Privacy Policy

This Privacy Policy explains how Glamorph ("we", "us", or "our") collects, uses, and protects your personal information when you use our mobile application and related services (collectively, the "Service"). We are based in Greece and comply with the EU General Data Protection Regulation (GDPR) and applicable data protection laws.

Information We Collect

We collect the following categories of information when you use our Service:

• Account information — When you sign in via Apple Sign-In or Google Sign-In, we receive your name, email address, and profile photo from the identity provider. We do not collect or store your Apple/Google password.
• Professional profile — During onboarding, you provide your profession (e.g., makeup artist, hairstylist), experience level, business challenges, referral source, preferred language, timezone, and currency.
• Media content — Photos and videos you upload for client sessions, portfolios, and albums. Media files are stored in cloud object storage with restricted access.
• Client data — Names, contact details, notes, and session history for your clients. You are responsible for obtaining appropriate consent from your clients before storing their personal information.
• Financial records — Payment amounts, methods, dates, and expense records you create. We do not process payments directly — subscription billing is handled through Apple App Store and Google Play.
• Device information — Device model, operating system, app version, push notification token, and IP address (recorded in session logs). We do not collect advertising identifiers (IDFA/GAID).
• Subscription data — Your subscription plan, status, trial dates, and billing period. Purchase verification is processed through RevenueCat, our subscription management provider.
• Notification preferences — Your push notification and email communication preferences, and device tokens for delivering notifications.

How We Use Your Information

We use your information for the following purposes:

• Provide, operate, and maintain the client management service
• Authenticate your identity and secure your account
• Sync your data between your devices (offline-first architecture with cloud backup)
• Process and verify subscription purchases through the App Store / Google Play
• Send push notifications for session reminders, payment alerts, and account updates
• Send transactional emails (welcome, trial status, subscription changes, account security)
• Send marketing emails about product updates (only with your consent, unsubscribe anytime)
• Manage cloud storage quotas and media file delivery
• Respond to your support requests and communications
• Detect and prevent fraud, abuse, or security incidents

Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data on the following legal bases:

• Performance of a contract — Processing necessary to provide the Service you signed up for (account management, data sync, media storage, subscription management).
• Consent — Marketing emails, push notifications, and optional onboarding data. You can withdraw consent at any time through app Settings or email unsubscribe links.
• Legitimate interest — Service improvement, fraud prevention, security, and analytics in our mobile app (pseudonymous usage data with opt-out available). We balance our interests against your rights and freedoms.
• Legal obligation — Retaining transaction and payment records as required by tax and financial regulations.

Third-Party Service Providers

We share data with the following third-party providers, solely to operate our Service. Each provider processes data under their own privacy policy and data processing agreements:

• Apple Sign-In / Google Sign-In — Authentication only. We receive your name, email, and profile photo. We never access your Apple/Google password or unrelated account data.
• RevenueCat — Subscription and in-app purchase management. Receives your anonymized user ID and purchase data. Privacy Policy
• Cloudflare (R2 Storage & CDN) — Hosts your media files (photos/videos) with encrypted object storage. Files are only accessible via temporary signed URLs. Privacy Policy
• Hetzner — Application server hosting (EU data center). Hosts our database and application code. Privacy Policy
• Expo (Push Notifications) — Delivers push notifications to your device. Receives device tokens and notification content. Privacy Policy
• Resend (Email) — Sends transactional and marketing emails. Receives your email address and name. Privacy Policy
• PostHog (Analytics) — Product analytics to understand how the app is used. EU data hosting (Frankfurt). Receives pseudonymous user ID and usage events. On our website, PostHog only loads with your cookie consent. In our mobile app, you can opt out in Settings. Privacy Policy
• Sentry (Error Tracking) — Crash and error reporting to improve app stability. EU data hosting (Germany). Receives error details, device metadata, and a pseudonymous user ID — no email or name. Privacy Policy
• Google Analytics (Website) — Traffic analysis for our marketing website only. Only loads with your cookie consent. Privacy Policy
• Formspree (Waitlist) — Processes waitlist form submissions on our website. Receives your email address when you voluntarily submit it. Privacy Policy

We do not sell, rent, or trade your personal data to any third party. We do not share your data with advertisers. Our third-party providers are used strictly for operational purposes.

Data Storage & Security

Your data is stored on secure servers hosted by Hetzner in the European Union. Media files are stored in Cloudflare R2 object storage with restricted access permissions — files are never publicly accessible and can only be retrieved via time-limited signed URLs. All data in transit is encrypted using TLS 1.2 or higher (with TLS 1.3 support). Authentication tokens on your device are stored using OS-level secure storage (iOS Keychain / Android Keystore). We implement role-based access controls, database-level permissions, and Cloudflare WAF protection to safeguard your information.

On-Device Data Storage

The Glamorph mobile app stores a local copy of your data on your device using SQLite for offline access. This includes your clients, sessions, media references, payments, and preferences. Authentication tokens and sensitive credentials are stored in your device's secure keychain (iOS) or keystore (Android), encrypted at the OS level. Your local data syncs with our cloud servers when you are online. If you uninstall the app, locally cached data is removed from your device.

Data Retention

We retain your data for as long as your account is active. When you delete your account (Settings > Account > Delete Account), we immediately begin removing your data. Soft-deleted records are permanently purged within 30 days. Media files stored in cloud object storage are deleted alongside their database records. If your subscription expires and your account becomes inactive, we will send reminder emails at 0, 60, and 85 days. After 90 days of an expired subscription with no activity, your account data may be scheduled for permanent deletion. Backup copies of data are retained for up to 30 days and then automatically rotated.

International Data Transfers

Our primary servers are located in the European Union (Hetzner, Germany). Analytics (PostHog) and error tracking (Sentry) data is also hosted in the EU. Some third-party providers (RevenueCat, Expo, Resend, Formspree, Google Analytics) may process data in the United States. Where data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) and the providers' adherence to relevant data protection frameworks.

Your Rights

Under the GDPR and applicable data protection laws, you have the following rights:

• Right of access — Request a copy of the personal data we hold about you.
• Right to rectification — Correct inaccurate or incomplete data via your account settings.
• Right to erasure — Delete your account and all associated data from Settings > Account > Delete Account.
• Right to restrict processing — Request that we limit how we use your data in certain circumstances.
• Right to data portability — Receive your data in a structured, commonly used format.
• Right to object — Object to processing based on legitimate interests. You can opt out of marketing emails at any time via unsubscribe links or email preference settings.
• Right to withdraw consent — Where processing is based on consent, you may withdraw it at any time through app Settings without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at privacy@glamorph.com. We will respond within 30 days. You also have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) or your local supervisory authority.

Children's Privacy

Glamorph is not intended for users under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that a user is under 16, we will promptly delete their account and associated data. If you believe a child under 16 has provided us with personal data, please contact us at privacy@glamorph.com.

Cookies & Tracking

The Glamorph mobile app does not use browser cookies. Our marketing website uses a cookie consent banner — analytics cookies (Google Analytics) and localStorage-based analytics (PostHog) only load after you click 'Accept All'. If you choose 'Essential Only', no analytics are loaded. Our mobile app uses PostHog for product analytics (pseudonymous, EU-hosted) under legitimate interest — you can opt out at any time in Settings > Privacy. We use Sentry for crash reporting in the mobile app (EU-hosted, pseudonymous user ID only). We do not use advertising identifiers (IDFA/GAID) or third-party tracking pixels.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal obligations. We will notify you of material changes by posting the updated policy on our website and, where appropriate, via email or in-app notification. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy. We encourage you to review this page periodically.