Information we collect
We collect account details such as your name and email address, onboarding responses, daily check-in selections, scan results, and any selfie image you choose to submit for a scan.
Back home
cortisol ai
cortisol aiLegal
Privacy Policy
This policy explains what cortisol ai collects, how we use it, and the choices you have. We try to keep collection limited to what is needed to run the app and personalize your experience.
Updated April 14, 2026Face data and scan inputs
For the scan feature, the face data we process is the selfie image you capture or import, together with related scan metadata and any check-in context you submit. We use this information only to generate your result, show your scorecard, save your scan history, and improve the reliability and safety of the scan flow.
How we use your data
We use your information to create your account, run scans, personalize daily reads, save progress, support account deletion requests, maintain app security, and operate the app features you choose to use.
Photos and camera access
If you grant camera or photo access, the app can capture or import selfies for analysis. In the current scan flow, the selfie image is transmitted for scan processing but is not stored by us in our own app database or Supabase storage as part of the normal scan request. If you choose to export a result card, that saved image goes to your photo library on your device.
Third-party AI processing
To generate scan results, we send the submitted selfie image and related check-in context to third-party AI processing providers, including Fal and OpenRouter, which route the request to the AI model used for the scan. We send this data only to run the scan feature you requested and generate your result and scorecard. We do not sell face data, and we do not use submitted selfies for advertising.
Notifications
If you enable notifications, we use that permission to send reminders related to check-ins, scans, or other app activity. You can turn notifications off in iPhone Settings at any time.
Sharing and service providers
We rely on service providers to operate the app, including Supabase for authentication and app data storage, and Fal and OpenRouter for scan processing. We share only the data needed to deliver the relevant feature.
Storage and retention
We retain account details, onboarding responses, daily check-ins, and saved scan results in our app systems for as long as your account remains active, unless you delete your account sooner. In the normal scan flow, we do not retain the submitted selfie image in our own app backend after the scan request is sent. Third-party AI providers may process and temporarily retain submitted scan inputs according to their own policies and retention practices.
Your choices
You can review your account information inside the app, sign out, disable notifications, and delete your account using the controls made available to you.
Security
We use reasonable technical and organizational measures to protect your data, but no system can promise absolute security. Please keep your password private and email tolanidevprojects@gmail.com if you suspect misuse.
Policy updates
We may update this policy from time to time as the app changes. When we make material updates, we may revise the effective date and present the latest version in the app.
Contact
If you have privacy questions or data requests, email tolanidevprojects@gmail.com.