Privacy Policy

Last updated: May 2, 2026

1. Information We Collect

When you use Herbiskea, we may collect the following information:

  • Account Information: Name, email address, and profile details when you create an account or sign in with Google.
  • Analysis Data: Photos you upload and questionnaire responses for AI-powered skin and hair analysis. Photos are processed for analysis and are not shared with third parties.
  • Order Information: Purchase history, payment details (processed securely through Paystack -- we do not store your card numbers), and order preferences.
  • Usage Data: Pages visited, features used, and interaction patterns to improve the platform experience.
  • Saved Content: Favorites, collections, shopping lists, and formulations you create on the platform.

2. How We Use Your Information

  • Provide AI-powered skin and hair analysis personalized to you
  • Process recipe purchases and manage your orders
  • Save your favorites, collections, and formulations
  • Send account-related emails (verification, password reset, order confirmations)
  • Improve platform features and user experience
  • Ensure platform security and prevent misuse

3. Third-Party Services

We use the following third-party services to operate Herbiskea:

  • Google OAuth: For secure sign-in. We receive your name, email, and profile picture from Google. We do not access your Google account beyond authentication.
  • Paystack: For secure payment processing. Your payment information is handled directly by Paystack and is never stored on our servers.
  • Cloudinary: For image storage and optimization. Uploaded analysis photos are stored securely.
  • OpenAI / Google AI: For AI-powered analysis. Your analysis data is sent to AI services for processing but is not used to train their models.
  • Resend: For sending transactional emails (verification, password reset, order confirmations).

4. Data Storage and Security

Your data is stored securely on encrypted databases hosted by Neon (PostgreSQL). We implement industry-standard security measures including HTTPS encryption, secure authentication tokens, rate limiting, and input sanitization. We do not sell, trade, or rent your personal information to third parties.

5. Cookies and Local Storage

We use essential cookies for authentication sessions and theme preferences. We use local storage for caching analysis results, shopping cart data, and PWA functionality. We do not use third-party tracking cookies or advertising cookies.

6. Your Rights

You have the right to:

  • Access and download your personal data
  • Update or correct your account information
  • Delete your account and associated data
  • Opt out of non-essential communications
  • Request information about how your data is used

7. Data Retention

We retain your account data for as long as your account is active. If you delete your account, your personal data will be removed within 30 days. Anonymous, aggregated data may be retained for analytics purposes.

8. Children's Privacy

Herbiskea is not intended for users under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will remove it promptly.

9. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated date. Continued use of the platform after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this privacy policy or your personal data, contact us at hello@herbiskea.com.