Start 2026 with a personalized k-beauty program

Privacy policy

Effective Date: April 25, 2025

Last Updated: February 17, 2026

1) Who we are

Venus Labs Inc. (“Venus,” “we,” “us”) provides the Venus mobile apps and website (the “Services”).
Questions: support@venus-labs.io.

2) Scope & key definitions

This Policy covers personal data we process through our apps, site, and support.

“Face Data” means:
(a) selfies you choose to upload or capture in-app;
(b) anonymized versions of those selfies created for analysis (e.g., identifying facial features obscured); and
(c) numeric skin metrics derived from these images (e.g., redness score, acne count, tone metrics, “Venus Score”).

No biometric identification: We do not use Face Data for identity verification, facial recognition, or to create biometric templates for identifying you.

3) What we collect

Account & profile: Email/Apple/Google ID, display name; optional age range, skin type, allergens, and skincare goals.

Face Data:

  • Selfies you upload or capture for scans (as part of providing the Service).

  • Anonymized photos derived from those selfies for AI processing (identifying features obscured).

  • Derived skin metrics (e.g., redness, acne, hydration, tone, calmness, smoothness, purity, Venus Score).

Usage & device: App events, device/OS, language, time zone, and crash logs.

Support: Messages/attachments you send us.

Marketing (opt-in): Push/email preferences if you opt in.

4) How we use data

Provide the Services: Create/login to your account, run skin scans, generate results, build routines, power your box experience, and show progress over time.

AI processing for skin analysis:

  • We analyze your skin using a combination of our own models and services.

  • For certain analysis steps (e.g., evaluating specific facial areas), we may send an anonymized photo (identifying features obscured) and relevant context (such as the target facial area) to OpenAI to generate skin-analysis outputs and/or explanations.

  • We may also send derived numeric skin metrics to OpenAI to generate text explanations.

Improve & secure: Debugging, analytics, fraud prevention, security monitoring, and performance improvements.

Marketing (opt-in): Tips, updates, promotions, and product news only if you opt in.

Legal: Enforce our Terms and comply with applicable law.

5) Sharing & disclosure

We do not sell personal data, and we do not share personal data for cross-context behavioral advertising.

We share data only with:

Hosting & infrastructure:

  • Amazon Web Services (AWS) (US) for secure storage and infrastructure services (e.g., hosting, databases, encrypted storage).

  • Crash/diagnostics providers (if enabled) to identify and fix bugs.

Analytics:

  • Google Analytics 4 (GA4) configured without Ads features (if enabled) to understand basic product usage and improve the app.

AI processing vendor (third-party AI):

  • OpenAI, Inc. (United States) — receives anonymized photos and/or derived skin metrics solely to provide skin-analysis outputs and text explanations for the Service.

  • OpenAI is the only third-party AI service we use for this purpose.

Legal & transactions:

  • When required by law, to protect rights/safety, or in connection with a merger, acquisition, or asset sale.

6) Face Data transparency (Apple §5.1.1)

Data collected:

  • User-supplied selfies for scans.

  • Anonymized photos derived from your selfies (identifying features obscured).

  • Derived numeric skin metrics (e.g., dryness level, redness level, acne level, tone, calmness, smoothness, purity, Venus Score).

Purpose:

  1. Provide your skin analysis and personalized cosmetic guidance.

  2. If you separately opt in, use de-identified/aggregated data to improve our models and product quality.

Third-party sharing:

  • We may share anonymized photos and/or derived numeric metrics with OpenAI (US) for skin-analysis processing and generating explanations.

  • We do not use Face Data for advertising or marketing, and we do not permit third parties to use Face Data for advertising or marketing.

User permission & control:

  • Before Face Data is transmitted to OpenAI, the app requests your permission in-app.

  • You can withdraw consent at any time in-app (e.g., Settings → Privacy / AI Analysis). If you withdraw consent, AI-powered analysis will be disabled.

Storage & security:

  • Stored on AWS (US) with encryption at rest (AES-256) and in transit (TLS 1.2+).

  • Access is restricted using least-privilege controls, logging, and monitoring.

Retention:

  • Raw selfies: Life of account + 30 days (or sooner if you delete them in-app).

  • Anonymized photos: Retained only as needed to provide the Service and support your scan history (or deleted sooner if you delete scans / delete account).

  • Derived metrics: Deleted at account deletion or on request.

Opt-out / deletion:

  • Delete scans/images in-app (if available), or use Settings → Delete Account to remove your data.

  • You can also email support@venus-labs.io.

No facial recognition:
We do not identify or verify users or track identity from Face Data.

7) Legal bases (GDPR/UK GDPR)

Contract (Art. 6(1)(b)): Account, core services, scan results, personalization.
Consent (Art. 6(1)(a), Art. 9(2)(a)): Face Data processing; marketing; optional model improvement.
Legitimate interests (Art. 6(1)(f)): Security, non-advertising analytics, fraud prevention.

We also comply with CCPA/CPRA and Korea PIPA.

8) Data retention (summary)

  • Raw selfies: Account life + 30 days (or sooner if deleted)

  • Anonymized photos: Only as needed for the Service / scan history (or sooner if deleted)

  • Derived metrics: Deleted at account deletion or on request

  • Account/profile: Account life + 30 days

  • Aggregated analytics: ≤ 24 months

  • Support threads: 24 months after resolution

We delete or de-identify data when no longer needed.

9) Security

TLS in transit; encryption at rest; least-privilege access; logging and monitoring; periodic testing; incident response procedures.

10) Your rights & choices

Delete account/data: In-app Settings → Delete Account or email support@venus-labs.io.
Access/portability: Request a machine-readable copy (JSON/CSV).
Correction: Edit your profile in-app.
Consent: You can disable scans and/or withdraw AI processing consent at any time in Settings.
Marketing: Opt out in-app/email.

US (CPRA): You may request access, correction, deletion; we do not sell/share personal data; we honor Global Privacy Control (GPC) signals.
Response times: US—within 45 days; EU/UK—within 30 days.

Submit requests to: support@venus-labs.io.

11) Children

Not for under-13s. If a child’s data was submitted, contact us for deletion.

12) International transfers

We store/process in the United States. For EU/UK data, we rely on SCCs and comparable safeguards. For Korea PIPA cross-border transfers, we disclose: recipient (Venus Labs Inc., AWS, OpenAI), country (US), purpose (hosting/processing/analysis), items transferred (as described above), retention (as described above), and contact (support@venus-labs.io). You may withdraw cross-border consent where required.

13) Automated decisions

We do not make automated decisions that produce legal or similarly significant effects. Guidance is cosmetic/wellness only.

14) Not medical advice

Content is informational/cosmetic only and not medical advice.

15) Cookies & tracking (website)

We use essential cookies and basic, non-advertising analytics (GA4). Manage preferences at Cookie Settings. We honor GPC.

16) Changes

We’ll post updates in-app and notify you of material changes 7 days before they take effect.

17) Contact

Venus Labs Inc.
support@venus-labs.io

Seoul-curated full-size 100% authentic K-Beauty