Crown is a 3D haircut scanning and sharing app for barbers and their clients.
This page explains what information Crown collects, how it is used, and the
choices you have. We have tried to keep it short and direct.
Who this policy applies to
This policy applies to the Crown iOS app, the public web viewer at
crown-viewer.onrender.com,
and the Crown backend API. When we say "Crown", "we", or "our", we mean the
operator of those surfaces.
What we collect
Account information
Email address, from the email and password you sign up with, or from your Apple ID if you use Sign in with Apple.
Name, if you choose to share it during Sign in with Apple or set a display name in your Crown profile. Apple may provide a relay email rather than your real address; we accept whichever you choose.
Authentication identifier, a stable user ID issued by Firebase Authentication when you sign in. We use it only to link your data to your account.
Account type, either Barber or Client, that you pick at sign-up. You can switch it later in Profile.
Profile information you choose to add
All profile fields below are optional. You decide whether to fill them in
and you can edit or clear them at any time from the Profile screen.
Profile photo stays on your device.
If you add a profile photo, it is saved only to your phone's local storage,
keyed to your account. It is not uploaded to our servers and not shared
with any third party.
Scans and haircut data
Scan video, a short video you record while capturing a haircut. The video is sent directly from your phone to our object storage and from there to a processing service that produces a 3D model. Once the 3D model is generated, the original video is no longer needed for any user-facing feature.
3D model, generated from your scan video. We store it so you can view it in the app and share it via a public link if you choose.
Haircut metadata you enter, including title, date, client name, technical blueprint (sides, top, nape, notes), tags, personal notes, and favorite flag.
Share codes, generated when you create a share link. Anyone with the link can view the 3D model and the blueprint metadata you attached to it. The share page does not display your email or account ID.
How we use what we collect
Every piece of information above is used to operate the app and the features
you ask for: signing you in, saving and showing your scans, letting you
share a model with someone else, and editing your profile. We do not use
your information for advertising, profiling, or tracking across other apps
or websites.
Who we share information with
Crown uses a small number of infrastructure partners to run the service.
Each one only receives what is needed for its role.
Firebase Authentication by Google, for sign-in. Receives your email and authentication identifier. Firebase privacy.
Apple Sign in with Apple, if you choose to use it. Receives the credentials needed to verify your Apple ID. Apple privacy.
Backblaze B2, our object storage provider. Stores your scan video and 3D model file. Backblaze privacy.
A third-party photogrammetry processing service, which receives your scan video to produce the 3D model and returns the result to our servers. The processing service is bound by its own contractual privacy terms and does not retain the video after processing completes.
Render, our hosting provider. Receives the network traffic our backend and web viewer serve. Render privacy.
How long we keep your data
We keep your account information, scans, 3D models, and metadata for as
long as your Crown account exists. You can delete everything at any time
using the steps below.
How to access, change, or delete your data
View and edit, on the Profile screen in the app.
Delete individual scans, from the Vault by long-pressing a card or opening the scan detail.
Delete your entire account, on the Profile screen, tap Delete Account. This cascades: every haircut you saved, every scan video and 3D model file we stored for you, your Crown user record, and your Firebase authentication record are all permanently removed. The action cannot be undone.
Sign out, on the Profile screen, tap Sign Out. Your data stays on our servers tied to your account; you can sign back in to restore access.
Security
Crown talks to its backend over HTTPS. Account passwords are not stored on
our servers; sign-in is delegated to Firebase Authentication. Sign in with
Apple uses Apple's hardware-backed credential flow. Object storage access
is mediated by short-lived presigned URLs.
Children
Crown is not directed at children under 13. We do not knowingly collect
information from children under 13. If you are a parent or guardian and
believe your child has shared information with Crown, contact us at the
address below and we will remove it.
Changes to this policy
If we make material changes to this policy we will update the effective
date at the top of this page and, where appropriate, notify you in the
app.