Tanned · Legal · Privacy
Privacy Policy
Last updated · 3 June 2026
This policy describes how Tanned ("we", "our", "us"), operated by Coolappcompany Ltd, Limassol, Cyprus, collects, uses, and shares your information when you use the Tanned mobile application.
By using the App, you agree to this policy. If you do not agree, please do not use the App.
1. Who we are
Tanned is operated by Coolappcompany Ltd, registered in Limassol, Cyprus. We are the controller of personal data processed through the App.
2. What we collect
Account information.When you create an account, we receive an identifier from Apple Sign-In via Supabase Auth. If you choose Apple's "Hide My Email" relay, we only ever see the relay address. You may also use the App as an anonymous Supabase user with no email.
Skin scans. Inner-arm photos you capture for scanning are uploaded to private Supabase Storage buckets. Photos are accessible only via short-lived signed URLs.
Scan analysis.Computed from your inner-arm scan photo: Fitzpatrick stage, ITA value, tanning level, sun-damage indicator, skin-age indicator, freckles count, evenness score, and recovery status. Analysis is performed by Google's Gemini Flash 2.5 API on a per-request basis. Photos are not retained by Google after analysis and are not usedto train Google's models.
Self-reports. Age (18+ confirmed at onboarding), pre-session skin state (normal / warm / tender), post-session redness (none / slight / moderate / significant).
Sessions. Timestamps, duration, UV exposure, MED budget percentage, and position changes during a session.
Profile. Home location latitude/longitude (used to fetch UV forecast), home city string, and an optional name.
Health-adjacent metrics. Skin tone, Fitzpatrick type, age, medications you choose to disclose, and SPF habits.
Subscription data. Subscription state and receipt verification are handled by RevenueCat using an anonymized user identifier. We do not receive payment details.
Analytics. Anonymous product analytics events via Mixpanel, keyed to an anonymized user identifier. Tanned does not request iOS App Tracking Transparency permission and does not collect IDFA.
Device and usage data. Anonymous technical information (device type, iOS version, app version, language, crash reports) for keeping the App stable.
What we do NOT collect. Real-time location tracking (we only use the home location you set), Apple HealthKit data (Tanned does not integrate with HealthKit in v1.0), photos or camera-roll content beyond explicit scan capture, contacts, calendar, or other device data, and IDFA.
3. How we use your data
We use your information to:
- Calculate session-length recommendations safe for your skin
- Track MED budget and warn you before overexposure
- Run scan analysis and surface progression over time
- Fetch UV index and cloud cover for your home location
- Process and verify your subscription
- Improve, secure, and maintain the App
- Comply with legal obligations
Why we briefly store inner-arm scan photos. Photos are stored briefly (up to 30 days) for one purpose only: to give you the option to revisit a recent scan in-app within the retention window. We do not use stored scan photos for advertising, machine-learning model training, identification, behavioral profiling, or any purpose other than the skin-tone analysis you initiated by taking the scan.
4. Who has access (third parties)
We do not sell your personal information. We share information only with the processors below:
- Supabase(EU region, Frankfurt) — primary database, authentication, and private storage. Account, profile, scan, and session data is stored on Supabase's EU servers.
- Google (Gemini Flash 2.5 API)— processes scan photos for analysis on a per-request basis. Photos are not retained by Google and are not used to train Google's models.
- Open-Meteo — public weather API for UV index and cloud cover. Only latitude/longitude is sent; no personal identifiers.
- RevenueCat — subscription management and receipt verification, keyed to an anonymized identifier.
- Mixpanel — anonymous product analytics, keyed to an anonymized identifier; no IDFA, no PII.
- Apple (App Store, APNs, Sign in with Apple) — handles distribution, push notifications, and authentication.
- For legal reasons — we may disclose information when required by law, subpoena, or valid legal process.
- In aggregated or anonymized form — statistics that do not identify you individually.
5. International transfers
Tanned is operated from Cyprus (European Union). Your data is primarily stored and processed in the EU (Supabase Frankfurt). Some processors (Google, RevenueCat, Mixpanel, Apple) may process data in the United States. We rely on standard contractual clauses and equivalent mechanisms for international transfers.
6. Your rights (GDPR / CCPA)
Access. Request a copy of your data by emailing contact@coolappcompany.com. CSV export from inside the App is coming in v1.1.
Rectification. Edit your profile in the Me tab.
Deletion. Request account deletion by emailing contact@coolappcompany.com. Deletion enters a 30-day soft-delete window, after which your data is hard-purged.
Portability and opt-out. You may cancel your subscription at any time via Apple ID Settings → Subscriptions and delete your account as above.
EU and UK residents (GDPR). You have the right to access, rectify, erase, restrict processing, object to processing, and port your data. Contact contact@coolappcompany.com. You also have the right to lodge a complaint with your local data protection authority.
California residents (CCPA). Right to know, to delete, to correct, to opt out of sale or sharing (we do neither), and to non-discrimination. Contact contact@coolappcompany.com.
7. Children's privacy
Tanned is rated 17+ on the App Store and hard-blocks anyone who does not confirm they are 18 or older during onboarding. We do not knowingly collect personal information from children under 18. If we learn we have collected information from a user under 18, we will delete it promptly.
8. Data retention
Account data. Active accounts: data is retained for as long as the account is active. Deleted accounts: 30-day soft-delete window, then hard purge.
Inner-arm scan photos. Photos captured during inner-arm scans for ITA° skin-tone analysis are stored in our private Supabase Storage for a maximum of 30 days from the date of capture, after which they are automatically and permanently deleted by a scheduled background job that runs nightly. This 30-day window exists so that you can revisit a recent scan in-app if you have a question about its result; we do not need the original image beyond that period because the derived numerical measurements (Fitzpatrick stage, ITA° value, L*a*b* values, sun-damage indicator, skin-age indicator, freckles count, evenness score, recovery status) are sufficient to power all in-app coaching, history, and progression features. The derived measurements are retained for the lifetime of your account so that you can view scan history over time. If you delete your account, all inner-arm scan data — both any photos still within the 30-day window and all derived measurements — is included in the 30-day soft-delete window and then hard-purged.
9. Security
We use industry-standard safeguards — encryption in transit (HTTPS/TLS), encryption at rest, private storage buckets with signed-URL access, and access controls. No method of transmission over the internet is perfectly secure, but we work hard to keep your information safe.
10. Changes to this policy
We may update this policy from time to time. Material changes will be notified through the App or by email. The "Last updated" date at the top reflects the most recent revision.