Privacy Policy

Your privacy matters to us. Learn how we collect, use, and protect your personal information.

Last Updated: January 29, 2026

Welcome to Sunkiss AI (“Sunkiss AI,” “we,” “us,” or “our”), operated by Ferrix Labs Inc., a company registered in Canada. Sunkiss AI is a mobile application that provides AI-powered tanning coaching, UV monitoring, SPF recommendations, progress tracking, and personalized skin care guidance.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application, website, and related services (collectively, the “Services”). By accessing or using our Services, you consent to the practices described in this Privacy Policy. If you do not agree, please discontinue use of our Services.

Privacy Law Compliance

This Privacy Policy is designed to comply with applicable privacy laws including Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), the California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA), and other applicable privacy legislation in the jurisdictions where we operate.

1. Information We Collect

We collect information in the following ways:

Information You Provide Directly

  • Account Information: Name, email address, and authentication credentials when you create an account (including via Apple Sign-In or Google Sign-In).
  • Skin Profile Data: Skin type, tanning goals, age range, skin concerns, SPF usage habits, desired shade, and sun exposure tolerance. This information is used to personalize your tanning recommendations.
  • Photos: Progress selfies and profile photos you voluntarily upload to track your tanning journey.
  • Communications: Messages, feedback, and support requests you send to us.
  • Payment Data: Purchases are processed through Apple In-App Purchase. We receive only transaction identifiers and subscription status from Apple — we do not collect or store your credit card number, bank account, or other financial details.

Information Collected Automatically

  • Device Information: Device model, operating system version, unique device identifiers, and app version.
  • Usage Data: Features used, screens viewed, session duration, and interaction patterns within the app.
  • Coarse Location: City-level location data used solely to retrieve local UV index and weather information. We do not track your precise GPS coordinates.
  • Analytics Data: Crash reports, performance metrics, and diagnostic information to improve app stability.

Information from Third Parties

  • Authentication Providers: If you sign in with Apple or Google, we receive your name and email address (as permitted by your sign-in settings).
  • Firebase Services: We use Google Firebase for authentication, data storage, and app infrastructure, which may collect device and usage information for service operation and diagnostics.
  • Apple WeatherKit: We use Apple's WeatherKit framework to retrieve UV index, temperature, and atmospheric data for your general location.
  • Superwall: We use Superwall for subscription paywall management, which may collect device identifiers and interaction data related to subscription offers.

Data Minimization

We collect only the information reasonably necessary to provide and improve our Services. We do not collect sensitive personal information beyond what is described in this policy.

2. How We Use Your Information

We use your information for the following purposes:

  • Service Provision: Generating personalized AI tanning plans, monitoring UV conditions for your location, tracking your tanning progress, providing SPF recommendations, and delivering sun safety guidance.
  • Account Management: Creating and maintaining your account, processing subscriptions, and authenticating your identity.
  • Analytics and Improvement: Understanding how users interact with our app to improve features, fix bugs, and enhance the user experience.
  • Safety and Compliance: Detecting and preventing fraud, abuse, or security threats, and complying with legal obligations.
  • Marketing (Opt-In Only): Sending promotional communications about new features or updates, only with your explicit consent. You can opt out at any time.

3. Health and Wellness Data

Important Notice

Your skin profile data (skin type, tanning goals, sun exposure tolerance, and related preferences) is treated with heightened protection due to its health-related nature.

  • Skin profile data is used solely to provide personalized tanning recommendations and sun safety guidance within the app.
  • We do not share skin profile data with insurance companies, employers, data brokers, or any third party for purposes unrelated to providing our Services.
  • We do not use your health and wellness data for medical diagnosis, treatment, or clinical decision-making. Sunkiss AI is not a medical device or healthcare service.
  • Health and wellness data is subject to additional access controls and encryption measures beyond those applied to general account data.
  • You may delete your health and wellness data at any time through the app or by contacting us.

4. Photo Data

Your Photos Are Protected

We take the security of your photos seriously. Photos you upload are used exclusively for the progress tracking feature you opted into.

  • Photos are stored securely using encryption at rest and in transit.
  • Photos are used only for the progress tracking feature within the app — allowing you to view your tanning journey over time.
  • We do not share your photos with third parties.
  • We do not use your photos for facial recognition, biometric identification, or any form of biometric analysis.
  • We do not use your photos to train AI or machine learning models.
  • You can delete any or all of your photos at any time from within the app. Deleted photos are permanently removed from our servers within 30 days.

5. How We Share Your Information

We may share your information in the following limited circumstances:

  • Service Providers: Trusted third-party vendors who assist us with cloud hosting, analytics, email delivery, and app infrastructure. These providers are contractually obligated to protect your data and use it only for the services they provide to us.
  • Legal Requirements: When required by law, court order, subpoena, or government regulation, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change.
  • Aggregated or De-Identified Data: We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you, for research or analytical purposes.

We Do Not Sell Your Personal Information

Ferrix Labs Inc. does not sell, rent, or trade your personal information to third parties for monetary or other valuable consideration. This applies to all users regardless of jurisdiction.

6. Your Privacy Rights

Regardless of where you live, you have the following rights with respect to your personal information:

Universal Rights

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request that we correct inaccurate or incomplete information.
  • Deletion: Request that we delete your personal information, subject to legal retention requirements.
  • Portability: Request your data in a structured, commonly used, machine-readable format.
  • Opt-Out: Opt out of marketing communications at any time.

Canadian Residents (PIPEDA)

  • You have the right to access your personal information and request corrections.
  • You may withdraw your consent to the collection, use, or disclosure of your personal information at any time, subject to legal or contractual restrictions.
  • You may file a complaint with the Office of the Privacy Commissioner of Canada if you believe your privacy rights have been violated.

US Residents

  • CCPA/CPRA (California): You have the right to know what personal information we collect, request deletion, opt out of the sale or sharing of personal information, and not be discriminated against for exercising your rights.
  • State-Specific Rights: Residents of Virginia, Colorado, Connecticut, Utah, and other states with consumer privacy laws may have additional rights under their respective state legislation. Contact us to exercise these rights.

International Users

If you are located outside of Canada or the United States, you may have additional rights under the privacy laws of your jurisdiction. Please contact us at sunkissai@ferrixlabs.com to exercise any jurisdiction-specific rights.

7. How to Delete Your Data

You can request deletion of your account and personal data through the following methods:

  • In-App: Navigate to Settings → Delete Account. This will initiate the deletion of your account and all associated data.
  • Email: Send a deletion request to sunkissai@ferrixlabs.com from the email address associated with your account.

Upon receiving a valid deletion request:

  • Your account, skin profile, photos, tanning history, and preferences will be permanently deleted within 30 days.
  • Certain data may be retained where required by law (e.g., transaction records for tax or accounting purposes) or to resolve disputes, enforce agreements, or comply with legal obligations.
  • Aggregated, de-identified data that cannot be linked back to you may be retained for analytical purposes.

8. Data Security and Retention

We implement industry-standard security measures to protect your personal information:

  • Encryption: Data is encrypted in transit (TLS/SSL) and at rest using AES-256 or equivalent encryption standards.
  • Access Controls: Access to personal information is restricted to authorized personnel who require it for legitimate business purposes.
  • Monitoring: We employ security monitoring and logging to detect and respond to potential threats.
  • Breach Notification: In the event of a data breach that poses a real risk of significant harm, we will notify affected users and applicable regulatory authorities as required by law.

Retention: We retain your personal information for as long as your account is active or as needed to provide you with our Services. After account deletion, data is removed within 30 days except where retention is required by law.

No System Is Perfect

While we take reasonable measures to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

9. Cookies and Tracking Technologies

Our website may use the following types of cookies and tracking technologies:

  • Essential Cookies: Required for basic website functionality, such as maintaining your session and security.
  • Analytics Cookies: Help us understand how visitors interact with our website, including page views, traffic sources, and user behavior patterns.
  • Third-Party Cookies: Our analytics and advertising partners may set their own cookies. These are governed by the respective third party's privacy policy.

You can control cookies through your browser settings. Disabling cookies may affect the functionality of our website but will not impact the mobile app experience.

10. Children's Privacy

Age Restriction

Sunkiss AI is intended for users who are 18 years of age or older. We do not knowingly collect personal information from anyone under the age of 18.

If we learn that we have collected personal information from a person under 18, we will promptly delete that information. If you believe we have inadvertently collected information from a minor, please contact us at sunkissai@ferrixlabs.com.

11. International Data Transfers

Ferrix Labs Inc. is headquartered in Canada. Your personal information may be processed and stored in Canada, the United States, or other countries where our service providers maintain facilities.

When your data is transferred outside of your home country, we ensure that appropriate safeguards are in place, including contractual data protection agreements with our service providers that require them to protect your information in accordance with applicable privacy laws.

Canadian Adequacy

Canada has been recognized by many jurisdictions as providing an adequate level of data protection. Data processed in Canada is subject to PIPEDA and applicable provincial privacy legislation.

12. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by:

  • Posting a notice within the Sunkiss AI app.
  • Sending a notification to the email address associated with your account.
  • Updating the “Last Updated” date at the top of this policy.

Your continued use of the Services after any changes indicates your acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Ferrix Labs Inc.

Canada

Email: sunkissai@ferrixlabs.com