Privacy Policy

Last updated: 6/6/2025

1. Introduction

Welcome to MySeason. We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice, or our practices with regards to your personal information, please contact us using the details provided in the "Contact Us" section below.

This privacy policy applies to all information collected through our mobile and web application ("App"), and/or any related services, sales, marketing or events (we refer to them collectively in this privacy policy as the "Services").

Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal information with us.

2. Information We Collect

We collect personal information that you voluntarily provide to us when you register on the App, express an interest in obtaining information about us or our products and Services, when you participate in activities on the App or otherwise when you contact us.

The personal information that we collect depends on the context of your interactions with us and the App, the choices you make and the products and features you use. The personal information we collect may include the following:

  • Personal Information Provided by You: We collect:
    • Email addresses and passwords when you create an account.
    • Selfies/images you upload for color and season analysis.
    • Your answers to our analysis questionnaire.
    • Information required to process payments if you subscribe to our services, such as your name and billing details. Please note that actual payment card details are processed directly by our payment processor (Stripe) and are not stored by us.
  • Automatically Collected Information: We automatically collect certain information when you visit, use or navigate the App. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our App and other technical information. This information is primarily needed to maintain the security and operation of our App, and for our internal analytics and reporting purposes. We do not currently use additional third-party analytics services or tracking technologies beyond what is essential for the functioning and security of the App.
  • Information collected from other sources: If you choose to register or log in to our web application using a third-party account, such as Google, we may receive certain information about you from the third party. The information we receive may include your name, email address, profile picture, and other information you choose to make public on such third-party account, depending on your privacy settings with that provider. For our mobile application, we only support account creation and login via email and password at this time and do not collect information from other sources in that context.

3. How We Use Your Information

We use personal information collected via our App for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below.

We use the information we collect or receive:

  • To provide and manage our Services. We use your information to deliver the core functionality of MySeason, which includes performing color and season analysis based on the selfies and questionnaire answers you provide. This involves processing the uploaded image and questionnaire data with our AI models (including third-party models like Anthropic Claude) to generate your analysis results.
  • To facilitate account creation and logon process. If you choose to link your account with us to a third-party account (such as your Google account for the web application), we use the information you allowed us to collect from those third parties to facilitate account creation and logon process for the performance of the contract. For email and password sign-ups, we use your provided credentials to create and manage your account.
  • To manage user accounts. We may use your information for the purposes of managing your account and keeping it in working order, including processing subscriptions and payments through our third-party payment processor (Stripe).
  • To send administrative information to you. We may use your personal information to send you product, service and new feature information and/or information about changes to our terms, conditions, and policies.
  • To protect our Services. We may use your information as part of our efforts to keep our App safe and secure (for example, for fraud monitoring and prevention).
  • To enforce our terms, conditions and policies for business purposes, to comply with legal and regulatory requirements or in connection with our contract.
  • To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.
  • To respond to user inquiries and offer support. We may use your information to respond to your inquiries and solve any potential issues you might have with the use of our Services.

4. Will Your Information Be Shared With Anyone?

We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations.

We may process or share your data that we hold based on the following legal basis:

  • Consent: We may process your data if you have given us specific consent to use your personal information for a specific purpose.
  • Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
  • Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
  • Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
  • Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

More specifically, we may need to process your data or share your personal information in the following situations:

  • Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. These include:
    • AI Model Providers: To provide the core analysis feature, we share the images you upload and your questionnaire answers with AI service providers, such as Anthropic (for the Claude model). These providers act as data processors, processing your data on our behalf to generate the season and color analysis. We encourage you to review Anthropic's privacy policy to understand how they handle data they process: Anthropic Privacy Policy. We also use Google Vision API (from Google LLC) to detect facial landmark regions from the images you upload. This information is used to accurately extract color data for your analysis. You can review Google's privacy policy here: Google Privacy Policy.
    • Payment Processors: We use Stripe for payment processing. When you make a purchase, your payment information is provided directly to Stripe. We do not store your full payment card details. You can review Stripe's privacy policy here: Stripe Privacy Policy.
    • Authentication Services: For users who choose to sign up or log in to our web application using Google, we share and receive information with Google LLC to facilitate this process, based on your permissions. You can review Google's privacy policy here: Google Privacy Policy. For email and password authentication, we use Better Auth. Currently, this does not involve third-party email services for verification or password resets that would handle your email address outside of our direct control.
    • Cloud Storage Providers: The images you upload for analysis are temporarily stored on Vercel Blob, a cloud blob storage service provided by Vercel Inc., before being processed and then deleted after a successful analysis. You can review Vercel's privacy policy here: Vercel Privacy Policy.
    • Hosting Providers: Our application and data are hosted on infrastructure provided by Vercel Inc. You can review Vercel's privacy policy here: Vercel Privacy Policy.

5. How Long Do We Keep Your Information?

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements).

Specifically:

  • Uploaded Images (Selfies): Images you upload for analysis are temporarily stored on our service provider's (Vercel Blob) servers. These images are deleted from storage shortly after your analysis is successfully completed and the results are generated. We do not retain copies of your original uploaded images beyond this processing period.
  • Questionnaire Answers and Analysis Results: We retain your questionnaire answers and the generated analysis results in our database for as long as your account remains active with us. This information is deleted when you delete your account.
  • Account Information: We retain your account information (such as your email address, password hash, and any linked Google account identifiers if applicable) for as long as your account remains active with us. If you choose to delete your account, all your account information, questionnaire answers, and analysis results will be deleted immediately from our active databases.

When we have no ongoing legitimate business need to process your personal information (e.g., after the specified retention periods or upon effective account deletion), we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

6. How Do We Keep Your Information Safe?

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our App is at your own risk. You should only access the App within a secure environment.

Some of the measures we use to protect your information include:

  • Encryption of data in transit (e.g., using HTTPS) and at rest where appropriate for sensitive information.
  • Working with reputable third-party service providers (such as Vercel, Stripe, Anthropic) who implement their own robust security measures for the services they provide to us.
  • Implementing access controls to limit access to personal data to authorized personnel on a need-to-know basis.
  • Regularly reviewing our information collection, storage, and processing practices, including physical security measures, to guard against unauthorized access to systems.
  • Secure deletion practices for data that is no longer needed, such as the uploaded images after analysis.

It is also important for you to protect against unauthorized access to your password and to your computer or mobile device. Be sure to sign off when finished using a shared computer and use a strong, unique password.

7. Your Data Protection Rights

In some regions (like the European Economic Area (EEA) and United Kingdom (UK) and Canada), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information. To make such a request, please use the contact details provided below. We will consider and act upon any request in accordance with applicable data protection laws.

If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.

If you are resident in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: European Data Protection Board Members.

We aim to provide all our users with strong data protection rights, regardless of their location. If you are a resident of California, USA, you are granted specific privacy rights regarding access to your personal information under the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA). These rights may include the right to know about personal information collected, disclosed, or sold, the right to request deletion of personal information, and the right to opt-out of the sale of personal information (though we do not currently sell personal information).

Account Information: If you would at any time like to review or change the information in your account (such as your email address or password), or terminate your account, you can do so by accessing your profile page and account settings within the App. Our App provides a direct option to delete your account, typically found within your account settings or profile page. Upon your request to terminate your account via this in-app function, we will deactivate or delete your account and associated information (including questionnaire answers and analysis results) immediately from our active databases, as described in Section 5. However, we may retain some information in our files if necessary to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Use and/or comply with applicable legal requirements.

8. Children's Privacy

Our Services are not intended for use by children. We define "children" as individuals under the age of 13 (or a higher age if stipulated by applicable data protection laws in your jurisdiction, such as 16 in some parts of the European Economic Area).

We do not knowingly collect personally identifiable information from children. If you are a parent or guardian and you become aware that your child has provided us with Personal Information without your consent, please contact us. If we become aware that we have collected Personal Information from children without verification of parental consent (where required), we take steps to remove that information from our servers.

If you are under the specified age, please do not use our Services or provide any personal information to us.

9. Changes to This Privacy Policy

We may update this privacy policy from time to time. The updated version will be indicated by an updated "Last updated" date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.

10. Contact Us

If you have questions or comments about this privacy policy, or any concerns or complaints regarding our collection and use of your data, you may contact us by email at: info@myseasonapp.com.