BareLab Privacy Policy

What We Collect: Photos of your skin, health data (menstrual cycle, mood, stress), location (with your permission), and basic account information.

Why We Collect It: To provide personalized skincare recommendations and track your skin health journey.

Who We Share With: Cloud storage providers (Google Cloud), AI services (OpenAI, Anthropic), and analytics tools—all under strict data protection agreements.

Your Control: Access, correct, or delete your data anytime at https://accounts.barelab.in or contact us at pranjal@barelab.in.

Questions? Email pranjal@barelab.in (we respond within 72 hours) or reach our Grievance Officer at pallavi@barelab.in.

Welcome to BareLab ("we," "us," or "our"). We are committed to protecting your personal information and your right to privacy.

Who We Are:
BareLab is an AI-powered skincare application created by Pallavi Khare & Pranjal Aswani (Service Provider(s)) as a Freemium service. This application helps you track your skin health, receive personalized skincare recommendations, and understand how factors like weather and your menstrual cycle affect your skin.

About This Policy:
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").

Your Consent:
By using our Service, you consent to the processing of your information as described in this Privacy Policy. If you do not agree with our policies and practices, please do not use our application.

Legal Validity:
This document is an electronic record under the Information Technology Act, 2000, and the Information Technology (Intermediaries Guidelines and Digital Media Ethics Code) Rules, 2021. It is valid and enforceable as an electronic record under Indian law.

We collect several types of information to provide and improve our Service:

Personal Information You Provide

When you create an account and use BareLab, we collect:

Basic Account Information:

• Name, email address, and phone number
• Date of birth

🔒 Sensitive Health Information:

• Skin Photos: Images of your skin for condition assessment
• Menstrual Cycle Data: Information you voluntarily provide about your cycle
• Mood & Stress Levels: Self-reported emotional and stress data
• Skincare Routine: Product preferences and routine tracking

📍 Location Information:
With your permission, we collect your device's location to:

• Determine your approximate geographical area
• Provide weather-related skincare recommendations
• Offer location-specific insights

You can enable or disable location access in your device settings at any time.

📸 Camera Access:
We need access to your camera to capture and analyze skin images for personalized recommendations.

🔔 Push Notifications:
If you opt in, we send notifications about:

• Skincare routine reminders
• Personalized recommendations
• App updates and new features

Information Collected Automatically

When you use BareLab, we automatically collect:

Device Information:

• Device type and operating system
• Unique device identifiers
• Mobile network information
• IP address

Usage Data:

• Pages/features you visit in the app
• Time and date of visits
• Navigation patterns and interactions

Analytics Data:

• Browser type and access times
• Log data for troubleshooting
• Performance metrics to improve our services

Primary Purposes

🎯 Personalized Skincare Recommendations
We analyze your skin photos, location, menstrual cycle data, mood, and stress levels to provide tailored skincare advice and product recommendations.

📊 Skin Health Tracking
We monitor changes in your skin condition over time to help you understand patterns and progress.

🌤️ Weather-Based Insights
We correlate your location data with weather conditions to provide relevant skin health insights.

🩸 Cycle-Based Insights
We help you understand how your menstrual cycle affects your skin health.

✅ Routine Management
We help you track skincare routine consistency and effectiveness.

🔧 Service Improvement
We use aggregated and anonymized data to improve our AI algorithms and Service functionality.

Secondary Purposes

Account Management: Creating and managing your user account

Communication: We may contact you to provide:

• Important service information
• Required notices and updates
• Marketing promotions (if you opt in)
• Notifications about your skincare routine
• Product recommendations
• Customer support

Analytics and Improvements: Aggregated and anonymized data helps us:

• Analyze user behavior and identify trends
• Improve overall performance and functionality
• Develop new features

AI Model Training: Aggregated and anonymized data (including skin condition assessments and usage patterns) may be used to train and improve our AI models to provide better recommendations for all users.

Research and Development: Conducting research to improve our services

Security: Detecting and preventing fraud, abuse, and security incidents

Legal Compliance: Complying with applicable laws, regulations, and protecting our rights

We do not sell your personal information. We do not share your data with third parties for their marketing purposes without your consent. Only aggregated, anonymized data is periodically transmitted to external services to help us improve the Application.

Third-Party Service Providers

We share your information with trusted third-party service providers who assist us in operating our Service. All providers must sign data-processing agreements with BareLab to ensure compliance with data-protection laws, confidentiality, and security obligations.

Service Provider	Purpose	Data Shared	Privacy Policy
Google Cloud	Cloud infrastructure and data storage	All encrypted data	Google Privacy
Google Play Services	App functionality	Device and usage data	Google Play Privacy
Google Analytics for Firebase	Analytics and user behavior tracking	Usage patterns, anonymized data	Firebase Privacy
Firebase Crashlytics	Crash reporting and stability monitoring	Device info, crash logs	Crashlytics Privacy
OpenAI	AI-powered analysis and recommendations	Photos, skin data (encrypted)	OpenAI Privacy
Anthropic	AI-powered analysis and recommendations	Photos, skin data (encrypted)	Anthropic Privacy
Cloudflare	Content delivery, security, and performance	IP address, device data	Cloudflare Privacy

Payment Processing

All payments are processed securely via our third-party payment processor. We do not store your full payment card details on our servers. We only retain transaction records (such as amount, date, and transaction ID) for accounting and customer support purposes.

Other Disclosures

We may disclose your information in these specific circumstances:

With Your Consent: When you explicitly authorize us to share specific information

Legal Requirements: As required by law, such as:

• Complying with a subpoena or court order
• Responding to government requests
• Meeting legal obligations

Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity

Safety and Security: To protect the rights, property, or safety of BareLab, our users, or others, including:

• Preventing fraud or abuse
• Enforcing our terms
• Responding to emergencies

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States (where our AI service providers operate).

Where data is transferred outside India, we ensure adequate protection through:

• Contractual obligations with service providers
• Encryption in transit
• Adherence to standard data-transfer safeguards
• Compliance with Section 43A of the Information Technology Act, 2000

We do not share personal data with advertisers or unrelated third parties without explicit consent.

🔒 Our Security Measures

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

Our safeguards include:

• ✓ Encryption of data in transit
• ✓ Secure cloud infrastructure provided by Google Cloud
• ✓ Regular security assessments and updates
• ✓ Access controls and authentication measures
• ✓ Secure data storage and backup procedures
• ✓ Secure API communications with third-party services

Your Responsibility

You should also take care with your own security:

• Keep your login credentials secure and confidential
• Use strong, unique passwords
• Don't share your account with others
• Enable device security features (passcode, biometric lock)
• Log out of shared devices

No System Is Perfect

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

Data Breach Notification

In the event of a data breach likely to cause harm, we will notify affected users and competent authorities within a reasonable time, as per Rule 3(1)(g) of the Intermediary Rules 2021.

You have significant control over your personal information. Here's what you can do:

Access and Control

✓ Access Your Data
Request access to the personal information we hold about you.

✓ Correct Your Information
Update inaccurate or incomplete information through your account settings or by contacting us.

✓ Delete Your Account
Delete your account and associated data in two ways:

• Visit https://accounts.barelab.in and follow the self-service instructions
• Contact us at pranjal@barelab.in

✓ Data Portability
Request a copy of your data in a structured, commonly used, portable format (JSON or CSV).

✓ Withdraw Consent
Stop providing optional data at any time (such as menstrual cycle tracking or mood logs).

✓ Opt Out of Marketing
Unsubscribe from marketing communications at any time by:

• Clicking "unsubscribe" in any marketing email
• Adjusting notification preferences in app settings
• Contacting pranjal@barelab.in

✓ Control Location Access
Enable or disable location services in your device's settings:

• iOS: Settings > Privacy > Location Services > BareLab
• Android: Settings > Apps > BareLab > Permissions > Location

✓ Control Push Notifications
Manage notification preferences in your device settings or app settings.

How to Exercise Your Rights

To exercise any of these rights:

1. Self-Service: Use the settings and controls within the BareLab app or visit https://accounts.barelab.in
2. Email Us: Contact pranjal@barelab.in (we respond within 72 hours)
3. Grievance Officer: For privacy concerns, contact pallavi@barelab.in

Uninstalling the App

You can stop all collection of information by uninstalling BareLab. Use the standard uninstall process available on your mobile device or via your app store.

Note: Uninstalling the app does not automatically delete your account data. To delete your data, follow the steps above.

We retain your personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

How Long We Keep Your Data:

Active Accounts: We keep your data while your account is active and you're using our services.

After Account Deletion: When you delete your account:

• We delete or anonymize your personal information immediately
• Exception: We retain certain data for at least 180 days as required by the Intermediary Guidelines Rules, 2021
• Transaction records may be kept longer for accounting, taxation, and legal compliance

Legal Requirements: Some data must be retained for legal or regulatory purposes (e.g., financial records for tax authorities).

How to Request Deletion

To request deletion of your data:

1. Visit https://accounts.barelab.in and delete your account
2. Email us at pranjal@barelab.in

We will respond within 15 days and complete the deletion process promptly.

Our Service is not intended for individuals under 18 years of age.

We do not knowingly collect personally identifiable information from children under 18.

If we discover that a child under 18 has provided personal information:

• We will immediately delete this information from our servers
• We will terminate the account
• We will take steps to prevent future access

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at pranjal@barelab.in so we can take appropriate action.

We understand that health information is highly sensitive. We take extra precautions to protect this information:

🔒 Special Protections for Health Data:

Encryption: All health data (menstrual cycle data, skin photos, mood/stress levels) is encrypted in transit.

Access Controls: Access to health data is restricted to authorized personnel only. Not all BareLab employees can access your sensitive health information.

AI Processing Limitations: AI processing of health data is limited to generating skincare insights. Health data is not used for AI model training without complete anonymization.

Secure Transmission: All AI processing is performed through encrypted connections with our trusted AI providers (OpenAI and Anthropic).

Your Control: You have full control over what health information you choose to share. You can:

• Skip optional health tracking features
• Delete specific health data entries
• Delete all health data by deleting your account

⚠️ Important Medical Disclaimer

BareLab is not a medical service and does not provide medical advice, diagnosis, or treatment.

The recommendations and insights provided by our Application are for informational and educational purposes only and should not be considered a substitute for professional medical advice.

Always consult with a qualified healthcare professional for any medical concerns or before making health-related decisions based on our recommendations.

BareLab may use cookies and similar tracking technologies to enhance your experience.

What Are Cookies?
Cookies are small data files stored on your device that help us remember your preferences and understand how you use our app.

How We Use Them:

• Remember your preferences and settings
• Understand how you use our app
• Improve app performance and functionality
• Provide analytics (via Firebase and Google Analytics)

Your Control:
Most mobile devices and browsers allow you to manage or disable cookies. However, disabling cookies may limit some app functionality.

BareLab may contain links to third-party websites or services (such as skincare product websites or educational resources).

Important: We are not responsible for the privacy practices of these third parties. Each third-party service has its own privacy policy, and we encourage you to review those policies before interacting with those services.

We do not control and are not responsible for:

• Third-party data collection practices
• Third-party security measures
• Third-party use of your information

We process your personal information based on the following legal grounds under Indian law:

✓ Consent
You have given explicit consent for specific processing activities (e.g., location tracking, push notifications, menstrual cycle tracking).

✓ Contract Performance
Processing is necessary to provide you with BareLab services under our Terms and Conditions.

✓ Legitimate Interests
Processing is necessary for our legitimate business interests (e.g., improving our services, preventing fraud, ensuring security) that do not override your rights.

✓ Legal Obligations
Processing is necessary to comply with applicable laws and regulations (e.g., tax reporting, responding to legal requests).

Legal Compliance:
We comply with Section 43A and Section 79 of the Information Technology Act, 2000, the Intermediary Guidelines Rules, 2021, and other applicable Indian data-protection laws.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make changes:

• We will update the "Last Updated" date at the top of this policy
• We will notify you through the app or by email for significant changes
• We will request your consent if required by law
• We will highlight what has changed

Your continued use of BareLab after changes are published constitutes acceptance of the revised policy.

This privacy policy is effective as of October 4, 2025.

For Indian Users

BareLab complies with the Information Technology Act, 2000, and related rules. We are committed to protecting your sensitive personal information in accordance with Indian law.

Your Rights Under Indian Law:

• Right to access your personal information
• Right to correct inaccurate information
• Right to withdraw consent
• Right to file a complaint with the Grievance Officer

General Inquiries

If you have questions about this Privacy Policy or our data practices:

Email: pranjal@barelab.in
Response Time: We aim to respond to all inquiries within 72 hours (business days)

Grievance Officer

In compliance with the Information Technology Act, 2000 (Rules on "sensitive personal data") and the Intermediary Guidelines Rules, 2021, we have designated a Grievance Officer to address your privacy concerns:

Name: Pallavi Khare
Email: pallavi@barelab.in
Response Timeline:

• Acknowledgment within 24 hours
• Resolution within 15 days of complaint

We are committed to resolving any privacy concerns you may have.

By using the BareLab Application, you consent to the processing of your information as set forth in this Privacy Policy now and as amended by us.

If you do not agree, please discontinue use of the application.

Thank you for trusting BareLab with your skincare journey! We're committed to protecting your privacy while helping you achieve your skin health goals.