top of page
facebook_FACEBOOK.jpg

BareScan | Privacy Policy

Information We Collect

We collect information you provide directly to us, such as when you create an account, use our body composition analysis service, or contact us for support.

Personal Information:

  • Name, email address, and contact information

  • Account credentials and profile information

  • Physical measurements (age, weight, height, gender)

  • Body composition photos submitted for analysis

  • Payment and billing information

How We Use Your Information

We use the information we collect to:

  • Provide and improve our body composition analysis services

  • Process your photos using AI technology to generate insights

  • Maintain your account and provide customer support

  • Process payments and manage subscriptions

  • Send you important updates about our service

  • Comply with legal obligations

Data Security and Storage

We take the security of your data seriously and implement industry-standard measures to protect it:

  • External Object Storage: All body scan images are stored in secure, encrypted external object storage using Google Cloud Storage infrastructure

  • Private ACL Policies: Each image has individual Access Control List (ACL) policies ensuring owner-only access

  • Encryption at Rest: All stored data is encrypted using industry-standard AES-256 encryption

  • Secure Transmission: All data is transmitted using TLS 1.3 encryption protocols

  • Strict Access Controls: Only you can access your personal body scan images and analysis results through authenticated sessions

  • Persistent Storage: Body scan images are retained in your account to enable progress tracking and historical analysis comparisons

  • Separation of Concerns: Photos are stored separately from user account data in dedicated secure storage infrastructure

  • No Third-Party Access: We never share your body composition data with third parties, and our team cannot access your private images

Photo Processing and AI Analysis

When you upload photos for body composition analysis:

  • Secure Processing: Photos are processed using OpenAI's secure AI technology to generate your body composition analysis

  • Permanent Secure Storage: Images are permanently stored in encrypted external object storage (Google Cloud Storage) with private ACL policies ensuring only you can access your data

  • Owner-Only Access: Each photo has individual access control policies - only you as the owner can view or access your body scan images

  • Progress Tracking: Photos and analysis results are retained in your account to enable progress tracking and historical comparisons

  • Single-Purpose Use: We use your photos exclusively for providing your body composition analysis and progress tracking

  • Data Control: You can request deletion of your photos and all associated data by contacting support

  • No Sharing: Your body scan images are never shared with third parties or used for any other purposes

Information Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties except:

  • With your explicit consent

  • To trusted service providers who assist in operating our service (under strict confidentiality agreements)

  • When required by law or to protect our rights and safety

  • In connection with a business transfer (with notice to you)

Your Rights and Choices

You have the right to:

  • Access, update, or delete your personal information

  • Download your data in a portable format

  • Opt out of marketing communications

  • Request deletion of your account and all associated data

  • Contact us with questions about your privacy

Cookies and Tracking

We use cookies and similar technologies to improve your experience, maintain your session, and analyze usage patterns. You can control cookie settings through your browser preferences.

Children's Privacy (COPPA Compliance)

Our service is not intended for children under 18. We do not knowingly collect personal information from children under 13 in compliance with the Children's Online Privacy Protection Act (COPPA). If you become aware that a child under 13 has provided us with personal information, please contact us immediately and we will delete such information from our systems.

Users between 13-18 years old must have parental consent before using our service.

California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request information about the personal information we collect, use, and share

  • Right to Delete: You can request deletion of your personal information

  • Right to Opt-Out: You can opt-out of the sale of personal information (we do not sell personal information)

  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us at privacy@barescan.comwith "California Privacy Request" in the subject line.

Data Processing Lawful Basis

We process your personal information based on the following lawful bases:

  • Contract Performance: To provide our body composition analysis services

  • Legitimate Interest: To improve our services and prevent fraud

  • Consent: For marketing communications (where you have opted in)

  • Legal Obligation: To comply with applicable laws and regulations

International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including:

  • Standard Contractual Clauses approved by relevant authorities

  • Adequacy decisions by relevant privacy authorities

  • Other appropriate safeguards as required by applicable law

Data Breach Notification

In the unlikely event of a data breach that poses a risk to your privacy, we will:

  • Notify relevant authorities within 72 hours where required by law

  • Inform affected users without undue delay

  • Provide clear information about the nature of the breach and steps taken

  • Offer guidance on protective measures you can take

Automated Decision Making

Our AI-powered body composition analysis involves automated processing. You have the right to:

  • Request human review of automated decisions that significantly affect you

  • Express your point of view regarding automated processing

  • Contest decisions made solely through automated means

Note: Our AI analysis is for informational purposes only and should not be considered medical advice.

Privacy by Design

We implement privacy by design principles throughout our service:

  • Data Minimization: We only collect data necessary for our services

  • Purpose Limitation: Data is used only for stated purposes

  • Storage Limitation: Data is retained only as long as necessary

  • Security by Default: Strong security measures are implemented by default

  • Transparency: Clear communication about our data practices

Third-Party Services

We use the following third-party services that may process your data:

  • Payment Processing: Stripe (for subscription and payment processing)

  • Email Services: Resend (for account-related emails)

  • AI Processing: OpenAI (for body composition analysis)

  • Cloud Storage: Object storage providers (for secure image storage)

Each service operates under their own privacy policies and security standards. We ensure all third parties meet our privacy and security requirements.

Changes to This Policy

We may update this privacy policy from time to time. For material changes, we will:

  • Provide 30 days advance notice via email

  • Post prominent notice on our website

  • Update the "Last updated" date

  • Obtain consent where required by law

Your continued use of the service after changes become effective constitutes acceptance of the new policy, unless additional consent is required.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

bottom of page