Privacy Policy

Pepmax operates the Pepmax mobile application (hereafter referred to as "App"). This page informs you of our policies regarding the collection, use, and disclosure of Personal Information we receive from users of the App.

Information Collection And Use

While using our App, we may ask you to provide us with certain personally identifiable information. This information may include, but is not limited to, your name, email address, age, height, weight, and uploaded photos used to generate transformation previews.

Face And Body Images

When you complete a scan, the App captures one or more photos of your face and/or body using your device's camera (with your permission). Here is exactly what happens to those images:

• Capture & Upload: Photos are taken inside the App, JPEG-compressed on your device, and uploaded over an encrypted (HTTPS/TLS) connection to Firebase Cloud Storage, operated by Google on our behalf.
• Storage Location:Each image is stored in a private, per-user folder keyed to your account ID (path format: users/{your account ID}/scans/{scan ID}/face.jpg or body.jpg). Access is restricted by Firebase security rules so that only your authenticated account — and our backend — can read these files.
• AI Processing: To produce your 6 category ratings (overall, muscle mass, skin, hair, face, body fat) and the AI-generated "after" image, your face and/or body image is sent from our backend to our AI partner, Google Gemini, via authenticated server-to-server API calls. Google processes the image to return analysis results and a synthesized image, and does not use the content you submit through this API to train its models.
• What We Generate From Them: The outputs (numeric ratings and an AI-generated "after" image) are saved to your scan record in our database (Cloud Firestore) and shown back to you inside the App.
• What We Do NOT Do: We do not sell your face or body images. We do not share them with advertisers, data brokers, or any third party other than the AI processing provider described above. We do not use your images to train AI models, build biometric identification systems, or attempt to identify you. We do not post your images publicly or share them with other users.
• Retention & Deletion: Your face/body images and the associated scan data remain stored as long as your account is active so that you can revisit your before/after results. You may permanently delete every uploaded photo, scan, rating, and generated image at any time by tapping "Delete Account" in Settings → Account; this triggers a cascade delete of your Firebase Storage objects, your Firestore documents, and your authentication record. You can also email team@pepmax.org to request deletion.

Data Input and AI Generated Data

We collect data that is inputted into the App by users and data that is generated by our AI technology — including the 6 category ratings produced from your scan and the AI-generated "after" image. This data is utilized to personalize your experience and provide your results. By using our App, you agree to the collection and use of this data in accordance with this policy.

Service Providers

We use the following third-party services to operate the App: Firebase Authentication, Cloud Firestore, Cloud Storage, and Cloud Functions (Google) — for account management, secure storage of your images and scan data, and running our backend; Google Gemini — for AI image analysis and generation as described above; Mixpanel — for anonymous, aggregated usage analytics (Mixpanel does not receive your face/body images); Superwall and RevenueCat — for subscription and paywall management. Each provider is contractually limited to using your data only to deliver the service we have asked them to perform.

Log Data

Like many app operators, we collect information that your device sends whenever you use our App ("Log Data"). This Log Data may include information such as your device's IP address, OS version, the pages of our App that you visit, the time and date of your visit, the time spent on those pages, and other statistics.

Changes To This Privacy Policy

This Privacy Policy is effective as of the latest update and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page. We reserve the right to update or change our Privacy Policy at any time, and you should check this Privacy Policy periodically.

If you have any questions or concerns regarding this Privacy Policy, please contact us at team@pepmax.org.