This is a minimum-viable privacy policy intended for SoftMaxx's initial launch. It is calibrated to our actual data flow (transient processing, no server-side photo storage). It will be revisited with formal legal review as SoftMaxx grows.
TL;DR
SoftMaxx is an AI face analysis service. When you upload a selfie, we:
- Analyze your facial geometry in your browser using 478-point facial landmark detection (an open-source library from Google)
- Send your photo plus the geometric measurements to OpenAI's vision API for scoring
- Return your scores to you and destroy the photo immediately — we do not store it on our servers
- Collect your email so we can send you your results and (with your consent) marketing about SoftMaxx
We do not train AI on your photo. We do not sell your data. We do not share your face data with anyone except OpenAI for the specific purpose of generating your score. You must be 18 or older to use SoftMaxx.
For privacy questions or deletion requests, email privacy@softmaxx.io. For subscription, billing, and refund information, see our Terms of Service.
1. Who we are
SoftMaxx is operated as an independent venture based in the United States. For any privacy-related question, deletion request, or general inquiry, contact us at privacy@softmaxx.io. Formal legal entity details will be added to this page as the business structure is finalized.
2. What we collect
From everyone who uses SoftMaxx
- Your email address — collected once at the pre-scan email gate. Stored in your browser's localStorage and on our marketing list.
- Your selfie photo — uploaded to our service from your device, analyzed by OpenAI's vision API, then destroyed within seconds of analysis completion.
- Your face geometry — 478 anatomical landmark points extracted from your photo by our facial landmark detection engine running in your browser before the photo is sent to our servers. From these landmarks we compute numeric facial proportion ratios.
- Your scan results — the scores, measurements, and analysis text we generate. Returned to you and stored in your browser's localStorage so you can revisit them.
- Basic technical information — your IP address, browser type, and device type, automatically logged by our hosting provider for security and performance.
From paying subscribers
- Payment information — handled entirely by Stripe. We never see or store your full credit card number. Stripe returns us a token confirming your subscription tier and status.
- Your Stripe Customer ID — used to look up your active subscription status when you scan.
- Journal photos (Elite tier only) — if you use the progress journal feature, photos you upload are stored on our servers so you can track changes over time. These are stored at your explicit request and are separate from scan-analysis photos. You can delete individual journal entries at any time, or delete all journal data via the "Delete my data" button on your Account page.
Stored in your browser (not on our servers)
- localStorage keys we use: your email, your scan history, your subscription state. This data stays in your browser and is transmitted to our servers only as needed to deliver the service.
3. What we DO NOT collect or do
To be explicit:
- We do not retain your face photo on our servers after scan analysis completes. (If you use the Elite progress journal, photos you explicitly upload there are stored until you delete them — see Section 5 for details.)
- We do not identify you by your face. SoftMaxx measures proportions; it does not perform facial recognition or match your face against any database.
- We do not train AI models on your photo. The photo is sent to OpenAI for a single analysis request, then destroyed.
- We do not sell, rent, trade, or share your face data, email, or scan results with third parties for advertising or marketing purposes.
- We do not use cookies for tracking. We use localStorage, which remains in your browser under your control.
4. How we use what we collect
| Data | How we use it |
|---|---|
| Your email | Sending you your scan results, marketing emails about SoftMaxx (with your consent), account communications |
| Your photo | Analyzed by our landmark detection engine in your browser and OpenAI server-side to generate your scores; destroyed immediately after analysis |
| Your face geometry | Computing facial proportion scores against research-cited anatomical ranges |
| Your scan results | Returned to you; stored in your browser; used to compute aggregate quality metrics (no personal data attached) |
| Your payment info | Processed by Stripe to manage your subscription |
| Your IP and device info | Security (rate limiting, abuse detection), performance monitoring |
5. Biometric data disclosure (BIPA, CUBI, Washington 19.375)
If you live in Illinois, Texas, Washington, or another jurisdiction with a biometric privacy law, please read this section carefully.
What is collected
A scan of your face geometry, consisting of 478 anatomical landmark points. Under the Illinois Biometric Information Privacy Act (BIPA), the Texas Capture or Use of Biometric Identifier Act (CUBI), and Washington RCW 19.375, this is considered a "biometric identifier."
Why it is collected
Solely to compute your facial proportion scores. Your face geometry is not used to identify you, match you against any database, or for any other purpose.
Who receives it
Your photo (which contains implicit face geometry) is transmitted to OpenAI's vision API for analysis. The 478 landmark points are computed in your browser and sent to our server as numeric ratios, not as a face template usable for identification. OpenAI's privacy policy is available at openai.com/policies/privacy-policy. OpenAI states that data submitted via their API is not used to train models.
Retention
Photos. Your face photo is transmitted once to OpenAI's vision API to compute your analysis. The photo is held in our server's memory only for the duration of that single analysis request (typically under 60 seconds) and is never written to our database, disk, or any persistent storage on our infrastructure.
Raw landmark geometry. The 478 anatomical landmark points are computed entirely in your browser via our facial landmark detection engine. The raw landmark coordinates never leave your device — only derived numerical ratios (for example, facial-width-to-height ratio = 1.85) are transmitted to our server.
Derived numerical scores. Your scoring results (for example, "jawline: 7.5/10", "facial harmony: 8.0/10") are stored on our servers for up to 12 months, keyed to an anonymous identifier (a random UUID) stored in your browser's localStorage. These numerical values are not biometric identifiers — they cannot reconstruct your face or be used to identify you. They are retained to enable progress tracking, trend dashboards, and re-scan comparisons.
Self-reported lifestyle data. If you complete the optional lifestyle questionnaire (sleep hours, body-fat estimate, smoking, sunscreen use, alcohol use, height/weight), that data is stored for up to 90 days to personalize your protocol recommendations.
Journal photos (Elite tier only). If you use the progress journal feature, photos you explicitly upload are stored on our servers so you can track facial changes over time. Journal photos are stored until you delete them individually or use the "Delete my data" button on your Account page. They are not used for any purpose other than displaying them back to you.
Destruction schedule
Photo data is destroyed at the end of each analysis request — typically within 60 seconds and always within the lifetime of a single HTTP function invocation. We do not persist your photo at any point after the analysis returns to you.
Derived numerical scores expire automatically after 12 months and lifestyle intake expires after 90 days, via TTL-based automatic deletion on our key-value store (Vercel KV / Upstash Redis). No manual purge is required for time-based expiration.
Journal photos (Elite tier) do not have an automatic expiration. They are retained until you delete them individually, use the "Delete my data" button, or contact support for manual deletion.
Your right to deletion
You may immediately delete all stored numerical scores, scan history, lifestyle intake, journal entries, chat memory, and coach-persona selections by clicking the "Delete my data" button on your Account page. The deletion is processed by our server and typically completes within seconds. You will receive a confirmation listing the data categories purged.
If you cannot access the Account page (for example, from a device that does not have your anonymous identifier in localStorage), you may also email support@softmaxx.io with a deletion request and any identifying details (the anonymous UUID from another device, your Stripe customer ID, or the email address used at checkout).
Note: Subscription, payment, and credit-balance records are retained separately for accounting and tax purposes as required by applicable financial-records law. These are not within BIPA scope and are not removed by the "Delete my data" action. To cancel a paid subscription, use the "Cancel subscription" button on your Account page or email support@softmaxx.io.
Consent
By using SoftMaxx and submitting a scan, you explicitly consent to the capture and analysis of your face geometry as described above. You may withdraw this consent at any time by ceasing to use SoftMaxx.
6. Third parties we share with
We share data with these third-party services to deliver SoftMaxx. We do not share with anyone else for marketing or advertising purposes.
| Service | What we share | Why |
|---|---|---|
| OpenAI | Your photo plus facial measurements | To generate AI-driven scoring via vision API. OpenAI does not train on this data. |
| Stripe | Your email, payment information, subscription metadata | To process subscription payments and manage your subscription. |
| Vercel | Web traffic data (IP, device, request data) | Our hosting provider. |
7. Your rights
You have the right to:
- Access any data we have about you — email privacy@softmaxx.io
- Delete your data — email the same address. We will delete your email from our marketing list and confirm via reply. Since we do not retain biometric data, your email is the primary item to delete on our end.
- Opt out of marketing emails — every marketing email contains an unsubscribe link.
- Object to processing — stop using SoftMaxx and email us to confirm deletion of your remaining data.
- Portability — your scan results are stored in your browser's localStorage and can be exported by you directly.
- Withdraw consent for biometric processing — stop submitting scans. Past scan data is already destroyed; no further capture occurs.
If you are a California resident under CCPA — you have the right to know what categories of personal information we have collected (see Section 2), the right to delete, and the right to opt out of any "sale" of personal information. We do not sell personal information.
If you are an EU or UK resident under GDPR — the above rights apply. You also have the right to lodge a complaint with your local data protection authority.
8. Children
SoftMaxx is for users 18 years and older. We do not knowingly collect personal data from anyone under 18.
If you are under 18, please do not use SoftMaxx and do not submit photos to our service. If we discover we have collected data from someone under 18, we will delete it immediately.
If you are a parent or guardian and believe your child has used SoftMaxx, please contact us at privacy@softmaxx.io and we will delete any associated data.
9. Security
We use standard security practices including:
- HTTPS encryption for all data in transit
- Transient processing — photos are processed and destroyed within seconds; no long-term photo storage on our servers
- Stripe for payment processing — Stripe is PCI-DSS Level 1 certified, and your full payment card information never touches our infrastructure
- Webhook signature verification for all Stripe events to prevent forgery
- Per-email rate limits to prevent abuse
No system is 100% secure. We cannot guarantee absolute security, but we make reasonable efforts to protect your data.
10. International users
SoftMaxx is operated from the United States. By using SoftMaxx from outside the US, you consent to the transfer of your data to the United States for processing. We comply with applicable cross-border data transfer requirements.
11. Changes to this policy
We may update this policy from time to time. When we do, we will update the "Last updated" date at the top of this document. For material changes that affect how we use your data, we will notify you via email if we have one on file. Continued use of SoftMaxx after a policy update constitutes acceptance of the updated policy.
11a. Refunds and Billing
For information about subscription pricing, auto-renewal, cancellation, and our 30-day money-back guarantee, please see Section 5 of our Terms of Service.
In summary: SoftMaxx offers a 30-day money-back guarantee on your first subscription purchase. To request a refund, email support@softmaxx.io within 30 days of your initial charge. Refunds apply only to the first charge of a new subscription — renewal months are not eligible. Refunds are processed within 5–10 business days.
Payment processing is handled entirely by Stripe. We never store or see your full payment card details. Your Stripe Customer ID is retained to manage your active subscription status.
12. Contact
For privacy questions, deletion requests, or any other privacy-related inquiry:
privacy@softmaxx.io
For general product support:
support@softmaxx.io
For BIPA, CUBI, or Washington 19.375 inquiries (Illinois, Texas, Washington residents):
privacy@softmaxx.io — please include "BIPA inquiry" or your state's law in the subject line for fastest routing.