Welcome to MenlyAI ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use the MenlyAI mobile application ("App") — an AI-powered hairstyle recommendation and hair growth tracking app for men.
By using MenlyAI, you agree to the collection and use of information in accordance with this Privacy Policy.
2. INFORMATION WE COLLECT
2.1. Account Information You Provide:
Email address (required for all sign-up methods)
Display name (optional)
Profile photo (optional, stored in Firebase Storage)
Authentication tokens from Google Sign-In or Apple Sign-In (iOS)
2.2. Face Data and Photos:
Face analysis photos: Collected directly when you intentionally upload a photo from your device's photo library or take a new photo using your device camera for face shape detection and AI feature extraction for recommendations. These are transmitted to Google Gemini AI for processing and are not retained or stored on our servers after processing is complete.
Hairstyle visualization photos: Your face photo used for AI-powered virtual try-on. These images are stored locally on your device only (up to 50 history entries) for your personal history; they are not uploaded to our cloud.
Hair growth tracker progress photos: Photos you intentionally upload to document your growth journey. These are stored in Firebase Storage under your account to help you visualize your progress over time.
Bug report screenshots: Optional screenshots you attach. Stored in Firebase Storage to assist our support team.
Profile photo: Optional account photo. Stored in Firebase Storage.
2.3. Sharing Face Data with Third Parties:
We share face data (photos) with Google solely through the Google Gemini API to deliver the AI-powered hairstyle analysis and transformations you request. We share this data because it is necessary to provide the core AI features of the App. Google’s privacy practices for this enterprise API state that data submitted via the API is not stored and is not used to train their AI models. We confirm that our third-party AI service provider, Google, provides the same or equal protection of your user data as stated in this Privacy Policy. You can find more details under Google’s Privacy Policy.
2.4. Usage and App Data:
Subscription plan status and credit balances (stored in Firestore)
Hair growth journey goals and weekly progress entries (stored in Firestore and Firebase Storage)
Chatbot conversation history (stored locally on your device)
AI data sharing consent status and version (stored locally on your device)
Notification preferences and reminder time (stored locally on your device)
App theme preference (stored locally on your device)
2.4. Automatically Collected Technical Data:
Device platform (iOS or Android)
App crash reports and error logs (via Firebase)
Network connectivity status (not transmitted; used locally only)
2.5. What We Do NOT Collect:
Credit card or payment details — all payments are processed entirely by the Apple App Store or Google Play Store
Precise location data
Contacts or calendar data
Biometric identifiers for authentication purposes
3. HOW WE USE YOUR INFORMATION
3.1. Deliver Core App Features:
Detect your face shape on-device using Google ML Kit (no data sent to servers for this step)
Extract hair and facial features using Google Gemini AI (requires your photo to be sent to Google's cloud)
Generate personalized hairstyle recommendations from our curated database of 68+ styles
Create AI-powered virtual hairstyle try-on images using Google Gemini
Power the AI hair specialist chatbot using Google Gemini
Store and display your hair growth journey progress
Manage your subscription status and credit balance
3.2. App Improvement:
Diagnose and fix crashes and bugs using anonymized error reports
Improve AI model prompts and recommendation quality
Develop new features based on usage patterns
3.3. Communication and Notifications:
Send local push notifications for your hair tracker reminders (scheduled on-device; no third-party push service is used)
Respond to support enquiries and bug reports
Notify you of important policy or feature changes
3.4. Security and Legal Compliance:
Verify subscription and in-app purchase receipts via secure Cloud Functions
Prevent fraud and abuse
Enforce our Terms of Service
Comply with applicable laws and regulations
4. AI DATA SHARING CONSENT
In compliance with Apple App Store Guideline 5.1.1(i) and applicable privacy regulations, MenlyAI requires your explicit consent before transmitting any photo or facial data to cloud AI services (Google Gemini API). You will be presented with a consent prompt the first time you use any AI-powered feature.
You may revoke this consent at any time from Settings → Privacy Settings.
If consent is revoked, on-device features (face shape detection via ML Kit) continue to work, but cloud AI features (hairstyle visualization, AI feature extraction, chatbot) will be disabled until consent is re-granted.
Your consent status and version are stored locally on your device.
5. ON-DEVICE VS. CLOUD PROCESSING
We distinguish clearly between processing that happens on your device and processing that requires data to leave your device:
5.1. On-Device Processing (No Data Sent to Servers):
Face landmark detection — Google ML Kit runs entirely on your device using facial contour detection. No photo data is sent to Google for this step.
Hair/face segmentation — On-device TFLite model (selfie_multiclass.tflite) for background and hair separation.
Hairstyle generation history — Stored in your device's local storage only (up to 50 entries).
Chatbot history — Conversation history retained locally on device.
5.2. Cloud Processing (Data Sent to Google Gemini API):
AI feature extraction — Your photo is sent to Google Gemini to detect face shape, hair type, hair density, forehead size, and hairline characteristics.
Hairstyle visualization (virtual try-on) — Your face photo and the selected hairstyle description are sent to Google Gemini for AI image generation.
Reference image try-on — Your face photo and a reference barber photo are sent to Google Gemini.
AI chatbot — Your chat messages are sent to Google Gemini. No photos are transmitted for chatbot conversations.
All cloud transmissions are encrypted via HTTPS/TLS. Photos sent to Gemini are processed in real-time and are governed by Google's Privacy Policy.
6. HOW WE SHARE YOUR INFORMATION
We do NOT sell your personal information. We share data only in the following limited circumstances:
6.1. Technology Service Providers:
Google Firebase (Auth, Firestore, Firebase Storage, Cloud Functions) — user authentication, data storage, purchase verification
Google Gemini API — cloud AI processing for hairstyle visualization, feature extraction, and chatbot
Google ML Kit — on-device face detection (no data leaves your device for this)
Google Sign-In — OAuth authentication
Apple Sign-In (iOS only) — OAuth authentication
Apple App Store / Google Play — subscription and in-app purchase processing
All providers process data under their own privacy policies and applicable data processing agreements. We confirm that our third-party AI service provider, Google, provides the same or equal protection of your user data as stated in this Privacy Policy.
6.2. Legal Requirements:
When required by law, court order, or government request; to protect our rights, safety, or property; or to prevent fraud or illegal activities.
6.3. Business Transfers:
In the event of a merger, acquisition, or sale of assets, your data may be transferred. You will be notified in advance.
6.4. With Your Explicit Consent:
When you authorize sharing beyond what is described in this policy.
7. DATA STORAGE AND SECURITY
7.1. Where Your Data Is Stored:
Cloud (Firebase / Google): Account profile, subscription and credit data, hair tracker journeys and progress photos, bug reports.
Local device storage: Hairstyle generation history (up to 50 results), chatbot conversation history, AI consent status, notification preferences, app theme setting.
Not stored by us: Payment or billing details (managed exclusively by Apple/Google).
7.2. Security Measures:
Encryption of all data in transit via HTTPS/TLS
Firebase Security Rules governing all Firestore and Firebase Storage access
Secure server-side purchase verification via Cloud Functions (receipts verified against Apple and Google servers)
Authentication tokens never stored in plain text
7.3. Data Retention:
Account data: Retained while your account is active.
Face analysis photos: Sent to Gemini for real-time processing and not retained on our servers afterward.
Hairstyle visualization results: Stored locally on your device only; automatically pruned at 50 entries.
Tracker progress photos: Retained in Firebase Storage as long as your journey exists or your account is active.
Deleted accounts: All cloud data is permanently deleted within 30 days of account deletion.
8. YOUR PRIVACY RIGHTS AND CONTROLS
Depending on your location, you may have the following rights:
Access: Request a copy of the personal data we hold about you.
Correction: Update your name, email, or profile photo directly in the app.
Deletion: Delete your account (and all associated data) from Settings → Delete Account. Cloud data is permanently removed within 30 days.
Revoke AI Consent: Withdraw consent for cloud AI photo processing at any time from Settings → Privacy Settings.
Notification Opt-Out: Disable tracker reminders from Settings → Notifications or your device settings.
Data Portability: Request an export of your data by contacting support@menlyai.com.
To exercise any of these rights, contact us at support@menlyai.com. We will respond within 30 days.
9. CHILDREN'S PRIVACY
MenlyAI is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected data from a child under 13, we will delete it immediately. Users aged 13–17 must have parental or guardian consent to use this App.
10. DEVICE PERMISSIONS
MenlyAI requests the following device permissions:
Camera: Required to capture photos for face shape detection and hair tracker progress photos.
Photo Library / Gallery: Required to select existing photos for face analysis and hairstyle visualization.
Notifications: Used to send scheduled local reminders for your hair growth tracker. All notifications are generated on-device — no third-party push notification service is used.
Storage (Android): Required to save generated hairstyle images to your device gallery.
Internet: Required for Firebase, Gemini AI, and purchase verification.
You can manage permissions at any time through your device settings. Revoking camera or photo library access will disable AI-powered features that require photo input.
11. SUBSCRIPTIONS AND IN-APP PURCHASES
MenlyAI offers Free, Pro Monthly, and Pro Annual subscription plans, as well as one-time Style Credit Bundle purchases. All billing is handled exclusively through the Apple App Store or Google Play Store. We do not process or store any payment card information.
Purchase receipts are verified server-side via secure Google Cloud Functions. Subscription status and credit balances are stored in your Firestore account record and updated in real time.
12. THIRD-PARTY SERVICES
MenlyAI uses the following third-party services. Each operates under its own privacy policy:
Your data may be transferred to and stored on servers located outside your country (primarily Google data centers worldwide). We ensure appropriate safeguards are in place, including encryption in transit and at rest, and reliance on Google's standard contractual clauses for international transfers.
14. CALIFORNIA PRIVACY RIGHTS (CCPA)
California residents have the right to know what personal data is collected, to delete their data, and to opt out of the sale of personal information. We do NOT sell personal information. To exercise any of these rights, contact support@menlyai.com.
15. EUROPEAN PRIVACY RIGHTS (GDPR)
If you are located in the European Economic Area (EEA) or UK, you have rights under GDPR including: access, rectification, erasure ("right to be forgotten"), restriction of processing, data portability, the right to object, and the right to withdraw consent. To exercise these rights, contact support@menlyai.com.
Our legal bases for processing include: performance of a contract (delivering app services), legitimate interests (security, fraud prevention, app improvement), and your explicit consent (AI photo processing).
16. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time. We will notify you of significant changes via an in-app notification or email. The "Last Updated" date at the top of this page reflects the most recent revision. Continued use of MenlyAI after changes take effect constitutes acceptance of the updated policy.
17. DATA BREACH NOTIFICATION
In the event of a data breach that affects your personal information, we will notify affected users within 72 hours of becoming aware of it, and inform relevant supervisory authorities as required by applicable law.
18. CONTACT US
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us: