Privacy

Your photos are analysed, then gone.

This is the full privacy policy. But if you only read one thing: we delete your photos within 60 seconds, we never use them for training, and we never sell your data.

Last updated: April 2026. We will notify you by email before any material changes take effect.

Photo handling

What happens to your photos, step by step.

Not archived. Not anonymised. Not “retained for service improvement.” Deleted.

You take two photos

A face photo and an eye close-up, taken on your device. The camera overlay guides framing and lighting.

Uploaded to memory only

Your photos are sent over an encrypted connection and held in server memory (tmpfs). Never written to disk. Never uploaded to a storage bucket.

We read your colouring

Machine vision (provided by Anthropic) analyses skin undertone, hair depth, eye colour, and contrast. It sees your photo, returns structured text, and the image reference is released.

Photos permanently deleted

Both images are purged from memory. No copy exists anywhere. Not on our servers, not in any backup, not in any AI training set. We retain only derived colour attributes: hex values and text descriptions.

Your report stays, your photos don't

You keep your full colour report for as long as you have an account. The pixels that generated it are gone within a minute of your result loading.

Data retention

What we collect, how long we keep it.

Data	Retention	Purpose
Face and eye photos	Deleted < 60s after analysis	Colour analysis only. Never written to disk.
Photo hashes (SHA-256)	30 days	Duplicate detection, re-run cache key.
Analysis result (JSON)	Until account deletion	Your report, palette, and recommendations.
Profile answers	Until account deletion	Personalisation (style, budget, retailers).
Email address	Until account deletion + 30 days	Authentication (magic link), transactional emails.
Payment data	Never held by us	Processed exclusively by Stripe.

Face and eye photos

Retention: Deleted < 60s after analysis

Purpose: Colour analysis only. Never written to disk.

Photo hashes (SHA-256)

Retention: 30 days

Purpose: Duplicate detection, re-run cache key.

Analysis result (JSON)

Retention: Until account deletion

Purpose: Your report, palette, and recommendations.

Profile answers

Retention: Until account deletion

Purpose: Personalisation (style, budget, retailers).

Email address

Retention: Until account deletion + 30 days

Purpose: Authentication (magic link), transactional emails.

Payment data

Retention: Never held by us

Purpose: Processed exclusively by Stripe.

Who we are

mycolours is operated by Pieo Digital LLC. ICO registration will be completed before public launch. For any privacy queries, contact [email protected].

Lawful basis for processing

We process your data under the following bases: (a) contract performance, for delivering the colour analysis you purchased; (b) legitimate interest, for fraud prevention and service improvement; (c) consent, for optional marketing communications. You can withdraw consent at any time.

International transfers

Photo analysis is processed via Anthropic's API (US-based). This constitutes a UK-to-US data transfer. We use Anthropic's API under their standard terms of service as a paying customer. The transfer is limited to the 60-second analysis window; no personal data is retained by Anthropic after processing. Anthropic's privacy policy prohibits use of API inputs for model training.

Encryption

Email addresses and other personally identifiable information are encrypted at rest using AES-256 (Fernet). Access and refresh tokens are signed JWTs with session versioning, allowing instant revocation via sign-out-everywhere.

Cookies and analytics

We use Google Analytics 4 with IP anonymisation enabled, and strictly necessary cookies for authentication (session token). No advertising cookies, no third-party trackers, no fingerprinting.

Third-party processors

Anthropic (AI vision): photo analysis only, under DPA with SCCs. No data retained.Stripe: payment processing. We never see or store card details.SendGrid: transactional email delivery (magic links, MFA codes, receipts). No marketing.Google Analytics: aggregated usage analytics with IP anonymisation.

Age restriction

mycolours is available to users aged 18 and over. We require age confirmation during onboarding. If we learn that a user is under 18, we will delete their account and all associated data.

Data breach notification

In the event of a personal data breach, we will notify the ICO within 72 hours where required, and affected users without undue delay where the breach is likely to result in a high risk to their rights and freedoms.

Changes to this policy

We may update this privacy policy from time to time. Material changes will be communicated by email at least 14 days before they take effect. The “last updated” date at the top of this page always reflects the current version.

Your rights

Your data, your call.

Access

Request a copy of all personal data we hold about you.

Rectification

Correct any inaccurate information in your profile.

Erasure

Delete your account and all associated data. One click in settings, or email [email protected].

Portability

Export your analysis results and profile in a machine-readable format.

Objection

Object to processing based on legitimate interest. We will stop unless we can demonstrate compelling grounds.

All requests are actioned within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ico.org.uk).

Contact [email protected]