Privacy Policy
Last updated: February 2026
This Privacy Policy explains how Skinscanner LLC ("Skinscanner", "we", "us") collects, processes, uses, and protects personal data when you access or use our website and services (the "Service").
1. Data Controller
2. Nature of the Service
Skinscanner is an AI-powered web application that provides automated, non-diagnostic, educational visual analysis of skin images uploaded by users.
The Service:
- does not provide medical advice,
- does not provide medical diagnoses,
- does not provide treatment recommendations,
- does not replace a licensed physician or dermatologist.
All outputs are probabilistic, informational, and intended solely to support general awareness.
3. Categories of Data Processed
We process the following categories of data:
Account and Contact Data
- Email address
- Optional name
- Optional date of birth
Uploaded Content and Derived Data
- User-uploaded skin images
- Body mapping location data
- AI-generated analysis results
- Generated PDF reports
Transaction Data
- Purchased plans and credits
- Payment status
- Invoices and receipts
(No full payment card details are stored by us.)
Technical and Usage Data
- IP address
- Device and browser information
- Log files
- Cookies and similar technologies
4. Health-Related Data
Uploaded skin images and generated analysis results may qualify as health-related data under applicable laws.
Such data is processed:
- exclusively to provide the Service,
- with appropriate technical and organizational safeguards,
- never sold,
- never used for advertising purposes.
5. AI Training and Improvement (Enabled by Default)
Uploaded images and related metadata may be used by default to improve and train Skinscanner's AI systems.
- AI training is enabled by default
- Users may opt out at any time in their account settings
- After opt-out, future uploads are not used for training
- Data already incorporated into trained models may not be removable
- Training data is anonymized or pseudonymized where technically feasible
6. Legal Bases for Processing (GDPR / EEA Users)
Where applicable, data processing is based on:
- performance of a contract,
- legitimate interests (security, fraud prevention, service improvement),
- consent (where required, e.g. cookies),
- compliance with legal obligations.
7. Data Retention
- Images, analysis results, and PDF reports are stored until deleted by the user or account deletion
- Upon account deletion, personal data is deleted or anonymized unless legal retention obligations apply
- Accounting and billing data is retained as required by law
8. Data Security
We apply appropriate technical and organizational security measures, including:
- encrypted data transmission,
- access controls,
- secure storage,
- monitoring and abuse prevention.
9. International Data Transfers
Personal data may be processed in the United States or other jurisdictions. Appropriate safeguards are applied where required by law.
10. User Rights
Depending on your location, you may have the right to:
- access your data,
- correct inaccurate data,
- request deletion,
- restrict or object to processing,
- withdraw consent.
Requests may be sent to [email protected].
11. Children
The Service is intended for users aged 18 years and older. Minors may only use the Service with verified parental consent where legally permitted.
Skinscanner is not a medical device.