This Privacy Policy explains how Beautyxia (“we”, “our”, or “us”) collects, uses, and protects your information when you interact with our Shopify app. Beautyxia is an AI-powered face analysis and smart recommendation tool currently operating in a Beta version. We are fully committed to safeguarding your privacy and ensuring your personal data is handled securely, transparently, and in strict compliance with applicable data protection laws, including the GDPR.
1Information We Collect & Process
a) Face Photos (AI Face Scan)
- When using our core service to generate skin reports, you may upload a facial photo.
- Photos are processed instantaneously to analyze skin types, detect specific facial issues, map regional skin concerns, and provide tailored product recommendations.
- No Storage: Photos are held temporarily in volatile memory purely for processing duration and are deleted immediately afterward. We do not store or retain your photos.
b) AI Product Chatbot Queries
- If you interact with our AI Product Chatbot to ask questions regarding store products, we collect the text strings and questions you submit.
- These text queries are processed in real time to yield contextual product answers. We advise users not to input personal, sensitive data within the chatbot interfaces.
c) IP Address & Device Information
- We automatically collect technical logging parameters, including your IP address and device/browser type.
- These logs are retained solely for performance monitoring, debugging, application security, and fraud prevention.
d) Essential Cookies
- Our software drops essential technical cookies required for foundational app performance:
sessionid: Secures your structural platform session.csrftoken: Prevents unauthorized Cross-Site Request Forgery security attacks.language_preference: Locally caches your interface setting across our supported global languages (including English, Arabic, French, Spanish, Italian, German, Japanese, Korean, Portuguese, Chinese, Thai, Turkish, Dutch, and Indonesian) for up to 30 days.
- These cookies do not track behavioral analytics and are exempt from mandatory consent under performance thresholds.
2How We Use Your Information
- Face Scan & Deep Detection: To execute real-time structural analysis and deliver instant skincare metrics.
- AI Chatbot Operations: To process and answer user-generated queries about products on demand.
- Infrastructure Security: To assess application health, detect system abuse, and maintain localized protection.
- Product Tags & Customization: Structural shop tags (e.g., skin concerns) are evaluated contextually to match inventory items to individual skin reports.
User System Feedback
- Users may voluntarily submit binary feedback (Likes/Dislikes) regarding recommendation metrics.
- We log exclusively the raw metric choice and event date for general internal statistics. No personal identifiers or IP records are combined with this optimization log.
3Legal Basis for Processing (GDPR)
- Explicit User Consent: For uploading and processing face photos for custom scanning.
- Contractual Performance / Service Delivery: For running the AI Product Chatbot to answer your active product questions.
- Legitimate Interests: For collecting technical device logs and essential cookies to preserve system defense, block exploit vectors, and optimize cross-language performance.
4Data Infrastructure & Retention
- Hosting Architecture: Our core application infrastructure is deployed on secure cloud servers managed by DigitalOcean LLC, geographically situated within the Frankfurt, Germany (EU) data center region.
- Retention Lifespans:
- Face photos: Retained for 0 seconds post-analysis.
- Chatbot text inputs: Processed transiently and not stored in persistent historical user databases.
- IP / Security logs: Purged systematically after 360 days.
- Functional cookies: Session-dependent or removed automatically within 30 days.
5Third-Party Service Integrations & Sub-processors
To deliver our deep AI functionalities, data is safely shared with the following core ecosystems:
- Shopify Inc.: We communicate directly with Shopify's Core APIs to display products, read localized shop tags, and seamlessly render as a Theme App Extension.
- Google Cloud / Gemini API: Chatbot inquiries and algorithmic text processes utilize Google’s Gemini infrastructure. Data transmitted to the API is evaluated dynamically under strict safety parameters and is not utilized to train generic public models.
6User Data Rights
Depending on your regional jurisdiction (such as the EEA/UK), you hold structural privacy protections enabling you to:
- Request access to or clear extraction of your active technical infrastructure logs.
- Request swift deletion or erasure of remaining IP logs.
- Withdraw operational processing consent instantly by closing or removing the application extension.
7Security Measures
- End-to-end encryption using HTTPS/TLS protocols across all data transfers.
- Protected Django session implementations utilizing cross-site defense frameworks.
- Strict internal access constraints isolating operational network logs.
8Shopify Merchant Uninstall Requests
Upon a merchant uninstalling Beautyxia from their Shopify storefront, mandatory webhooks prompt our platform to instantly flush and delete any residual or environment-specific log parameters linked to that shop domain.
9Changes to This Policy
We keep this policy under review during our current Beta lifecycle. Updates will appear immediately on this interface with a revised effective date.
10Contact Us
For inquiries regarding data processing, infrastructure security, or compliance controls, reach out directly:
Email: commercial@webixia.tn
Email: houssaini.slimen@gmail.com