LOOKSMAXBRO_
The short version

LOOKSMAXBRO scores your face on your iPhone. There is no account, no login, and no LOOKSMAXBRO server — so your photos are never uploaded, because there is nowhere to upload them to. They sit in the app's encrypted private storage, are left out of your iCloud backup, and leave your phone only if you tap Share.

What does leave your phone, automatically, is anonymous product analytics: how far you got through the app, and a rounded bucket of your score. No photo, no facial map, no name, no email — we don't have those to send. Everything below says the same thing in more words, and names the exact events.

This policy explains what the LOOKSMAXBRO iOS app (the "App") collects, what it does with it, and what choices you have. The App is operated by LOOKSMAXBRO ("we", "us"). By using the App you agree to this policy.

1How the App is built — and why that is the policy

Most face-scoring apps work by sending your selfie to a server, scoring it there, and sending a number back. LOOKSMAXBRO does not. The scoring model is compiled into the app and runs on your iPhone's own Neural Engine, through Apple's Vision and Core ML frameworks.

The App contains no network client of our own. There is no LOOKSMAXBRO API, no backend, no cloud storage, and no account system. You can put the phone in airplane mode and the scan still works — that is the simplest way to check that we are telling the truth. Everything in this policy follows from that one architectural fact.

2What we collect

Photos of your face

The App takes two photos per scan — front and side — using your front camera. It does not read your photo library at all (iOS would have to ask your permission for that, and the App never does).

Your photos are saved on your device only, inside the App's private sandbox storage, with Apple's full file protection (encrypted, and unreadable while the phone is locked). They are:

The App keeps your scan photos so it can show you your Progress gallery and your before / after comparison. They are not "processed and discarded" — they are stored, on your phone, for you.

Your face scan

To score a face the App measures it. On device, and only on device, it computes: a face bounding box, a 76-point landmark map (eyes, brows, nose, lips, jaw contour), your head pose, an image-quality score, and — on Face ID-capable iPhones — a coarse depth sample. (The depth sample is there to tell a real face from a photograph of one. In the current build it is measured but not yet enforced, so it does not reject anything.)

None of that is stored. The landmarks, the pose, the depth samples and the model's raw output exist in memory for the second it takes to compute your score, and are then gone. Nothing resembling a faceprint is saved, and none of it is ever transmitted.

Face data, plainly stated

Because some laws treat measurements of a face as a special category, we will be precise rather than reassuring. The App does measure the geometry of your face — that is literally what a face-scoring app does, and any app in this category that tells you otherwise is not being straight with you. What matters is what happens next:

Your scores and your answers

Stored locally on your device: your Overall and Potential scores, the eight metric scores, scan dates, your daily check-ins, your streak, and the optional answers you gave in the onboarding quiz (your goal, your self-rating, and your age if you chose to enter it). None of this is sent to us.

One honest detail: unlike your photos, this local database is included in your own iPhone backup, so if you back up your phone to iCloud, your scores and check-ins go into that backup. That backup is Apple's, is encrypted, and belongs to you — we have no access to it and never see it. It is how your history survives a new phone.

Product analytics

This is the one thing that automatically leaves your device. We use Amplitude to understand whether the App actually works — where people get stuck, whether anyone comes back for a second scan. It is anonymous: there is no account, so there is no name, email, or phone number to attach to it.

Here is every event the App sends, and everything it carries:

Event What it carries
Onboarding & quiz That you started onboarding and finished the quiz. Your answers are not sent — not your age, not your goal, not your self-rating.
Scan completed Your lifetime number of scans (1, 2, 3…). Never the photo, never the landmarks.
Score distribution Your Overall rounded into a half-point bucket (e.g. "6.5–7.0"), so we can see the spread of scores the model actually produces and check it is calibrated.
Re-scan delta How much your score changed between two scans (e.g. +0.3).
Scan refused That a scan was rejected and the reason category ("no face", "bad pose", "too dark"). No measurements of your face are attached.
Liveness A one-word verdict on whether the depth check thought it was seeing a live face. The measurements behind it stay on your phone.
Scorer fallback Whether the main model failed and a simpler one had to score instead, and why.
Paywall & purchase Which paywall you saw and which plan was bought. Never any payment detail — we never receive one.
Check-in, streak, notifications, time-lapse Counters: how many habits you ticked, how long a streak ran, whether you allowed notifications, whether you opened a reminder, how many frames were exported.
Screen views & sessions That you reached your results screen, and when an app session started and ended (the Amplitude SDK records the latter automatically).

No photo, no landmark, no facial measurement, and no image data of any kind is ever attached to an analytics event. The App does not have the code to do so.

Amplitude does attach a random device identifier (derived from Apple's "identifier for vendor", which is scoped to us, is not the advertising ID, and resets when you delete the App), plus the App version, your device model, OS version and language. We have switched off Amplitude's IP-address and location lookup, so no location — not even a city — is collected.

Purchases

Subscriptions are sold and processed by Apple through the App Store. Apple tells the App whether you have an active subscription; that is all we learn. We never see your Apple ID, your card, or your billing address.

3What we never collect

4Who else is involved

Two companies, and neither of them ever receives your face:

That is the complete list. There is no crash reporter, no attribution SDK, no advertising network, no remote config service, and no third-party AI provider — because the model is on your phone.

5When your photo does leave your phone

Only when you send it. There are exactly two ways:

In both cases iOS hands the file to whichever app you pick. Once you have sent it somewhere, that destination's rules apply, not ours.

6How we use what we collect

We do not use your photos or your scores to train our model. The model is trained on public research datasets before the App ships, and it does not learn from you — your face never becomes training data for anything.

7Keeping and deleting your data

Your photos, scores and history stay on your phone for as long as you keep them. We hold no copy, so there is nothing for you to ask us to delete — and nothing we could hand over if someone demanded it.

You have two ways to erase everything:

Neither of these cancels an App Store subscription. Cancel that in your Apple account settings (Settings → your name → Subscriptions).

Anonymous analytics events already sent cannot be traced back to you and therefore cannot be individually deleted; they are retained in aggregate for as long as they are useful for improving the App. Apple keeps purchase records under its own policies and for as long as tax law requires.

8Your rights

Depending on where you live (for example, under the GDPR or the CCPA) you may have rights to access, correct, export, or delete the personal data a company holds about you, and to object to its processing.

In our case the honest answer is that we hold almost nothing to give you: no account, no name, no email, no photos, no server-side profile. Your data is in your hands, on your device, and section 7 is your delete button. If you believe we hold something about you and you want it, or you simply want to ask, write to support@looksmaxbro.com and we will answer.

9Notifications

Reminders are generated on your phone, by the App, from your own cycle. We do not use push servers, we have no push token, and we cannot send you anything remotely — if the App reminds you to check in, it is because your phone decided to, not because we did. You can turn them off in iOS Settings at any time.

10Children

LOOKSMAXBRO is rated 16+ and is not directed at children. You must be at least 16 to use the App. Do not scan the face of anyone under 16. If you believe a child has used the App, delete it — that removes everything, because everything is local.

11Security

Your photos are stored with Apple's complete file protection: encrypted at rest and unreadable while your device is locked. The strongest security property of this App, though, is not a control we implemented — it is that we never receive your face in the first place. There is no database of user photos to breach, because there is no database of user photos.

12Changes

If we change this policy we will update the date at the top. If we ever change the App so that it sends more than what section 2 lists — a backup service, a cloud feature, anything that carries your face off the device — we will say so clearly in the App before it happens, not quietly in a document you have already read.

13Contact

LOOKSMAXBRO — support@looksmaxbro.com. We answer privacy questions from a human.