PRIVACY POLICY
Last updated: 27 November 2025
Who we are
MamaGlow (“MamaGlow”, “we”, “us”) is a mobile application that helps you understand whether cosmetic products are suitable to use when you are trying to conceive, pregnant or breastfeeding, based on ingredient and product information.
The company behind MamaGlow is in the process of being formally incorporated. Once registration is complete, the legal entity details and address will be added here.
Contact for privacy questions and requests:
Email: help@mamaglow.app
This Privacy Policy explains how we collect, use, share, and protect your personal data when you use the MamaGlow app, website, and related services.
MamaGlow is designed for adults (18+) only.
What this policy covers
This policy applies to:
The MamaGlow mobile app
The MamaGlow website (including any landing pages and forms)
Any email or push-notification communication we send you in connection with the app
It does not cover third-party services we don’t control (for example, WhatsApp, Instagram, or your device’s app store). Those services have their own privacy policies.
Data we collect
We only collect the data we need to run the app, improve it, and (if you agree) communicate with you.
a) Account data
When you create an account, we collect:
Name or display name
Email address
Password (stored securely via our authentication provider, e.g., Firebase Auth; we never store plain-text passwords)
Preferred language / country (if provided or inferred from device settings)
b) Profile and onboarding data
When you answer onboarding questions, we collect information such as:
Where you are in your journey (e.g. “Trying to conceive”, “Pregnant”, “Postpartum & breastfeeding”, “Just exploring cleaner products”)
What concerns you most right now (e.g., chemicals that could harm your baby, hormone-disrupting ingredients, hidden toxins that could affect fertility, or general safety concerns)
How often you use cosmetic or personal-care products (occasionally, daily, frequently)
What you would like MamaGlow to help you with (e.g., scanning current products, building a safe routine, learning ingredients to avoid, getting trusted brand suggestions)
This information can relate to your health or fertility journey and is treated as “special category” (sensitive) data under GDPR.
c) Scan and app-usage data
When you use the app, we may collect:
Products you scan (barcode, product name, brand)
Scan timestamps and scan success/failure (e.g., whether the product was recognized)
Whether you save or “favorite” a product
Basic interaction data such as which screens you visit, buttons you tap, and onboarding steps you complete
This helps us provide you with results and understand how the app is used.
d) Device and technical data
We may collect:
Device type (e.g., iPhone, Android model), operating system, app version
IP address and approximate location (country/city level)
Crash reports and performance data (e.g., via Firebase Crashlytics)
e) Marketing and communication data
If you choose to sign up for newsletters or marketing communication, we collect:
Email address
Your marketing preferences and whether you opened or clicked emails (if supported by our email provider)
We also log whether you have enabled push notifications.
We do not sell or rent your data to third parties.
Legal bases for processing (GDPR)
We rely on the following legal bases to process your personal data:
Contract: To create and manage your account, perform product scans, show results and allow you to use core features you requested.
Consent: For processing sensitive profile data (e.g., pregnancy status) to personalize content, for sending marketing emails or push notifications, and for optional analytics/attribution where required. You can withdraw consent at any time.
Legitimate interest: To improve our product (analytics, bug fixing, feature usage), prevent abuse, and support users, provided these interests do not override your rights and freedoms.
Legal obligation: To comply with legal requirements, tax or accounting rules, and to respond to lawful requests from authorities.
How we use your data
We use your data to:
Create and manage your account and let you log in securely
Perform product scans and show ingredient and safety information
Personalize parts of the experience, for example suggesting features or content that may be more relevant to your journey and concerns
Understand how users interact with the app and improve features and scan success
Communicate with you about updates, security, or support issues
Send you newsletters or marketing communication if you have opted in
Monitor and protect the security, integrity, and availability of the app
Comply with legal obligations and enforce our Terms & Conditions
We do not use your pregnancy status or other sensitive health-related data to profile you for advertising.
Data sharing and processors
We work with trusted service providers (“processors”) who help us deliver the app. They only process your data on our instructions and under data-protection agreements.
These may include:
Firebase (Google Ireland / Google LLC) – authentication, database (Firestore), storage (images), analytics, crash reporting
Google Analytics / Firebase Analytics – usage analytics and funnels
Apple App Store and Google Play – app distribution, crash reports, in-app billing (if/when subscriptions are activated)
AI providers (e.g., OpenAI, Google Gemini) – ingredient analysis and product summaries; we send product-related text and ingredient lists, not your name, email, or pregnancy status
Email and messaging providers (e.g., Mailchimp / SendGrid / Brevo) – transactional and marketing emails
Customer support tools (e.g., Intercom / Zendesk) – managing support conversations
Payment processors (Apple / Google) – handling subscription payments (we do not see full card details)
Some of these providers are located outside the EU/EEA (for example, in the United States). Where this happens, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms, as required by GDPR.
We do not share your personal data with clinics, brands, or other partners for their own marketing or research without your explicit consent.
We never sell or rent your data.
International data transfers
Because some of our providers are based outside the EU/EEA, your data may be transferred internationally. When this occurs, we take steps to ensure an adequate level of protection, such as:
Contractual safeguards (e.g., EU Standard Contractual Clauses)
Technical measures (encryption in transit and at rest, access controls)
You can contact us for more details about specific transfers.
Data retention
We keep your data only as long as needed for the purposes described above or as required by law.
Account and profile data: Kept while your account is active. If you request deletion, we aim to delete or anonymize this data within 30 days, except where longer retention is required by law.
Scan history and favorites: Kept while your account is active. If you delete your account, we delete or anonymize this data within 30 days. We may keep aggregated, anonymized statistics (e.g., “number of scans per day”) that no longer identify you.
Analytics and logs: Kept in pseudonymized form for up to 24 months to understand usage trends and app performance.
Marketing data: Kept until you unsubscribe or withdraw consent, or for a shorter period if required by law.
Your rights
Under GDPR and similar laws, you have the right to:
Access your personal data and get a copy
Correct inaccurate or incomplete data
Request deletion of your data (“right to be forgotten”)
Restrict or object to certain types of processing
Withdraw consent at any time (for example, for marketing or health-data personalization)
Receive your data in a portable format where technically feasible
Lodge a complaint with a data-protection authority (for example, the Spanish Data Protection Agency – AEPD, or the authority in your country)
To exercise your rights, contact us at: help@mamaglow.app
We may need to verify your identity before fulfilling certain requests.
Security
We use a combination of technical and organizational measures to protect your data, including:
Hosting on reputable cloud providers with encryption at rest and in transit
Role-based access control so that only authorized team members can access production data
Limiting access to sensitive data to those who need it to perform their job
Regular updates and monitoring of our infrastructure and dependencies
No system is 100% secure, but we work to protect your information and respond quickly to any suspected issues.
Children
MamaGlow is intended for adults aged 18 and over. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.
Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date and, where appropriate, notify you in the app or by email.
If you continue using MamaGlow after changes take effect, you agree to the updated policy.
Contact
For questions or requests about this Privacy Policy or your data, contact:
help@mamaglow.app
