Privacy Policy

Last updated: June 9, 2026

This Privacy Policy applies to the Aevia mobile application on iOS (distributed via the Apple App Store).

1. Information Collection

Required Permissions (iOS):

• Camera access: To capture your selfie for face detection, local image cropping, and generating your AI aging analysis.

Optional Permissions (iOS):

• Notifications: To send you anti-aging regimen reminders and routine alerts.

2. Data Usage and Protection

Your detailed facial analysis, processed imagery, and personal onboarding answers are:

• Used to provide predictive aging insights, personalized anti-aging recommendations, and regimen calendar configurations.
• Processed primarily on your device or via secure backend endpoints, with all generated images stored strictly locally on your device.
• Supplemented by limited subscription status, transaction tracking, and daily usage telemetry described below.
• Not shared with third parties for advertising purposes.
• Not sold to any parties.

The telemetry described in this policy is used to:

• Operate the App and its premium subscription features.
• Verify active membership entitlements and enforce daily processing limits.
• Improve reliability, server uptime, performance, and fraud prevention.

3. Data Collection and Usage

3.1 Data Linked to Your Identity

The following data may be collected and linked to your identity:

• RevenueCat App User ID: Used to verify your subscription status and manage entitlements.
• Apple Transaction ID: Provided by the App Store to track purchase validity, prevent fraud, and enforce daily image generation limits.

3.2 Data Not Linked to Your Identity

The following product interaction, subscription, and operational data may be collected and is not linked to your identity:

• Onboarding responses (age, gender identity, lifestyle habits, SPF usage, skin conditions, and targeted anti-aging goals) used purely to customize your local app layout and regimen calendar.
• Subscription lifecycle data, including trial starts, subscription renewals, or expiration status.
• Daily API request counts mapped to your transaction token to enforce the daily processing limits.

3.2.1 Refund Request Data Sharing

By using Aevia and making in-app purchases, you consent to Aevia sharing limited purchase, entitlement, and usage data with Apple if you request a refund, solely to help process and evaluate the refund request. This includes whether your subscription is active and whether the real-time refund webhooks have modified your access. We do not share your raw image files or personal profile content with Apple for this purpose.

3.3 Third-Party Services

Aevia uses third-party service providers for limited functions such as AI image processing, subscription verification, and server-side request limits.

• Apple: Receives limited purchase, transaction, and refund data via App Store distribution and subscription processing under Apple's own platform terms and privacy practices.
• RevenueCat: Manages paywall states, verifies active entitlements, and listens to real-time App Store refund webhooks to validate membership status. It does not receive your raw device imagery.
• Cloudflare: Processes secure POST requests to route data, checks the daily usage limit, and protects our system infrastructure.
• AI Processing Provider (OpenAI): Processes your selfie via to generate your aged images. Your raw photos are sent strictly for processing and are not retained by Aevia on external servers.

3.4 Advertising and Marketing Measurement

All data collection outside of necessary AI generation and subscription verification is:

• Used only for core app functionality and performance tracking.
• Not used for third-party advertising tracking, Meta/TikTok pixels, or cross-app marketing networks.
• Not sold or shared with external parties.

Your raw facial imagery, local face-detection coordinates, and specific anti-aging checklist items remain:

• Stored entirely locally on your device.
• Completely private and isolated from any telemetry.

4. Facial Data and On-Device Processing (iOS)

Aevia utilizes advanced on-device face mapping to locate specific aging quadrants.

4.1 What data is accessed

Before executing external requests, the app utilizes localized face-detection architecture to detect facial boundaries and map coordinates.

4.2 Why this data is read

These coordinates are used solely to accurately position hotspots on key areas over your aged photo on the Analysis screen, giving you interactive access to educational mitigation cards.

4.3 How the data is used and stored

• Facial tracking and coordinate calculation happen natively on your device before sending images to the cloud wrapper.
• Coordinate points are kept in local app state to render the UI container overlay.
• Raw facial tracking metrics are never sold, compiled for biometric databases, or shared with third parties.

5. Your Rights

You have the right to:

• Delete all local data, including your generated images and saved routine history, by using the permanent "Account Deletion" button in settings.
• Control app permissions (Camera, Photos, Notifications) at any time through iOS System Settings.

6. Data Retention

All generated images, skin logs, and regimen histories are saved natively to your device's storage and will persist until you trigger an account deletion or remove the app. Server-side request logs mapped to your transaction ID are deleted within 48 hours.

7. Changes to Privacy Policy

We will notify users of any material changes to this privacy policy through an app notification or interface update.

8. Contact Us

If you have any questions about privacy or data protection, please contact us at support@aevia.me.