Privacy Policy - Ingredia

1. Introduction

At Ingredia, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cosmetic ingredient analysis platform.

2. Information We Collect

2.1 Information You Provide

Account Information: Name, email address, password (encrypted)
Profile Data: Skin type, skin concerns, age range, pregnancy status
Usage Data: Products you scan, routines you create, check-in responses
Payment Information: Processed securely by Stripe (we don't store card details)

2.2 Information Collected Automatically

Device Information: Browser type, operating system, device type
Usage Analytics: Pages visited, features used, time spent
Cookies: Session cookies for authentication and preferences

3. How We Use Your Information

We use your information to:

Provide and personalize our ingredient analysis services
Generate skincare routine recommendations based on your profile
Track your skincare progress and provide insights
Send you important updates about your account
Improve our services and develop new features
Respond to your inquiries and provide support
Process payments for premium subscriptions

4. Information Sharing

We do not sell your personal information. We may share your information with:

Service Providers: Hosting (Vercel), database (Neon), payments (Stripe), email (Resend)
Analytics: Aggregated, anonymized data to improve our services
Legal Requirements: When required by law or to protect our rights

5. Data Security

We implement appropriate security measures to protect your information:

Passwords are hashed using bcrypt encryption
All data transmitted over HTTPS/TLS encryption
Database access restricted and encrypted
Regular security audits and updates
Session timeout after periods of inactivity

6. Your Rights

You have the right to:

Access: Request a copy of your personal data
Correction: Update or correct your information
Deletion: Request deletion of your account and data
Export: Download your data in a portable format
Opt-out: Unsubscribe from marketing communications

To exercise these rights, contact us at privacy@ingredia.app or use the settings in your account.

7. Cookies

We use essential cookies for:

Authentication and session management
Language preferences
Security features

We do not use tracking cookies for advertising purposes.

8. Data Retention

We retain your information for as long as your account is active or as needed to provide services. After account deletion:

Personal data is deleted within 30 days
Anonymized analytics data may be retained
Legal/financial records retained as required by law

9. Children's Privacy

Our Service is not intended for children under 13. We do not knowingly collect information from children under 13. If you believe we have collected such information, please contact us.

10. International Users

If you are accessing our Service from the European Union or other regions with data protection laws, please note that your information may be transferred to and processed in countries with different privacy laws. By using our Service, you consent to such transfers.

For EU users, we process data under the following legal bases:

Contract performance (providing our services)
Legitimate interests (improving our services)
Consent (marketing communications)

11. Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these sites. We encourage you to review their privacy policies.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the Service. The "Last updated" date at the top indicates when the policy was last revised.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices:

Email: privacy@ingredia.app