← Back

Privacy Policy

Privacy Policy – Cheq App

Effective Date: 01.01.25

Last Updated: 11.04.25

1. Who We Are

Company Name: Cheq Inc.
Principal Office: 169 Madison Ave, STE 38418, New York, NY 10016, USA
Registered Office: 611 South DuPont Highway, Suite 102, Dover, DE 19901, USA
Email: support@mycheq.com

CHEQ Inc. ("CHEQ," "we," "us," or "our") operates the CHEQ mobile application (the "App"). We are committed to protecting your privacy and handling your personal data transparently and responsibly.

2. Information We Collect

When you use the CHEQ App, we may collect and process the following types of personal information:

a. Account Information

  • Name, email address, and phone number
  • City, region, and country

b. Questionnaire Data

  • Responses to lifestyle and skin-related questions you provide during onboarding

c. Image Data

  • Facial photographs you upload for AI-based skin analysis
  • Images are stored temporarily in secure Supabase storage (U.S.)
  • They are analyzed using OpenAI's API to assess visible skin traits
  • All images are automatically deleted within 30 days of upload
  • No facial recognition or biometric identification is performed

d. Microbiome Data (If You Use the CHEQ Test Kit)

  • Bacterial sequencing data generated from your returned microbiome patch
  • These results are linked to your profile within the App to generate your personalized CHEQ Skin Report
  • Microbiome data may be de-identified and aggregated for internal research or product improvement purposes

e. Technical Information

  • Device model, operating system, and crash logs (used only for performance optimization)
  • No advertising or analytics SDKs (e.g., Meta, Firebase, Google Ads) are used in this App

3. How We Use Your Information

We use your personal information to:

  • Generate your personalized CHEQ Skin Report
  • Display educational insights and product recommendations based on your data
  • Facilitate account login and verification
  • Provide transactional notifications (via SendGrid for email and Twilio for SMS)
  • Improve the App's performance, accuracy, and user experience
  • Fulfill customer service or support requests

We do not use your data for advertising or behavioral profiling.

4. Data Storage and Security

  • All data is stored on Supabase (PostgreSQL + object storage), hosted in the U.S. (AWS us-east-1).
  • The App frontend is hosted on Vercel (U.S.), which also utilizes AWS infrastructure.
  • We implement encryption in transit (TLS) and at rest, with strict access controls for authorized personnel only.
  • No third-party advertisers, data brokers, or analytics providers have access to your personal data.

While we employ strong security measures, no system can guarantee absolute protection against unauthorized access.

5. Data Retention

Data TypeRetention PeriodDeletion Method
Facial Images30 days from uploadAutomatically deleted from storage
Microbiome DataRetained until user deletes account or requests deletionPermanently deleted from Supabase and backups
Account InformationRetained until user account is deletedDeleted upon request
De-identified/Aggregated DataMay be retained indefinitelyContains no personal identifiers

You can delete your account and all related data at any time within the App or by emailing support@mycheq.com.

6. Data Sharing and Disclosure

We do not sell, rent, or trade your data.

We only share limited information with:

  • Laboratory Partner (U.S.) – for microbiome sample processing.
  • SendGrid (U.S.) – for sending transactional emails.
  • Twilio (U.S.) – for SMS code verification.
  • OpenAI (U.S.) – for temporary processing of uploaded facial images.

All third parties process data under contract with CHEQ and are bound to use it only for the purpose of providing their respective services.

7. International Users

The App is accessible to users in the United States, United Kingdom, and European Union.

If you access the App from outside the U.S., please note that your data is processed and stored in the United States.

For EU and UK users, CHEQ relies on Standard Contractual Clauses (SCCs) as the lawful mechanism for cross-border data transfer under GDPR.

8. Your Rights and Choices

You have the right to:

  • Access and view your personal data within the App
  • Correct or update your information in the "Profile" section
  • Request deletion of your account and all data
  • Request a copy of your stored data
  • Withdraw consent for certain data uses (if applicable)

To exercise these rights, use the in-app "Delete Account" feature or contact us at support@mycheq.com.

9. Children's Privacy

The CHEQ App is not designed for children under 13 years of age.

We do not knowingly collect or process personal data from children.

If we discover such data, it will be deleted immediately.

10. Cookies and Tracking

The CHEQ App does not use cookies, web beacons, or tracking SDKs.

If tracking technologies are introduced in future versions, this policy will be updated and users will be notified.

11. Updates to This Policy

We may revise this Privacy Policy periodically.

If changes are significant, we will notify users within the App or via email.

The "Effective Date" at the top will always reflect the most recent update.

12. Contact Us

If you have any questions, concerns, or privacy requests, please contact:

CHEQ Inc.
169 Madison Ave, STE 38418
New York, NY 10016
Email: support@mycheq.com