Privacy

Your photos are analysed, then gone.

This is the full privacy policy. But if you only read one thing: we delete your photos within 60 seconds, we never use them for training, and we never sell your data.

Last updated: April 2026. We will notify you by email before any material changes take effect.

Photo handling

What happens to your photos, step by step.

Not archived. Not anonymised. Not “retained for service improvement.” Deleted.

You take two photos

A face photo and an eye close-up, taken on your device. The camera overlay guides framing and lighting.

Uploaded to memory only

Your photos are sent over an encrypted connection and held in server memory (tmpfs). Never written to disk. Never uploaded to a storage bucket.

AI reads your colouring

Three calls to Claude Vision analyse skin undertone, hair depth, eye colour, and contrast. The model sees your photo, returns structured text, and the image reference is released.

Photos permanently deleted

Both images are purged from memory. No copy exists anywhere. Not on our servers, not in any backup, not in any AI training set. We retain only derived colour attributes: hex values and text descriptions.

Your report stays, your photos don't

You keep your full colour report for as long as you have an account. The pixels that generated it are gone within a minute of your result loading.

Data retention

What we collect, how long we keep it.

Data	Retention	Purpose
Face and eye photos	Deleted < 60s after analysis	Colour analysis only. Never written to disk.
Photo hashes (SHA-256)	30 days	Duplicate detection, re-run cache key.
Analysis result (JSON)	Until account deletion	Your report, palette, and recommendations.
Profile answers	Until account deletion	Personalisation (style, budget, retailers).
Email address	Until account deletion + 30 days	Authentication (magic link), transactional emails.
Payment data	Never held by us	Processed exclusively by Stripe.

Face and eye photos

Retention: Deleted < 60s after analysis

Purpose: Colour analysis only. Never written to disk.

Photo hashes (SHA-256)

Retention: 30 days

Purpose: Duplicate detection, re-run cache key.

Analysis result (JSON)

Retention: Until account deletion

Purpose: Your report, palette, and recommendations.

Profile answers

Retention: Until account deletion

Purpose: Personalisation (style, budget, retailers).

Email address

Retention: Until account deletion + 30 days

Purpose: Authentication (magic link), transactional emails.

Payment data

Retention: Never held by us

Purpose: Processed exclusively by Stripe.

Who we are

mycolours is operated by [Company Name], registered in England and Wales. ICO registration number: [pending]. For any privacy queries, contact [email protected].

Lawful basis for processing

We process your data under the following bases: (a) contract performance, for delivering the colour analysis you purchased; (b) legitimate interest, for fraud prevention and service improvement; (c) consent, for optional marketing communications. You can withdraw consent at any time.

International transfers

Photo analysis is processed via Anthropic's API (US-based). This constitutes a UK-to-US data transfer, governed by Anthropic's Data Processing Agreement and Standard Contractual Clauses (SCCs) as approved by the UK ICO. The transfer is limited to the 60-second analysis window; no personal data is retained by Anthropic after processing.

Encryption

Email addresses and other personally identifiable information are encrypted at rest using AES-256 (Fernet). Access and refresh tokens are signed JWTs with session versioning, allowing instant revocation via sign-out-everywhere.

Cookies and analytics

We use Google Analytics 4 with IP anonymisation enabled, and strictly necessary cookies for authentication (session token). No advertising cookies, no third-party trackers, no fingerprinting.

Third-party processors

Anthropic (Claude Vision): photo analysis only, under DPA with SCCs. No data retained.Stripe: payment processing. We never see or store card details.SendGrid: transactional email delivery (magic links, MFA codes, receipts). No marketing.Google Analytics: aggregated usage analytics with IP anonymisation.

Age restriction

mycolours is available to users aged 18 and over. We require age confirmation during onboarding. If we learn that a user is under 18, we will delete their account and all associated data.

Data breach notification

In the event of a personal data breach, we will notify the ICO within 72 hours where required, and affected users without undue delay where the breach is likely to result in a high risk to their rights and freedoms.

Legal review required

This privacy policy is a working draft and must be reviewed by a qualified legal professional before launch. Placeholders marked with [brackets] need to be completed.

Your rights

Your data, your call.

Access

Request a copy of all personal data we hold about you.

Rectification

Correct any inaccurate information in your profile.

Erasure

Delete your account and all associated data. One click in settings, or email [email protected].

Portability

Export your analysis results and profile in a machine-readable format.

Objection

Object to processing based on legitimate interest. We will stop unless we can demonstrate compelling grounds.

All requests are actioned within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ico.org.uk).

Contact [email protected]