Hueme

Legal

Privacy Notice

Last updated: 5 May 2026

1. Who we are

This service is provided by Hueme™ Colour App ("Hueme", "we", "us"). We act as the data controller for personal information processed through the app and website.

Contact: hello@hueme.app.

2. What we collect

  • Account data — email address, encrypted password (or sign-in provider ID).
  • Quiz & palette data — answers you give to the colour quiz and your assigned season.
  • Photos you upload — images of yourself you submit for AI try-on. These are biometric-adjacent data and we treat them with extra care (see §4).
  • Usage data — number of AI try-ons performed, season opened, basic device/browser info, IP address.
  • Support messages — anything you send us by email.

Payment card details are never seen by us — they are collected directly by our payment processor, Paddle (see §6).

3. Why we use it (legal basis)

  • Provide the service — running quizzes, generating AI try-on images, saving your palette (legal basis: contract performance).
  • Enforce fair-use limits — counting AI try-ons against your monthly cap (contract performance).
  • Service security & abuse prevention — detecting fraud, abuse, and policy violations (legitimate interests).
  • Customer support — replying to your messages (contract / legitimate interests).
  • Product improvement — aggregated, non-identifying analytics (legitimate interests).

4. Your photos — how we handle them

Photos you upload for AI try-on are sensitive. Our rules:

  • Your photo is sent securely to Google's Gemini API solely to generate the try-on image. Google processes it as our sub-processor and is contractually prohibited from using your image to train models.
  • The original photo is held only as long as needed to complete the generation, then deleted from our servers.
  • The generated try-on image is stored against your account so you can view it again, until you delete it or close your account.
  • We never use your photos for advertising, never share them with third parties beyond the AI provider strictly needed to render the result, and never sell them.
  • You can delete your photos and generated images at any time from the app, or by emailing us.

5. How long we keep data

  • Account data: while your account is active, plus up to 12 months after closure for legal/accounting purposes.
  • Original uploaded photos: deleted after AI generation completes (typically within minutes).
  • Generated try-on images: until you delete them or close your account.
  • Billing records (held by Paddle on our behalf): retained as required by tax law (typically 6–10 years).

6. Who we share data with

  • Paddle.com Market Limited — our Merchant of Record and payment processor. Paddle handles checkout, billing, tax, fraud screening, refunds and invoices. See Paddle's Privacy Policy.
  • Google (Gemini API) — processes your uploaded photo to generate the AI try-on image, as a sub-processor.
  • Supabase / hosting providers — store your account, palette and generated images on our behalf.
  • Authorities — only where legally required.

We do not sell your personal data.

7. International transfers

Some sub-processors (notably Google and our hosting provider) may process data outside the UK/EEA. Where this happens, transfers are protected by the UK International Data Transfer Addendum and the EU Standard Contractual Clauses (SCCs), or by adequacy decisions.

8. Your rights

Under UK GDPR / EU GDPR you have the right to: access your data, correct it, delete it, restrict or object to processing, port it to another service, and withdraw consent. To exercise any right, email hello@hueme.app. We aim to respond within 30 days. You can also complain to the UK ICO (ico.org.uk) or your local supervisory authority.

9. Security

We use TLS encryption in transit, encryption at rest, role-based access controls, and regular security reviews. No system is 100% secure, but we work hard to protect your data.

10. Cookies

We use only essential cookies needed for sign-in and session management. We do not use marketing or third-party advertising cookies.

11. Changes

We may update this notice. Material changes will be flagged in-app or by email.

← Back home