Privacy Policy

Effective date: May 18, 2026 · Last updated: May 18, 2026

Sumsum Labs, Inc. ("we," "us," or "our") operates the sumsum mobile application (the "App"). This Privacy Policy explains how we collect, use, and protect your information when you use the App.

What information we collect

Information you provide:

• Display name: stored locally on your device only. Never transmitted to our servers.
• Skin profile: your onboarding responses are stored locally on your device.
• Product data: scans, shelf, stash stored locally on your device.
• Routine data: AM/PM configurations, scheduling, calendar overrides stored locally.
• Ingredient edits: stored locally. An anonymized copy is submitted to our cloud database to improve accuracy — no name, device ID, or personally identifiable information included.

Information collected automatically:

• Product ingredient data may be sent to our cloud service (Supabase) to check for cached results. If no cache exists, ingredient image or text is sent to Anthropic's Claude API for analysis. No personally identifiable information is included.
• Anonymous, aggregated usage data may be collected to improve the App.

Information we do NOT collect:

• No email address, phone number, or physical address through the App.
• No account creation or login required.
• No location data.
• No access to contacts, photos (beyond the camera for scanning), or other device data.
• No cookies or tracking pixels.

How we use your information

• Product analysis: ingredient data is processed to generate safety scores and flagged ingredient reports.
• Cloud product cache: anonymized ingredient data is stored on Supabase for instant future results.
• Consensus system: anonymous ingredient submissions are compared to verify accuracy.
• App improvement: anonymous, aggregated usage data helps us understand which features to improve.

Third-party services

• Anthropic Claude API: used to analyze ingredient images and text. Privacy policy.
• Supabase: used to store cached product data. Privacy policy.
• Open Beauty Facts: used to look up product information by barcode. Privacy policy.

We do not sell, rent, or share your personal information with any third parties for advertising or marketing purposes.

Data storage and security

The majority of your data is stored locally on your device using AsyncStorage and is not transmitted to our servers. Cloud-stored data is anonymized and does not contain personally identifiable information. We use industry-standard security measures to protect transmitted and stored data.

Data retention

Local data remains on your device until you delete the App or clear App data. Anonymous cloud product data is retained indefinitely. You may request deletion of any cloud-submitted data by contacting us at sumsum@sumsum.io.

Children's privacy

The App is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13.

Your rights

You have the right to access personal data we hold about you, request deletion of cloud-submitted data, and opt out by discontinuing use. California residents have additional rights under CCPA. European residents have additional rights under GDPR. Contact us to exercise these rights.

Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision.

Contact us

Email: sumsum@sumsum.io
Website: sumsum.io
Company: Sumsum Labs, Inc.