Last updated: March 24, 2026

Privacy Policy

Kamileo ("we," "our," or "us") operates the Kamileo mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the App. Please read this policy carefully. By using the App, you consent to the practices described herein.

Information We Collect
How We Use Your Information
AI and Automated Processing
Photo and Image Data
How We Share Your Information
Third-Party Services
Data Security and Retention
Your Privacy Rights
Children's Privacy
International Data Transfers
Changes to This Policy
Contact Us
Supplemental Notices

1. Information We Collect

Information You Provide

Account information: Email address, name, and authentication credentials when you create an account (including via Google Sign-In or Sign in with Apple).
Profile and questionnaire data: Age, gender, height, weight, hair type, hair concerns, scalp health, diet preferences, lifestyle habits, and health-related information you provide during onboarding.
Photos: Hair photos you capture for AI analysis and meal photos you take for nutrition scoring.
Food logs: Meal descriptions, food items, and nutrition data from your food logging activity.
Hair care logs: Care routines, product usage, and hair diary entries you record.
Feedback: Feature requests, support messages, and other communications you send us.

Information Collected Automatically

Device information: Device type, operating system version, app version, and device identifiers.
Usage data: How you interact with the App, including screens visited, features used, and session duration.
Purchase data: Subscription status, transaction history, and billing period (processed through Apple's App Store and our subscription management provider).

2. How We Use Your Information

We use the information we collect to:

Provide the service: Deliver personalized hair health insights, AI-powered meal scoring, nutrient tracking, and care recommendations based on your profile and goals.
Personalize your experience: Tailor nutrient targets, meal scores, and hair care plans to your specific hair type, health profile, and dietary habits.
Process AI analysis: Analyze your hair photos and meal photos using AI to generate health assessments and nutrition scores.
Send notifications: Deliver daily reminders and relevant updates you've opted into.
Improve the App: Analyze usage patterns to fix bugs, improve features, and enhance the user experience.
Manage subscriptions: Process and manage your Kamileo Pro subscription.
Respond to you: Address support requests, feature feedback, and other communications.

We do not use your data for advertising, marketing to third parties, or data mining.

3. AI and Automated Processing

Kamileo uses third-party AI services to analyze your hair photos and meal photos. This section explains exactly how your data is processed by AI.

Hair Photo Analysis

When you take a hair scan, your photos are securely transmitted to our servers and processed using third-party AI models (provided by services such as OpenAI and Anthropic, accessed through our AI routing provider) to assess hair condition, density, scalp health, and visible concerns. The AI generates a health score and personalized recommendations.

Meal Photo Analysis

When you snap a meal, your photo is transmitted to our servers and analyzed by AI to identify food items and estimate nutrient content relevant to hair health (such as biotin, zinc, iron, and omega-3 fatty acids).

How AI Data Is Handled

Photos are transmitted using encrypted connections (HTTPS/TLS).
We do not use your photos or personal data to train AI models.
AI analysis results are stored in your account to provide ongoing insights and progress tracking.
You can delete all your data, including AI analysis results, at any time through the App settings.

AI Limitations

AI analysis is informational only and not intended as medical diagnosis. Results may vary in accuracy. Always consult a qualified healthcare professional for medical advice.

4. Photo and Image Data

We take your photo privacy seriously:

Hair photos are used solely for your AI hair analysis and progress tracking. They are stored securely on our servers and associated with your account.
Meal photos are used for AI-powered nutrition analysis. Thumbnail images may be stored for your meal history.
Photos are not shared with other users, used for advertising, or sold to third parties.
You can delete your photos and all associated data at any time by deleting your account in the App settings.
We access your device camera only when you actively use the photo capture feature. We access your photo library only when you choose to select an existing photo.

5. How We Share Your Information

We do not sell your personal information.

We may share information with the following categories of recipients, solely to operate and improve the App:

Cloud infrastructure providers: To host our servers, databases, and application backend.
AI service providers: To process hair and meal photo analysis (as described in Section 3).
Subscription management: To process and manage your subscription status and entitlements.
Analytics providers: To understand app usage patterns and improve the user experience. Analytics data is used in aggregate and is not used for advertising.
Legal requirements: If required by law, regulation, legal process, or governmental request.

6. Third-Party Services

The App integrates with the following third-party services:

Supabase: Cloud database and authentication infrastructure.
RevenueCat: Subscription management and in-app purchase processing.
PostHog: Product analytics to understand feature usage and improve the App. PostHog does not track you across other apps or websites.
AI providers (via Requesty): OpenAI and Anthropic models for photo analysis and content generation.
Apple App Store: Payment processing for subscriptions.

Each third-party service operates under its own privacy policy. We require our service providers to protect your data consistent with this Privacy Policy.

7. Data Security and Retention

We implement industry-standard security measures to protect your information:

All data is transmitted over encrypted connections (TLS/HTTPS).
Database access is restricted through row-level security policies.
Authentication tokens are securely managed and rotated.
We conduct regular security reviews of our infrastructure.

Retention: We retain your personal data for as long as your account is active. When you delete your account, all personal data is permanently removed from our servers within 30 days, except where retention is required by law.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

Access: Request a copy of your personal data.
Correction: Request correction of inaccurate data.
Deletion: Delete your account and all associated data directly in the App (Settings > Delete My Account), or by contacting us.
Data portability: Request your data in a portable format.
Withdraw consent: Withdraw consent for data processing at any time by deleting your account.
Opt out of analytics: Contact us to opt out of product analytics.

To exercise any of these rights, contact us at support@kamileo.online.

9. Children's Privacy

Kamileo is not intended for children under 13 years of age (or under 16 in the European Economic Area). We do not knowingly collect personal information from children. If we learn that we have collected data from a child, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at support@kamileo.online.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including standard contractual clauses where required, to protect your data during international transfers.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date at the top of this page and, where appropriate, providing notice within the App. Your continued use of the App after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

Email: support@kamileo.online

13. Supplemental Notices

For California Residents (CCPA/CPRA)

Under the California Consumer Privacy Act, you have the right to know what personal information we collect, request its deletion, and opt out of the sale of your personal information. We do not sell your personal information. To exercise your rights, contact us at support@kamileo.online.

For European Economic Area, UK, and Swiss Residents (GDPR)

Our lawful bases for processing your data include: your consent (for AI photo analysis), performance of a contract (providing the App service), and legitimate interests (improving the App). You have the right to access, rectify, erase, restrict processing, data portability, and object to processing. You also have the right to lodge a complaint with your local data protection authority. To exercise your rights, contact us at support@kamileo.online.

For Washington State Residents (MHMDA)

Consumer health data collected through the App is used solely to provide hair health and nutrition insights. We do not sell consumer health data. You may exercise your rights regarding consumer health data by contacting us at support@kamileo.online.