Dermly app iconDermly

Legal

Privacy Policy

Effective date: June 12, 2026

Dermly is built around one principle: your face is yours. This policy explains exactly what happens to your photos and data when you use the Dermly iOS app and this website. The short version: we store no photos, we store no results on our servers, we have no accounts, and we sell nothing about you.

Who we are

Dermly is operated by Levin Schwab, Germany (the "operator", "we"). You can reach us anytime at levin.schwab@gmx.de.

What happens to your selfie

When you run a skin scan, the app first asks for your explicit consent. Only after you agree, your selfie is sent over an encrypted connection to our server, which forwards it to Anthropic's Claude API for a one-time AI analysis. The analysis produces cosmetic scores and routine suggestions, which are returned to your device.

  • We do not store your photo on our servers. It is processed in memory and discarded.
  • We do not store your analysis results on our servers. Results live only on your device.
  • We never log image data. Server logs contain only technical metadata such as response status and timing.
  • Your photos are not used to train any AI model, by us or by Anthropic under our API agreement.
  • We never sell, rent, or share your photos or results with advertisers or data brokers.

No accounts, no email collection

Dermly has no sign-up, no login, and no account system. We do not collect your name, email address, or contact details through the app. If you email us for support, we use your email only to reply to you.

Data stored on your device

Your quiz answers, scan results, routine checklist, and progress history are stored locally on your iPhone. You can delete all of it at any time from the app settings or by deleting the app.

Third parties we rely on

  • Anthropic (USA): processes your selfie for the one-time AI analysis described above. Anthropic acts as a processor for this analysis and does not train on this data under our API agreement.
  • Apple (USA): handles all App Store downloads and in-app purchases. We never see your payment details.
  • Vercel (USA): hosts this website and our analysis server.

Legal basis and your rights (GDPR)

For users in the European Union, the legal basis for processing your selfie is your consent (Art. 6(1)(a) GDPR), given explicitly in the app before any photo leaves your device. Because we keep nothing, most data rights are fulfilled by design:

  • Right to withdraw consent: simply stop using the scan feature. No previously sent photo is retained anywhere.
  • Right to erasure: delete the app or use the delete option in settings. All your data lives on your device.
  • Data minimization: we process the minimum needed for the analysis, once, and keep none of it.
  • Right to lodge a complaint: you may contact your local data protection authority at any time.

Children

Dermly is intended for users aged 13 and older. The analysis refuses photos that appear to show young children. If you are under 16 and live in the European Union, please ask a parent or guardian for permission before using the photo analysis.

Changes to this policy

If we change how data is handled, we will update this page and the effective date above before the change takes effect.

Contact

Questions about privacy? Email levin.schwab@gmx.de.