Take a Quiz

IMPORTANT PRIVACY INFORMATION

In order to use the service, we will ask you to enter your name and email. We will also automatically collect from your device language settings, IP address, time zone, type and model of a device, device settings, operating system, Internet service provider, mobile carrier, hardware ID, Facebook ID. We need this data to provide our services, analyze how our customers use the service and to measure ads.

For improving the service and serving ads, we use third party solutions. As a result, we may process data using solutions developed by Amazon, Amplitude, Apple, BigQuery, Google, Firebase, Meta, Strapi, Zendesk. Therefore, some of the data is stored and processed on the servers of such third parties. This enables us to (1) analyze different interactions (how often users make purchases, what products our users viewed); (2) serve and measure ads (and show them only to a particular group of users).

If you decide to make a purchase or to order a service on the Website, we will ask you to provide your email, approximate age, and different information about your appearance.

Please read our Privacy Policy below to know more about what we do with data (Section 3), what data privacy rights are available to you (Section 6) and who will be the data controller (Section 1). If any questions remain unanswered, please contact us at support@epica-beauty.com.

PRIVACY POLICY

This Privacy Policy explains what personal data is collected when you use EPICA mobile application (the "App"), the website located at: epicaapp.com (the "Website"), the services and products provided through them (together with the App and Website, the "Service"), how such personal data will be processed.

BY USING THE SERVICE, YOU PROMISE US THAT (I) YOU HAVE READ, UNDERSTAND AND AGREE TO THIS PRIVACY POLICY, AND (II) YOU ARE OVER 16 YEARS OF AGE (OR HAVE HAD YOUR PARENT OR GUARDIAN READ AND AGREE TO THIS PRIVACY POLICY FOR YOU). If you do not agree, or are unable to make this promise, you must not use the Service. In such case, you must (a) contact us and request deletion of your data; (b) delete the App from your device or leave the Website and not access or use it; and (c) cancel any active subscriptions or trials.

Any translation from the English version is provided for your convenience only. In the event of any difference in meaning or interpretation between the English language version of this Privacy Policy available at https://epica-beauty.com/privacy-policy/, and any translation, the English language version will prevail. The original English text shall be the sole legally binding version.

"GDPR" means the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

"EEA" includes all current member states to the European Union and the European Free Trade Association. For the purpose of this policy EEA shall include the United Kingdom of Great Britain and Northern Ireland.

"Process", in respect of personal data, includes to collect, store, and disclose to others.

"CCPA" means the California Consumer Privacy Act of 2018.

TABLE OF CONTENTS

  1. PERSONAL DATA CONTROLLER

  2. CATEGORIES OF PERSONAL DATA WE COLLECT

  3. FOR WHAT PURPOSES WE PROCESS PERSONAL DATA

  4. UNDER WHAT LEGAL BASES WE PROCESS YOUR PERSONAL DATA (Applies only to EEA-based users)

  5. WITH WHOM WE SHARE YOUR PERSONAL DATA

  6. HOW YOU CAN EXERCISE YOUR PRIVACY RIGHTS

  7. AGE LIMITATION

  8. INTERNATIONAL DATA TRANSFERS

  9. CHANGES TO THIS PRIVACY POLICY

  10. CALIFORNIA PRIVACY RIGHTS

  11. DATA RETENTION

  12. HOW “DO NOT TRACK” REQUESTS ARE HANDLED

  13. CONTACT US


 

  1. PERSONAL DATA CONTROLLER

    SHARONE LIMITED, a company registered under the laws of the Cyprus, having its registered office at Ezekia Papaioannou, 14, 1075, Nicosia, Cyprus, will be the controller of your personal data.

  2. CATEGORIES OF PERSONAL DATA WE COLLECT

    We collect data you give us voluntarily (for example,name, email address). We also may receive data about you from third parties. We also collect data automatically (for example, your IP address).

See more

  1. FOR WHAT PURPOSES WE PROCESS YOUR PERSONAL DATA

    We process your personal data:

    1. To provide our Service

      This includes enabling you to use the Service in a seamless manner and preventing or addressing Service errors or technical issues. As a result of such processing, we will use your email, for example, for sending you the personalized guides.

See more

    1. To customize your experience

      We process your personal data, such as your approximate age, gender,style preferences, your photo and information about your appearance, to adjust the content of the Service and provide content tailored to your personal preferences. For example, we will use the information provided by you during the quiz to make the most suitable offer to you. As a result of such processing, you get access, for example, to courses, guides designed for your goals.

      To provide AI-generated face scan results, we use OpenAI's API. To learn more, please visit OpenAI's Privacy policy and API data usage policies.

    2. To provide you with customer support

      We process your personal data to respond to your requests for technical support, Service information or to any other communication you initiate. For this purpose, we may send you, for example, notifications or emails about, the performance of our Service, security, payment transactions, notices regarding our Terms and Conditions of Use or this Privacy Policy.

    3. To communicate with you regarding your use of our Service

      We communicate with you, for example, by push notifications or by emails. These may include reminders or other information about the Service. As a result, you will, for example, receive a push notification that a new feature has been deployed in the Service. To opt out of receiving push notifications, you need to change the settings on your device. To opt-out of receiving emails, you should click unsubscribe link in the footer of each email.

See more

    1. To research and analyze your use of the Service

      This helps us to better understand our business, analyze our operations, maintain, improve, innovate, plan, design, and develop the Service and our new products. We also use such data for statistical analysis purposes, to test and improve our offers. This enables us to better understand what categories of users use our Services. As a consequence, we often decide how to improve the Service based on the results obtained from this processing.

See more

    1. To send you marketing communications

      We process your personal data for our marketing campaigns. As a result, you will receive information about our products, such as, for example, special offers or new features and products available on the Service. We may show you advertisements on our Service, and send you emails for marketing purposes. If you do not want to receive marketing emails from us, you can unsubscribe following instructions in the footer of the marketing emails.

    2. To personalize our ads

      We and our partners use your personal data to tailor ads and possibly even show them to you at the relevant time. For example, if you visited our Website or installed the App, you might see ads of our products in your Facebook's feed.

      How to opt out or influence personalized advertising

      iOS: On your iPhone or iPad, go to Settings > Privacy > Apple Advertising and deselect Personalized Ads.

      Android: To opt-out of ads on an Android device, go to Settings > Privacy > Ads and enable Opt out of Ads personalization. In addition, you can reset your advertising identifier in the same section (this also may help you to see less of personalized ads). To learn even more about how to affect advertising choices on various devices, please look at the information available here.

      macOS: On your MacBook, you can disable personalized ads: go to System Preferences > Security & Privacy > Privacy, select Apple Advertising, and deselect Personalized Ads.

      Windows: On your laptop running Windows 10, you shall select Start > Settings > Privacy and then turn off the setting for Let apps use advertising ID to make ads more interesting to you based on your app activity. If you have other Windows version, please follow the steps here

      To learn even more about how to affect advertising choices on various devices, please look at the information available here.

      In addition, you may get useful information and opt out of some interest-based advertising, by visiting the following links:

      Browsers: It is also may be possible to stop your browser from accepting cookies altogether by changing your browser’s cookie settings. You can usually find these settings in the “options” or “preferences” menu of your browser. The following links may be helpful, or you can use the “Help” option in your browser.

      Google allows its users to opt out of Google’s personalized ads and to prevent their data from being used by Google Analytics.

See more

    1. To process your payments

      We provide paid products and/or services within the Service. For this purpose, we use third-party services for payment processing (for example, payment processors, such as PayPal and Solidgate). As a result of this processing, you will be able to make a payment and we will be notified that the payment has been made.

      We will not store or collect your payment card details ourselves. This information will be provided directly to our third-party payment processors.

      To enable the purchase and to process your payments we use Stripe, payment processing provider.

    2. To enforce our Terms and Conditions of Use and to prevent and combat fraud

      We use personal data to enforce our agreements and contractual commitments, to detect, prevent, and combat fraud. As a result of such processing, we may share your information with others, including law enforcement agencies (in particular, if a dispute arises in connection with our Terms and Conditions of Use).

    3. To comply with legal obligations

      We may process, use, or share your data when the law requires it, in particular, if a law enforcement agency requests your data by available legal means.

  2. UNDER WHAT LEGAL BASES WE PROCESS YOUR PERSONAL DATA

    In this section, we are letting you know what legal basis we use for each particular purpose of processing. For more information on a particular purpose, please refer to Section 3. This section applies only to EEA-based users.

    We process your personal data under the following legal bases:

    1. your consent

      Under this legal basis we will send you marketing communications. You have the right to withdraw your consent any time by using the unsubscribe link in the footer of our emails. We will also send you push notifications if you allow us to. You can disable notifications any time in the settings of your device.

    2. to perform our contract with you;

      Under this legal basis we:

      • Provide our Service (in accordance with our Terms and Conditions of Use)

      • Customize your experience

      • Provide you with customer support

      • Communicate with you regarding your use of our Service

      • Process your payments

    3. for our (or others') legitimate interests, unless those interests are overridden by your interests or fundamental rights and freedoms that require protection of personal data;

      We rely on legitimate interests:

      • to research and analyze your use of the Service

      Our legitimate interest for this purpose is our interest in improving our Service so that we understand users' preferences and are able to provide you with a better experience (for example, to make the use of the Service easier and more enjoyable, or to introduce and test new features).

      • to personalize our ads

      The legitimate interest we rely on for this processing is our interest to promote our Service in a reasonably targeted way.

      Our legitimate interests for this purpose are enforcing our legal rights, preventing and addressing fraud and unauthorised use of the Service, non-compliance with our Terms and Conditions of Use.

    4. to comply with legal obligations.

  3. WITH WHOM WE SHARE YOUR PERSONAL DATA

    We share information with third parties that help us operate, provide, improve, integrate, customize, support, and market our Service. We may share some sets of personal data, in particular, for purposes and with parties indicated in Section 3 of this Privacy Policy. The types of third parties we share information with include, in particular:

    1. Service providers

      We share personal data with third parties that we hire to provide services or perform business functions on our behalf, based on our instructions. We may share your personal information with the following types of service providers:

      • cloud storage providers (Amazon, BigQuery)

      • data analytics providers (Meta, Firebase, Amplitude)

      • measurement partners

      • communication service providers (Firebase, Zendesk)

      • marketing partners (in particular, social media networks, marketing agencies, email delivery services)

      • AI platforms (OpenAI)

    2. Law enforcement agencies and other public authorities

      We may use and disclose personal data to enforce our Terms and Conditions of Use, to protect our rights, privacy, safety, or property, and/or that of our affiliates, you or others, and to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, or in other cases provided for by law.

    3. Third parties as part of a merger or acquisition

      As we develop our business, we may buy or sell assets or business offerings. Customers’ information is generally one of the transferred business assets in these types of transactions. We may also share such information with any affiliated entity (e.g. parent company or subsidiary) and may transfer such information in the course of a corporate transaction, such as the sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.

  4. HOW YOU CAN EXERCISE YOUR RIGHTS

    To be in control of your personal data, you have the following rights:

    Accessing / reviewing / updating / correcting your personal data. You may review, edit, or change the personal data that you had previously provided on the Service.

    You may also request a copy of your personal data collected during your use of the Website at epica-beauty.com.

    Deleting your personal data. You can request erasure of your personal data as permitted by law.

    When you request deletion of your personal data, we will use reasonable efforts to honor your request. In some cases, we may be legally required to keep some of the data for a certain time; in such event, we will fulfill your request after we have complied with our obligations.

    Objecting to or restricting the use of your personal data. You can ask us to stop using all or some of your personal data or limit our use thereof.

    Additional information for EEA-based users:

    If you are based in the EEA, you have the following rights in addition to the above:

    The right to lodge a complaint with supervisory authority. We would love you to contact us directly, so we could address your concerns. Nevertheless, you have the right to lodge a complaint with a competent data protection supervisory authority, in particular in the EU Member State where you reside, work or where the alleged infringement has taken place.

    The right to data portability. If you wish to receive your personal data in a machine-readable format, you can send respective request to us as described below.

    To exercise any of your privacy rights, please send a request to support@epica-beauty.com.

  5. AGE LIMITATION

    We do not knowingly process personal data from persons under 16 years of age. If you learn that anyone younger than 16 has provided us with personal data, please contact us.

  6. INTERNATIONAL DATA TRANSFERS

    We may transfer personal data to countries other than the country in which the data was originally collected in order to provide the Service set forth in the Terms and Conditions of Use and for purposes indicated in this Privacy Policy. If these countries do not have the same data protection laws as the country in which you initially provided the information, we deploy special safeguards.

    In particular, if we transfer personal data originating from the EEA to countries with not adequate level of data protection, we use one of the following legal bases: (i) Standard Contractual Clauses approved by the European Commission (details available here), or (ii) the European Commission adequacy decisions about certain countries (details available here).

  7. CHANGES TO THIS PRIVACY POLICY

    We may modify this Privacy Policy from time to time. If we decide to make material changes to this Privacy Policy, you will be notified by available means such as email and will have an opportunity to review the revised Privacy Policy. By continuing to access or use the Service after those changes become effective, you agree to be bound by the revised Privacy Policy.

  8. U.S. STATES PRIVACY NOTICE

    Applicability

    If you reside in a state that has enacted consumer privacy laws, this section applies to you. This U.S. States Privacy Notice ("Notice") supplements our Privacy Policy and provides disclosures required by laws in states such as California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia.

    This Notice is designed to supplement our Privacy Policy to ensure compliance with state-specific laws and applies to the collection, use, and sharing of your Personal Information through our websites, mobile applications, and other online or offline services (collectively, the "Services").

    For California residents, this also serves as our California Notice at Collection.

    This Notice does not apply to information collected about employees, job applicants, or independent contractors in the context of employment.

    Definition of Personal Information

    The definition of "Personal Information" may vary by state law. Generally, it refers to "information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household."

    10.1. CATEGORIES OF PERSONAL INFORMATION WE COLLECT

    The table below outlines the categories of Personal Information we collect. For more details, refer to other sections of our Privacy Policy.

    CategoryExamples of Personal Information in this Category
    IdentifiersName, email address
    Onboarding dataInformation you provide us when you register for the Service and/or go through the onboarding process. For example, age, date of birth, gender, username, photo, etc.
    Sensitive informationWhen we process sensitive personal information (as defined by State Privacy Laws), such as account login credentials, colour of your skin, skin conditions, we do so only for legally permitted purposes and do not use such data to infer characteristics about you.
    Commercial InformationPurchase history (such as whether you bought a subscription), use history, Any information you may share during conversations with our support agents, including your feedback, complaints, etc.
    GeolocationInternet protocol (IP) address, country, and/or region.
    Internet or other electronic network activity informationInformation regarding a consumer's interaction with an internet website, application or advertisement (Usage Data).
    Inferences drawn from any of the above information categoriesWe may collect data and draw inferences based on that data; however, these inferences are used solely to determine which features you use more or less and are not used to deduce other specific personal characteristics.

    For additional details on the purposes of processing and third parties with whom data is shared for each specific purpose, please refer to Section 3 of this Privacy Policy.

    We may also process de-identified data, ensuring it cannot reasonably be linked back to you. We commit to maintaining and using de-identified data responsibly and will not attempt to re-identify such data unless required to validate our de-identification measures.

    10.2. WHY WE USE PERSONAL INFORMATION

    We process Personal Information for the following purposes:

    • To provide and maintain our Services, including account creation, authentication, and access management.

    • To improve user experience through personalized content, recommendations, and service customization.

    • To process payments, subscriptions, and transactions.

    • To conduct analytics and research for product development and service enhancements.

    • To communicate with users, including customer support, service updates, and promotional offers.

    • To prevent fraud, security threats, and unauthorized activities.

    • To comply with legal and regulatory requirements.

    For additional details, refer to our Privacy Policy.

    10.3. What Personal Information We Share

    Certain state privacy laws, such as those in California, require us to disclose the categories of Personal Information that we have shared with third parties for business purposes over the past 12 months. During this period, we have disclosed all categories of Personal Information outlined in the "Categories of Personal Information We Collect" section for business purposes. For example, we may share IP addresses and device identifiers with service providers that assist us with crash monitoring and reporting.

    Some U.S. states grant residents the right to opt out of sharing their Personal Information with third parties in exchange for valuable consideration (which may be classified as a "sale" or "share" under state privacy laws, even if no monetary transaction occurs). If you reside in one of these states and would like to limit the disclosure of your Personal Information to third parties for advertising or marketing purposes, please refer to Section 10.4. below.

    For details regarding the categories of third parties with whom we share Personal Information, please refer to Section 3 and Section 5 of this Privacy Policy.

    10.4. YOUR RIGHTS

    Certain U.S. state privacy laws grant residents specific rights regarding their personal information. If you reside in a state with such laws, you may have the following rights:

    Right to Data Portability/Access

    You may have the right to request access to the specific pieces of personal information we have collected about you in the 12 months preceding your request. Where applicable, we may provide this data in an electronic, portable, and readily usable format.

    Right to Know

    You may be entitled to receive information regarding the categories of Personal Information we collected, the sources from which we collected Personal Information, the purposes for which we collected and shared Personal Information, the categories of Personal Information that we sold and the categories of third parties to whom the Personal Information was sold, and the categories of Personal Information that we disclosed for a business purpose in the 12 months preceding your request.

    Right to Deletion

    You may have the right to request that we delete the personal information we have collected from you. We will use commercially reasonable efforts to fulfill your request, subject to applicable laws. However, we may be required to retain certain information for legitimate business purposes or as required by law.

    Right to Opt-Out of Sales, Sharing, and Targeted Advertising

    You may have the right to opt out of certain uses of your personal information, including:

    • The "sale" or "sharing" of your personal information as defined under state privacy laws.

    • The use of your personal information for targeted advertising.

    To opt out, you can:

    • Submit a request via our support team.

    Right to Limit the Use of Sensitive Personal Information

    Certain states provide the right to restrict how businesses use sensitive personal information. If applicable, you can submit a request through our support team at support@epica-beauty.com.

    Right to Withdraw Consent

    Where applicable, you have the right to withdraw your consent for data collection and sharing.

    Right to Correct (Rectification)

    You may have the right to request that we correct inaccurate personal information we maintain about you.

    How to Exercise Your Rights

    To exercise any of the available privacy rights, please send a request to support@epica-beauty.com or use the privacy features available in our products.

    Verification. To ensure that we properly process your requests regarding your rights, we are required to verify your identity. The verification process may vary depending on the type of request and the Service you use. It may include confirming details such as your name, age, email address, date of subscription purchase, date of last activity, date of account creation, or other relevant Service usage data that reasonably identify you as the account owner. We may also request additional proof of identity if necessary, but we strive to minimize the information required. For certain requests, we may send a verification code or link to authenticate your identity.

    Authorized Agent. You may designate an authorized agent to exercise your rights on your behalf. If you have provided the authorized agent with a valid power of attorney, we will work directly with them to process your request. If a power of attorney or similar authorization has not been provided, we will contact you directly to confirm the agent's authority and collect the necessary verification information. The authorized agent must verify both their own identity and that of the consumer they are representing.

    Right to Appeal

    If we deny your request, you may have the right to appeal our decision. To do so, please contact us and explain your concerns. If you are dissatisfied with the result of the appeal, you may escalate the matter by contacting the Attorney General's office in your state of residence.

    Non-Discrimination

    You have the right to exercise your privacy rights without fear of discrimination or retaliation. However, we may provide different levels of service or pricing based on the value of your personal information, as permitted by applicable law.

    Data Retention

    We retain the categories of personal information listed above as reasonably necessary to fulfill the purposes outlined in this notice, unless a longer retention period is required or permitted by law. In many situations, we must retain all, or a portion, of your personal information to comply with legal obligations, resolve disputes, enforce our agreements, protect against fraudulent, deceptive, or illegal activity, or for another one of our business purposes.

  9. DATA RETENTION

    We will store your personal data for as long as it is reasonably necessary for achieving the purposes set forth in this Privacy Policy (including providing the Service to you). We will also retain and use your personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

  10. HOW "DO NOT TRACK" REQUESTS ARE HANDLED

    Various browsers (including Internet Explorer, Firefox, and Safari) offer a DNT option that relies on a technology known as a DNT header that sends a signal to websites visited by the browser user about the user's DNT preference. You can usually access your browser's DNT option in your browser's preferences.

    We currently do not support "Do Not Track" requests because no DNT standard has been adopted.

    Our third-party services may collect information about you and your online activities over time and across our Services and other online properties. These third parties may not change their tracking practices in response to DNT settings in your web browser and we do not obligate these parties to honor DNT settings. To determine whether any of the third-party services honor the "Do Not Track" requests, please read their privacy policies.

  11. CONTACT US

    You may contact us at any time for details regarding this Privacy Policy and its previous versions. For any questions concerning your account or your personal data please contact us at support@epica-beauty.com

    Contact number: +1 (539) 282-3600

    Effective as of: 26 September 2025.