Privacy Policy

Effective Date: July 14, 2025

Qovi Technologies ("Company," "we," "us," or "our") operates the QOVI mobile application ("App") and related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Given that our Service processes facial images and biometric-related data, we take your privacy extremely seriously.

Please read this Privacy Policy carefully. By using the Service, you consent to the practices described herein. If you do not agree with this Privacy Policy, please do not use the Service.

1. Information We Collect

1.1 Information You Provide

Data Type	Details
Account Information	Name, email address, and authentication credentials provided through Google or Apple sign-in.
Profile Information	Age, gender, ethnicity/demographic information (optional, used to contextualize analysis results).
Facial Images	Photographs you upload for facial analysis. These images are processed by our AI systems and may be stored to enable features such as progress tracking.
Payment Information	Subscription and transaction data processed through Apple App Store, Google Play Store, and RevenueCat. We do not directly collect or store your credit card or payment instrument details.
Communications	Messages you send to our support team, feedback, and survey responses.

1.2 Information Generated by the Service

Data Type	Details
Facial Analysis Data	Measurements, metrics, scores, and aesthetic analysis results generated from your facial images, including cephalometric measurements, symmetry scores, and beauty scores.
AI-Generated Recommendations	Personalized improvement suggestions generated by our AI systems based on your facial analysis data.
Progress Data	Historical analysis results and trend data from repeated scans over time.

1.3 Information Collected Automatically

Data Type	Details
Device Information	Device model, operating system version, unique device identifiers, and mobile network information.
Usage Data	Features accessed, actions taken within the App, scan frequency, session duration, and interaction patterns.
Log Data	IP address, access times, pages viewed, app crashes, and other diagnostic data.
Location Data	We do not collect precise location data. We may infer approximate location (country/region) from your IP address for analytics and compliance purposes.

2. How We Use Your Information

We use the information we collect for the following purposes:

Provide the Service: Process and analyze your facial images, generate analysis results, beauty scores, and personalized recommendations.
Progress Tracking: Store and compare your analysis results over time to show trends and changes.
Account Management: Create and manage your account, authenticate your identity, and process subscription payments.
Service Improvement: Analyze usage patterns to improve the accuracy of our AI models, enhance features, and develop new functionality. When used for model improvement, data is aggregated and de-identified where possible.
Communication: Send service-related notifications, respond to support inquiries, and provide updates about the Service.
Security: Detect, prevent, and address fraud, unauthorized access, and other illegal activities.
Legal Compliance: Comply with applicable laws, regulations, and legal processes.

3. How AI Processes Your Facial Images

Transparency about how we process your facial data is important to us:

On-Device Pre-Processing: When you upload a photo, initial face detection and landmark identification may occur on your device using MediaPipe technology.
Server-Side Analysis: Your facial image is securely transmitted to our servers where advanced computer vision algorithms (including MediaPipe and dlib) extract detailed facial measurements and landmarks.
AI Interpretation: The extracted measurements are processed by AI models, including OpenAI's GPT-4 Vision API, to generate comprehensive analysis reports, beauty scores, and personalized recommendations.
Result Delivery: Analysis results are stored in your account and delivered to you through the App.

Important: Your facial images may be transmitted to OpenAI's API for analysis. OpenAI's data usage policies apply to data processed through their API. As of the effective date of this policy, OpenAI does not use API data for training their models. Please refer to OpenAI's Privacy Policy for their current practices.

4. Data Storage and Retention

4.1 Where We Store Your Data

Your data is stored on cloud infrastructure provided by Amazon Web Services (AWS). Servers are located in North America. Data may be transferred to and processed in countries other than your country of residence, and we take appropriate steps to ensure adequate protection for such transfers.

4.2 How Long We Keep Your Data

Account Data: Retained for as long as your account is active plus 30 days after account deletion to facilitate recovery.
Facial Images: Retained for as long as your account is active to enable progress tracking. Images are deleted within 30 days of account deletion or upon your request.
Analysis Results: Retained for as long as your account is active. Deleted within 30 days of account deletion.
Aggregated/De-Identified Data: We may retain aggregated, anonymized data indefinitely for research and service improvement purposes. This data cannot be used to identify you.
Transaction Records: Retained for up to 7 years for accounting and legal compliance purposes.

4.3 Data Deletion

You may request deletion of your data at any time through the App settings or by contacting us at support@qovi.app. Upon receiving a verified deletion request, we will delete your personal data within 30 days, except where retention is required by law or for legitimate business purposes as described above.

5. How We Share Your Information

We do not sell your personal information. We may share your information with the following categories of recipients:

Recipient	Purpose	Data Shared
Amazon Web Services (AWS)	Cloud hosting and data storage (including S3 for image storage)	All data stored on the Service
OpenAI	AI-powered facial analysis and recommendation generation	Facial images, facial measurements
RevenueCat	Subscription management and payment processing	User ID, subscription status, transaction data
Google / Apple	Authentication (OAuth sign-in) and app distribution	Authentication tokens, user ID
Analytics Providers	App usage analytics and performance monitoring	De-identified usage data, device information

We may also disclose your information if required by law, legal process, or government request; to protect the rights, property, or safety of Qovi Technologies, our users, or the public; or in connection with a merger, acquisition, or sale of assets.

6. Data Security

We implement industry-standard security measures to protect your data, including:

Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS 1.2 or higher.
Encryption at Rest: Facial images and personal data stored on our servers are encrypted at rest using AES-256 encryption.
Access Controls: Access to personal data is restricted to authorized personnel on a need-to-know basis with multi-factor authentication.
Secure Authentication: We use OAuth 2.0 through trusted identity providers (Google, Apple) and do not store passwords.
Regular Audits: We regularly review and update our security practices to address emerging threats.

Despite our efforts, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal data:

7.1 All Users

Access: Request a copy of the personal data we hold about you.
Correction: Request correction of inaccurate or incomplete personal data.
Deletion: Request deletion of your personal data and account.
Data Export: Request a portable copy of your data in a commonly used format.
Withdraw Consent: Withdraw your consent to processing at any time (this may affect your ability to use the Service).
Opt-Out of Marketing: Unsubscribe from marketing communications at any time.

To exercise any of these rights, please contact us at support@qovi.app or use the relevant controls in the App settings. We will respond to your request within 30 days.

7.2 California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

Right to Know: You may request information about the categories and specific pieces of personal information we have collected, the sources of collection, the business purposes for collection, and the categories of third parties with whom we share your information.
Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
Right to Correct: You may request correction of inaccurate personal information.
Right to Opt-Out of Sale/Sharing: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising purposes.
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
Right to Limit Use of Sensitive Personal Information: Facial images may be considered sensitive personal information under California law. You may request that we limit our use of such information to what is necessary to provide the Service.

To submit a CCPA/CPRA request, contact us at support@qovi.app. We may need to verify your identity before processing your request.

7.3 European Economic Area, United Kingdom, and Switzerland Residents (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, you have rights under the General Data Protection Regulation (GDPR) and equivalent local laws:

Legal Basis for Processing: We process your data based on: (a) your consent (for facial image processing and optional profile information); (b) performance of a contract (to provide the Service); (c) legitimate interests (for security, fraud prevention, and service improvement); and (d) legal obligations.
Right of Access: Request access to your personal data.
Right to Rectification: Request correction of inaccurate data.
Right to Erasure: Request deletion of your data ("right to be forgotten").
Right to Restrict Processing: Request restriction of processing of your data.
Right to Data Portability: Receive your data in a structured, machine-readable format.
Right to Object: Object to processing based on legitimate interests.
Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
Right to Lodge a Complaint: File a complaint with your local data protection authority.

Data Transfers: Your data may be transferred to and processed in countries outside the EEA/UK. We ensure adequate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, to protect your data during such transfers.

Data Protection Officer: For GDPR-related inquiries, contact us at support@qovi.app.

8. Biometric Data Notice

Certain jurisdictions (including Illinois, Texas, Washington, and others) have specific laws regarding biometric data. While QOVI's facial analysis primarily generates measurements and scores rather than biometric identifiers used for identification purposes, we want to be transparent:

We collect facial geometry data derived from your photographs.
This data is used solely for the purpose of providing the facial analysis Service you have requested.
We do not use facial data for identification or surveillance purposes.
We do not sell, lease, or trade facial data.
Facial data is retained as described in Section 4 and deleted upon account deletion or request.
By using the Service and uploading facial images, you consent to the collection and processing of your facial geometry data for the purposes described in this Privacy Policy.

9. Children's Privacy

The Service is intended for users who are at least 18 years of age. We do not knowingly collect personal information from individuals under 18. If we learn that we have collected personal information from a person under 18, we will delete that information promptly. If you believe a child under 18 has provided us with personal information, please contact us at support@qovi.app.

10. Cookies and Tracking Technologies

Our website (including this page) may use minimal cookies and similar technologies for:

Essential Functionality: Cookies necessary for the website to function properly.
Analytics: Anonymous usage statistics to understand how visitors interact with our website.

The QOVI App does not use traditional browser cookies. The App may use device identifiers and analytics SDKs as described in Section 1.3.

You can control cookies through your browser settings. Disabling cookies may affect your ability to use certain features of our website.

11. Do Not Track Signals

Some browsers transmit "Do Not Track" (DNT) signals. We currently do not respond to DNT signals as there is no industry standard for compliance. We will update this policy if a standard is established.

12. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by posting the updated policy within the App and updating the "Effective Date" above. For significant changes (such as new categories of data collection or new third-party sharing), we will provide prominent notice and, where required by law, obtain your consent. We encourage you to review this Privacy Policy periodically.

14. Data Breach Notification

In the event of a data breach that compromises the security of your personal information, we will notify affected users and relevant authorities as required by applicable law. Notification will include the nature of the breach, the data affected, steps we are taking to address the breach, and recommendations for protecting yourself.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@qovi.app
Company: Qovi Technologies

We will respond to all privacy-related inquiries within 30 days.