Refina Privacy Policy & Terms

Last Updated: July 9, 2026

Who We Are

"Refina", "EnhanceMe", "we", "our", or "us" means Trilogy Labs LLC, United States.

Age & Medical Disclaimer

AI face previews are for illustration only — not medical advice. Consult a licensed professional before any cosmetic procedure.

What We Collect & Why

Category Examples Purpose Legal Basis* Retention
Account Info Name (optional), email, password hash, OAuth tokens (Google / Apple) Sign-up, authentication, support Contract Until account deletion + 180 days backups
Photos / Videos Reference & enhanced images, metadata (angle, timestamp) Generate AI previews and Facial Dossier reports; cloud backup for user convenience Consent; Contract User-controlled (you can delete in-app)
Profile Details Age, gender, ethnicity, appearance goals (all user-provided) Personalize AI previews and Facial Dossier reports Consent Until account deletion
Purchase & Trial App-Store receipt IDs, subscription status, Superwall customer ID Unlock premium features, verify payments, enforce trials Contract; Legal obligation (tax) 10 years (accounting)
Device / Log Device model, OS version, IP (country only), unique device ID Security, fraud prevention, paywall gating Legitimate interest 90 days
Crash Data Stack traces, Firebase Crashlytics IDs Diagnose and fix app crashes Legitimate interest 90 days

*GDPR art. 6 legal bases; CCPA = "business purpose", not selling/sharing.

How We Use Data

  1. Provide core functions (login, photo upload, AI previews and Facial Dossiers).
  2. Validate trials and subscriptions via Superwall.
  3. Prevent trial abuse or fraud (device & IP checks).
  4. Improve stability through Crashlytics error reports.
  5. Send essential emails or in-app messages (e.g., password reset, receipt).

We do not show third-party ads or track you across other apps.

Facial Data Protection

AI Processing and Third-Party Services

Facial Enhancement & Dossier Processing:

Data Minimization:

Data Sharing (Sub-processors)

Vendor Service Location Safeguard
Google Firebase Backend hosting & storage US/EU EU SCCs + Data Privacy Framework
Replicate AI facial enhancement processing US Transient processing only
OpenAI AI image generation (previews & dossier reports) US API data not used for model training
Anthropic AI facial analysis & dossier report text US API data not used for model training
Superwall Subscription validation US SCCs
Apple / Google Play Payment processing Your region PCI-DSS / PSD2

No other third-party analytics, ad networks, or CDNs are integrated.

International Transfers

Data may be processed in the United States or other regions where Firebase operates.

Your Rights

You may access, export, or delete your data anytime via Settings → Account → Delete Account or by emailing team@trilogy-labs.com.

Security

All images encrypted in transit (TLS 1.2+) and at rest (AES-256). Strict authentication ensures users only access their own data.

Data Retention & Deletion

Account data kept while account exists. User-deleted photos removed immediately. AI processing files deleted immediately after processing.

Automated Processing

AI preview and Facial Dossier generation is automated but has no legal or similarly significant effect.

Changes

Updates will be posted here and users notified before major changes.

Contact

Email: team@trilogy-labs.com


END OF POLICY