete your account and associated data from within the app, or by contacting us.
- Restrict or object — limit or object to certain processing.
- Port — receive your information in a portable format.
- Withdraw consent — for any processing based on consent, without affecting processing that already happened.
- Complain — lodge a complaint with your local data-protection authority.
12.Your US state privacy rights
If you are a resident of California or another US state with a comprehensive privacy law, you have specific rights, which we honor regardless of where you live:
- Know and access — request the categories and specific pieces of personal information we have collected, and how we use and disclose it.
- Delete — request deletion of your personal information, which you can also do yourself in the app’s Settings.
- Correct — request correction of inaccurate personal information.
- Opt out of sale or sharing — we do not sell your personal information and do not share it for cross-context behavioral advertising, so there is nothing to opt out of; where applicable we honor Global Privacy Control signals.
- Limit sensitive information — we use sensitive information, such as your facial images and health data, only to provide the features you request, never to infer characteristics for advertising.
- Non-discrimination — we will not deny you service or charge you differently for exercising these rights.
To exercise these rights, use the in-app controls or email us at info@rhovie.care. You may use an authorized agent where the law allows, and we will verify each request against your account.
13.Deleting your data
You can delete your account at any time from the app’s Settings. This permanently removes your profile, scans, generated images, product library, and stored files from our systems. Deletion cannot be undone.
To exercise any other right above, use the in-app controls or email us at info@rhovie.care. We will respond within the timeframe required by applicable law.
14.Security
We protect your information with encryption in transit, access controls that restrict data to your own account, and server-side rules that prevent other users from accessing your content. No method of transmission or storage is completely secure, but we work to protect your information and continually improve our safeguards.
15.Cookies and local storage
The Rhovie app stores information on your device — such as your profile, routine, and preferences — so the app works quickly, remembers your settings, and functions offline; that data stays on your device unless it syncs to your account. Our website uses only the storage strictly necessary to serve the pages and remember basic preferences. We do not use advertising or cross-site tracking cookies.
16.Children’s privacy
The Service is not intended for children. You must meet the minimum age required in your country — at least 16 in the EEA and UK unless a lower age is permitted locally, and at least 13 elsewhere. We do not knowingly collect personal information from children below the applicable age. If you believe a child has provided us information, contact us and we will delete it.
17.Marketing and notifications
With your consent where required, we may send tips and product suggestions by push notification. You can turn these off at any time in the app’s notification settings or your device settings. Transactional messages, such as security codes, are necessary to provide the Service.
18.Changes to this policy
We may update this policy from time to time. If we make material changes, we will update the “last updated” date and, where appropriate, notify you in the app. Your continued use of the Service after an update means you accept the revised policy.
19.Contact us
If you have questions about this policy or how we handle your information, contact us at info@rhovie.care.
Questions about this page? Email us at info@rhovie.care.