Cortisol Max Logo
Cortisol Max

Privacy Policy

Last Updated: February 5, 2026

Cortisol Max ("we", "us") values your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use our mobile application.

1. Information We Collect

A. Personal Information

  • Account Data: When you sign up, we collect your email address and profile information via our authentication provider.
  • Face Photo Data: To provide our core analysis service, we collect and process face photos that you upload or capture via the camera, including front-facing and side-view scan photos.

B. Usage Data

We collect anonymous data on how you interact with the app (e.g., screens visited, features used) to improve performance and user experience.

2. Face Photo Data Collection and Use

What Face Photo Data We Collect

  • Photographs: Face photos that you capture or upload, including front-facing and side-view photos used for Cortisol Face Scan analysis and Low-Cortisol Self generation.
  • Analysis Results: Scores and assessments derived from AI analysis of your face photos, such as visible stress-load signals, facial tension, under-eye fatigue, skin dullness, posture or tension context, recovery signal, and non-diagnostic wellness recommendations.
  • Generated Images: AI-enhanced versions of your photos created through our "Low-Cortisol Self" feature.

How We Use Face Photo Data

  • Cortisol Face Scan Analysis: To generate non-diagnostic Cortisol Score estimates, visible stress-load insights, and personalized wellness recommendations.
  • Image Enhancement: To create AI-generated enhanced versions of your photos when you use Low-Cortisol Self.
  • Progress Tracking: To allow you to compare results over time in your scan history.

What We Do NOT Use Face Photo Data For

  • Collecting Face ID data, faceprints, facial geometry templates, or biometric identifiers
  • Biometric recognition or identity verification
  • Surveillance or tracking
  • Selling to third parties for advertising
  • Training AI models without explicit consent

3. Third-Party AI Processing and Storage

To provide Cortisol Face Scan, food photo analysis, and Low-Cortisol Self features, we use third-party AI processing services. Face photos are sent for processing only when you choose to use an AI feature and provide the required consent in the app.

AI Providers

  • Providers: OpenRouter and Google Gemini AI models.
  • Data Sent: The photos you submit for analysis or generation, plus the minimum app context needed to return your result.
  • Processing: Cortisol Max does not authorize AI providers to use your face photos to train models. The photos are processed to return your requested analysis or generated image.
  • Storage: Saved scan photos and scan results are stored by Cortisol Max using Convex and Convex file storage so you can view scan history. AI processing request data is not stored by Cortisol Max after the request completes unless you save the scan result in your account history.

Before using any AI features, you will be asked to provide explicit consent acknowledging this data sharing.

4. How We Use Your Information

We use your data strictly to:

  • Provide the Service: Processing your photos to generate AI-based Cortisol Face Scan analysis and improvement plans.
  • User History: Storing your results so you can track your progress over time (e.g., in the "History" tab).
  • Account Management: Managing your subscription and preferences.

5. Data Retention

Face Photo Data Retention

  • Uploaded Photos: Your photos are only permanently stored if you choose to save your scan results. Saved photos enable progress tracking and history viewing, and are retained until you delete your account.
  • Scan Results: Stored with your account until you delete them or delete your account.
  • AI-Generated Images: "Low-Cortisol Self" images are generated on-demand and not permanently stored on our servers.
  • Third-Party Processing: When your photos are sent to third-party AI services for analysis or image generation, Cortisol Max does not store the processing request after it completes unless you save the resulting scan to your account.

Account Data Retention

Your account data and scan history are retained until you request deletion through the app settings or by contacting support. Upon deletion, all associated data including stored photos is permanently removed from our servers.

6. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit and at rest. However, no method of transmission over the internet is 100% secure.

7. Your Rights

Depending on your location, you may have the right to access, correct, or delete your personal data. You can exercise these rights directly within the app (Settings → Account → Delete Account) or by contacting us.

8. Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

9. Contact Us

For privacy-related inquiries, please contact us at support@cortisolmax.xyz.