Privacy Policy

This Privacy Policy describes how Harmony ("we", "our", "the App") collects, uses, and shares your information when you use the Harmony mobile application.

Our Privacy Commitment

Harmony is built around a single principle: your photos belong to you. Your selfie is sent to our analysis providers only to generate your personal beauty report and is not stored on our servers. Your report and any generated images are saved locally on your device.

Your Affirmative Consent Before Data Leaves Your Device

Per Apple App Store Review Guidelines 5.1.1(i) and 5.1.2(i), and as a matter of our own privacy commitment, Harmony obtains your explicit prior consent before any personal data is shared with a third-party AI service.

Specifically, immediately after you select a selfie, the App presents a dedicated in-app screen ("Before we begin") that:

• Discloses what data will be sent: the single selfie you just selected — nothing else.
• Specifies who the data is sent to: Anthropic (Claude vision API) for the color and facial feature analysis, and OpenAI (image generation API) for the personalized palette portraits, hair previews, and frame previews. Both names are shown in plain text on that screen.
• States how long it is kept: not stored on Harmony's servers; held by each provider only for the duration of the request and per their published abuse-review retention windows (typically 30 days, then deleted).
• Confirms what is NOT done: the selfie is not used to train any AI model, not associated with your name / email / Apple ID, and not shared with any other third party.
• Provides a link directly to this Privacy Policy, opened in Safari for full review.
• Requires affirmative action: you must tap "I agree, continue" for the App to proceed. You can tap "Cancel — go back" to return to the photo step without sending anything.

Until you tap "I agree, continue", no part of your selfie ever leaves the device. Both Anthropic and OpenAI maintain published privacy practices that provide protections substantially equivalent to those described in this Policy; their policies are linked in the "Third-Party Services" section below.

Information We Collect

We collect the minimum information needed to deliver your color analysis and beauty report:

• Photos you upload: When you choose a selfie for analysis, the image is transmitted to our analysis providers (see "Third-Party Services" below) for the duration of the request only. We do not retain your photo on our servers.
• Onboarding preferences: Your gender preference (Woman / Man / Show me everything) and similar onboarding choices are stored locally on your device only and are never uploaded.
• Your generated report and images: Stored locally on your device using on-device storage. They are not synced to any external server by default.
• Purchase information: In-app purchases and subscriptions are processed by the Apple App Store. We use Adapty to receive subscription status events and aggregated revenue analytics; we do not receive your payment details.
• Diagnostic & analytics data: If you do not opt out via App Tracking Transparency, we collect crash reports (Sentry) and anonymous usage events (Firebase Analytics) to improve the App. These services do not receive your photo or report content.

How We Use Your Information

• To generate your personalized color analysis, face features reading, harmony score, hair guide, makeup/grooming suggestions, and frame recommendations from your selfie.
• To deliver tier-specific features (e.g., weekly outfit drops for Harmony Plus subscribers).
• To process in-app purchases and subscriptions through Apple's StoreKit and Adapty.
• To diagnose crashes and understand which features are used, in aggregate.

Third-Party Services

Harmony uses the following third-party services to deliver its core experience:

• Anthropic (Claude vision API): Receives your selfie at request time to perform the color analysis and feature reading. The image is processed transiently and is not stored by us. Anthropic's data handling is governed by their Privacy Policy.
• OpenAI (image generation API): Receives your selfie as a reference to generate your personalized palette portraits, hair guide visuals, and outfit drops. Governed by OpenAI's Privacy Policy.
• Adapty: Manages subscription state and provides aggregated subscription analytics. Governed by Adapty's Privacy Policy.
• Apple StoreKit: Processes in-app purchases and subscriptions. Governed by Apple's Privacy Policy.
• Firebase Analytics (Google): Anonymous product analytics. Governed by Google's Privacy Policy.
• Sentry: Crash and error reporting. Governed by Sentry's Privacy Policy.

Data Storage

• Your selfie is held in memory only during the analysis request and is then released. We do not store your selfie on our servers.
• Your color analysis report, generated images, and Plus-tier saved looks are stored locally on your device (SwiftData and the device file system).
• If you grant permission for the App to "track changes over time" (Plus tier), the original selfies you choose to keep are stored locally on your device only.
• Uninstalling the App removes all locally stored data.

Data Sharing

We do not sell your personal data. We do not share your selfie or your report with any third party other than the analysis providers strictly necessary to generate that report (listed above).

Data Retention

• Selfies sent for analysis: not retained by us; retention by analysis providers is governed by their own policies.
• On-device data (reports, generated images, saved looks): retained until you delete them in-app or uninstall the App.
• Subscription records: retained by Apple and Adapty for as long as required to manage your subscription and for tax/accounting compliance.

Photo Library Permission

Harmony asks for permission to access photos you explicitly choose using the system photo picker. The App does not enumerate your full library; only the selfie you select is read. You can revoke or change this permission at any time in Settings > Privacy & Security > Photos > Harmony.

Face Data

This section covers how Harmony handles face data, in line with App Store Review Guideline 5.1.1 and Apple's Face Data privacy requirements.

• What face data we collect: The single selfie photograph you explicitly choose using the system photo picker. We do not use ARKit, the TrueDepth camera, Vision face landmarks, or any face-recognition / face-identification API. We do not build a face template, faceprint, or biometric identifier of any kind. We never attempt to identify who you are.
• How face data is used: The selfie is sent over HTTPS to our analysis providers (Anthropic Claude vision and OpenAI image generation, listed above) for the sole purpose of generating your color analysis, facial-feature reading, harmony score, hair guide, makeup or grooming suggestions, and eyewear-frame recommendations. The visual analysis informs editorial recommendations only; it is not used for authentication, verification, identification, advertising, or any other purpose.
• Sharing: Face data is shared only with the two analysis providers above, and only at request time. It is not shared with any other third party. It is not sold. It is not used to build advertising profiles. It is not combined with data from other sources to identify you.
• Storage on our servers: We do not store the selfie on our servers. The image is held in memory only for the duration of the API call and is released as soon as the response returns.
• Storage on the analysis providers' servers: Anthropic and OpenAI may retain API request payloads for a limited period for abuse-monitoring purposes per their published policies (linked above). Neither provider uses Harmony API traffic for model training under their consumer-API terms.
• Storage on your device: If you grant the App permission to keep selfies locally (e.g. for the Plus tier "track changes over time" feature), the original photo is stored on your device only and never uploaded again. The generated PNG variants of your face (palette portraits, hair looks, frame previews) are stored locally on your device for the lifetime of your installation.
• Retention: On our servers — none (transient only). On your device — until you delete them in-app or uninstall the App. On the analysis providers' servers — governed by their respective retention policies (typically 30 days for abuse review).
• Deletion: Uninstalling Harmony removes all locally stored face data. You may also delete individual generated images from within the App.

Tracking and Advertising

Harmony does not currently display advertisements and does not collect the Advertising Identifier (IDFA). If we add ad-supported features in the future, we will request your permission via App Tracking Transparency and update this Privacy Policy accordingly.

Children's Privacy

Harmony is not directed to children under the age of 13 and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can promptly delete it.

Data Security

Photos in transit to our analysis providers are sent over HTTPS. Locally stored data is protected by your device's built-in encryption and passcode. No system is perfectly secure, so we encourage you to use a device passcode and to keep iOS updated.

Your Privacy Rights by Region

GDPR (European Economic Area & UK)

If you reside in the EEA or the UK, you have the following rights under the GDPR:

• Right to access your data
• Right to rectification
• Right to erasure
• Right to object to processing
• Right to data portability

Because most of your data lives on your device, uninstalling the App and deleting your subscription account removes our access to it. To exercise any other right, please contact us using the email below.

LGPD (Brazil)

If you reside in Brazil, you have rights under the LGPD including the right to access, correct, anonymize, or delete your data, and to withdraw consent.

CCPA (California)

If you reside in California: we do not sell your personal information. You have the right to know what we collect and to request deletion. Contact us using the email below.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last Updated" date and, where appropriate, by an in-app notice.