1. Overview
This Privacy Policy describes how Peak Looks ("we", "us", or "our") collects, uses, stores, and shares information about you when you use our mobile and web application. By using Peak Looks, you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of the App.
2. Information We Collect
We collect information you provide directly, including: your name, email address, date of birth, and profile photo when you register; photos you upload for AI analysis; messages or feedback you send us; and payment details processed through Stripe (we do not store full card numbers). We also collect information automatically, including device identifiers, IP address, operating system, app version, usage logs, session duration, feature interactions, and crash reports.
3. Photos & AI Processing
When you submit a photo for analysis, the image is transmitted securely to xAI's API for processing. xAI generates a text-based analysis which is returned to the App. Photos submitted for analysis are used solely to provide the requested AI output. We do not use your photos to train our own models without your explicit opt-in consent. Please review xAI's privacy policy at x.ai for information on how they handle inference data.
4. Authentication & Database
We use Supabase to manage user authentication and store app data, including your account profile, subscription status, analysis history, and preferences. Supabase data is stored in secure, encrypted environments. User passwords are hashed and never stored in plain text. For more information on Supabase's data handling practices, visit supabase.com/privacy.
5. Payments
Payment processing is handled by Stripe, Inc. and, for in-app purchases on iOS/Android, by Apple and Google respectively. We receive confirmation of successful transactions but do not store full payment card details on our servers. Stripe may collect and process your billing information in accordance with their privacy policy at stripe.com/privacy. Apple and Google handle all in-app purchase data pursuant to their own privacy policies.
6. App Store & Device Data
If you download Peak Looks from the Apple App Store or Google Play Store, those platforms may collect data related to your download, device, and usage in accordance with their respective privacy policies. Peak Looks may receive aggregated, non-personally-identifiable analytics from these platforms to understand install and usage trends.
7. How We Use Your Information
We use collected information to: create and manage your account; deliver, personalize, and improve the App's features; process payments and manage subscriptions; send transactional emails (e.g., receipts, password resets); send product updates or promotional communications where you have opted in; detect and prevent fraud, abuse, and security incidents; comply with legal obligations; and analyze aggregate usage patterns to improve App performance and UX.
8. Data Sharing & Disclosure
We do not sell your personal information. We share your information only with: (a) service providers such as Supabase, Stripe, xAI, and cloud infrastructure providers who process data on our behalf under confidentiality agreements; (b) law enforcement or governmental bodies when required by law, subpoena, or to protect the safety of any person; (c) a successor entity in the event of a merger, acquisition, or sale of assets, in which case we will notify you before your data is transferred. We do not share your photos or analysis results with advertisers.
9. Children's Privacy
Peak Looks is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us at support@therigidproject.com and we will promptly delete such information. For users aged 13–17, we apply additional data minimization practices and do not send marketing communications without verifiable parental consent.
10. Data Retention
We retain your account information and usage data for as long as your account is active or as needed to provide services. If you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal, tax, or fraud-prevention purposes. Analysis history may be retained in anonymized, aggregated form for product improvement.
11. Security
We implement industry-standard security measures including TLS encryption for data in transit, AES-256 encryption for data at rest, access controls limiting data access to authorized personnel, regular security audits and penetration testing, and multi-factor authentication options for user accounts. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security. In the event of a data breach affecting your information, we will notify you as required by applicable law.
12. Your Rights & Choices
Depending on your location, you may have rights including: the right to access a copy of your personal data; the right to correct inaccurate data; the right to request deletion of your data; the right to object to or restrict certain processing; the right to data portability; and the right to withdraw consent where processing is based on consent. To exercise any of these rights, contact us at support@therigidproject.com. We will respond within 30 days. We will not discriminate against you for exercising these rights.
13. Marketing Communications
With your consent, we may send you emails or push notifications about new features, promotions, or product updates. You can opt out of marketing emails at any time by clicking the unsubscribe link in any email or by adjusting your notification preferences in the App settings. You may still receive transactional emails such as payment receipts and account notifications.
14. Cookies & Tracking
Our web platform uses cookies and similar tracking technologies to maintain sessions, remember preferences, and analyze traffic. You can control cookie settings through your browser. Disabling certain cookies may affect functionality. We do not currently respond to Do Not Track (DNT) browser signals, but we honor opt-out preferences for analytics tracking where required by law.
15. International Data Transfers
Peak Looks operates in the United States. If you are accessing the App from outside the U.S., your information may be transferred to, stored, and processed in the U.S. or other countries where our service providers operate. We take appropriate safeguards — such as standard contractual clauses — to ensure your data is protected in accordance with this Privacy Policy and applicable law.
16. California Privacy Rights (CCPA)
California residents have the right to know what personal information we collect, use, disclose, and sell; the right to delete personal information; the right to opt out of sale (we do not sell personal information); and the right to non-discrimination for exercising these rights. To submit a verifiable consumer request, contact us at support@therigidproject.com.
17. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you via in-app notice or email prior to the change becoming effective. The date of the most recent revision will always appear at the top of this page. We encourage you to review this policy periodically.
18. Contact Us
If you have questions, concerns, or requests relating to this Privacy Policy or our data practices, please contact our Privacy Team at support@therigidproject.com. For EU/EEA users, you also have the right to lodge a complaint with your local supervisory authority.