Peakd is a mobile app that analyzes facial photos to generate personalized grooming, styling, and wellness tips. This policy explains what we collect, how we use it, who we share it with, and the choices you have.
1. Who we are
Peakd is operated by Equilibrium04 ("Equilibrium04", "we", "us"), a company registered in the Republic of Türkiye, located at Emniyetevler, 34415 İstanbul, Türkiye. For privacy questions or to exercise any of the rights described below, contact us at [email protected].
For users in Türkiye, Equilibrium04 is the data controller ("veri sorumlusu") under the Personal Data Protection Law No. 6698 ("KVKK"). For users in the European Economic Area and the United Kingdom, Equilibrium04 is the data controller under the GDPR / UK GDPR.
2. Information we collect
- Facial photos. When you use the analysis feature, you capture or select a photo. The photo is uploaded to our backend (Firebase Storage and Google Cloud Run) so we can run facial landmarking and generate tips.
- Derived analysis data. From the photo we compute a set of geometric measurements and scores. These, together with the tips generated for you, are stored with your account.
- Account information. When you sign in with Google or Apple, we receive a unique user ID and — depending on the provider and your choices — your email address, display name, and profile picture, through Firebase Authentication. If you use Sign in with Apple, you may choose to hide your email, in which case we receive a private relay address.
- Onboarding answers. Your gender, age range, self-rating, goal rating, target areas, and other survey responses are stored with your account to personalize analysis.
- Subscription status. Whether you have an active paid subscription, the tier, and its expiry. Payment card details are never seen or stored by us — they are handled by the Apple App Store and Google Play.
- Device and diagnostic data. Crash reports, performance traces, and product-analytics events (screen views, feature use) are collected to help us fix bugs and improve the app. These do not include your photos.
- Push notification token. If you grant notification permission, we store a device-specific push token so we can send you progress reminders. You can revoke this at any time from your device settings.
3. How we use it
- To perform facial landmarking, generate scores, and return personalized tips for you.
- To authenticate you and keep you signed in across sessions.
- To verify your subscription status and unlock paid features.
- To diagnose crashes and improve app stability and usability.
- To send product updates or reminders if you opted in to notifications.
We do not sell your personal data. We do not use your photos to train machine-learning models. We do not show third-party advertising.
4. Who we share it with
We rely on the following service providers ("processors") to operate the app. They act on our instructions and under their own privacy and security commitments:
- Google / Firebase — Authentication, Firestore (account data), Cloud Storage (photos), Cloud Messaging (notifications), Crashlytics and Analytics (diagnostics). Firebase privacy.
- Google Cloud Run — Our backend API, which receives your photo to perform facial analysis and returns the results.
- Google Gemini API — Your photo, together with your analysis results (scores, measurements, survey answers), is sent to Google's Gemini model so it can generate personalized tips based on what it sees. Gemini API terms.
- Adapty — Subscription management. Adapty processes your subscription events and a user identifier to track your entitlement and paywall state. Adapty privacy.
- PostHog — Product analytics. Anonymous-by-default usage events that help us understand and improve the app. PostHog privacy.
- Apple App Store / Google Play — Payment processing for subscriptions.
We do not share your data with advertisers or data brokers.
5. Data retention
- Your account, analyses, and photos are kept as long as you have an active account.
- If you delete your account, your photos are deleted within 30 days and your account data within 90 days, except where we are required to retain records for legal, tax, or fraud-prevention reasons.
- Aggregated or anonymized analytics that no longer identify you may be retained longer.
You can request account deletion from within the app, or via our account deletion page.
6. Your rights
Depending on where you live, you may have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete data.
- Delete your account and the associated data.
- Export your data in a portable format.
- Object to or restrict certain processing.
- Withdraw consent where processing is based on consent.
- Lodge a complaint with your data protection authority — in Türkiye, the Personal Data Protection Authority (Kişisel Verileri Koruma Kurumu).
To make any of these requests, email [email protected]. We will respond within 30 days.
7. Security
All data is transmitted over HTTPS. Photos and personal data are stored in Firebase with access restricted by security rules tied to your authenticated user ID. We limit internal access to personal data to what is needed to operate the service.
8. Children
Peakd is intended for users aged 18 and over. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us data, contact us and we will delete it.
9. International transfers
Our processors are based primarily in the United States and the European Union. If you use the app from Türkiye or elsewhere, your data will be transferred to and processed in those countries, under appropriate safeguards provided by the processors' privacy frameworks and contractual commitments.
10. Changes to this policy
We may update this policy from time to time. When we do, we will update the "Last updated" date above and — for material changes — ask you to review the updated policy in the app. Continued use of the app after an update means you accept the revised policy.
11. Contact
Questions, requests, or concerns? Email [email protected].