Maxxr · Privacy

Maxxr Privacy Policy

Last updated: January 2026

1. Introduction

Maxxr ("we", "our", or "us") is operated by VitalApps Ltd, a company registered in the United Kingdom. This Privacy Policy explains how we collect, use, process, store, and safeguard your information when you use the Maxxr iOS application.

By using Maxxr, you agree to the practices described in this policy.

2. Information We Collect

Facial Images & Facial Analysis Data

Photos you capture with the camera or select from your photo library for AI-powered facial analysis, and non-identifying analysis data derived from those images (such as skin features, proportions, symmetry, and aesthetic indicators).

Onboarding Information

Non-identifying preferences you provide during onboarding (age band, gender, primary goal). We do not ask for your name, email address, or contact details.

Device & Usage Information

Anonymous information about your device (device model, operating system version, app version) and aggregated usage data (features used, frequency of scans), collected to improve app stability and user experience. This information cannot identify you personally.

3. How We Use Your Information

We use collected information solely to:

• Provide AI-powered facial analysis features that you request
• Process facial images to generate personalised appearance insights, scores, and routine recommendations
• Display analysis results within the app
• Maintain a personal scan history on your device so you can track progress over time
• Improve app performance and stability
• Maintain security and prevent abuse

Maxxr does not perform biometric identification, facial recognition, identity verification, or create biometric identifiers or biometric templates.

Facial data is not used for advertising, tracking, profiling, or AI model training.

4. User Consent & Control

Facial images are processed only after an explicit user action (capturing a new photo or selecting one from your library).

You may delete any photo, scan result, or your entire scan history from within the Maxxr app at any time.

Core app functionality is not dependent on providing optional information.

5. Data Storage & Security

On your device: Photos you capture or import for analysis, your scan history, your scores, and your app preferences are stored only on your iPhone, in Maxxr's local app storage. Maxxr does not back up your photos or analysis data to iCloud, our servers, or any third-party storage.

Not on our servers: VitalApps Ltd does not operate a facial image database. We do not retain copies of your photos or analysis results on our servers.

We apply appropriate technical and organisational safeguards consistent with Apple's iOS security and privacy standards.

6. Third-Party Processing & Data Sharing

To perform AI-powered facial analysis, the photo you submit is transmitted securely (over HTTPS) to two service providers solely for the purpose of generating your analysis:

Cloudflare, Inc. — operates the network proxy that forwards your image to our AI provider. Cloudflare may briefly process the image in transit but does not retain it. See Cloudflare's privacy policy at https://www.cloudflare.com/privacypolicy/.

OpenAI, L.L.C. — performs the AI analysis using GPT-4o vision and returns the resulting scores and insights. Per OpenAI's API data usage policy:

• OpenAI does not retain facial images sent through the API
• OpenAI does not use API images for model training
• OpenAI does not use API images for biometric identification, advertising, or profiling

See OpenAI's API data privacy commitments at https://openai.com/policies/api-data-usage-policies/.

VitalApps Ltd does not sell, rent, or share facial data for marketing purposes. All third-party service providers used by Maxxr are required to provide data protection and security standards equal to or greater than those described in this Privacy Policy and in accordance with Apple's App Store Review Guidelines.

International transfer: OpenAI and Cloudflare process data on servers located in the United States. By using Maxxr, you consent to this transfer. Both providers have standard contractual safeguards in place for transfers from the UK / EU.

7. Data Retention & Deletion

VitalApps Ltd does not retain facial images or analysis data on its own servers.

Your facial images and analysis data remain stored only on your device until deleted by you. To delete:

• Remove individual scans from within the app
• Reset your full history from the app's profile settings
• Uninstalling Maxxr permanently removes all locally-stored Maxxr data from your device

OpenAI's transient processing of submitted images is governed by their own retention policy (no retention for API calls).

8. Your Rights (UK / EEA Users)

If you are in the United Kingdom or European Economic Area, you have the following rights under UK GDPR / EU GDPR:

• Access: request a copy of any personal data we hold (note: we hold none on our servers, your data is on your device).
• Erasure: delete your data, which you can do directly within the app at any time.
• Restriction / objection: stop or limit further processing.
• Withdraw consent: revoke camera and photo library access at any time in iOS Settings → Maxxr.
• Lodge a complaint with the UK Information Commissioner's Office (ICO) at https://ico.org.uk/, or your local data protection authority.

Our lawful basis for processing facial images is your explicit consent (UK GDPR Article 9(2)(a)), which you grant by capturing or selecting an image for analysis.

9. Children's Privacy

Maxxr is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us so we can remove it.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be reflected by the "Last updated" date above. If we ever change how facial analysis works (for example, if we begin storing images on our own servers), we will update this policy clearly and prominently before the change takes effect.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

VitalApps Ltd
Email: vitalappsltd@gmail.com