kbeautymatch

Legal

Privacy Policy

Last updated: 28 March 2026

1. Who we are

KBeautyMatch (“we”, “us”, “our”) operates the website kbeautymatch.com. We are committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

If you have any questions about this policy, contact us at: privacy@kbeautymatch.com

2. What data we collect

  • Account data: Email address and password (encrypted) when you create an account.
  • Skin Match data: Your answers to the Skin Match questions and your resulting skin type.
  • Usage data: Pages visited, links clicked, and session duration — collected via anonymised analytics.
  • Cookies: Small files stored on your device to keep you signed in and remember your preferences. See our Cookie Policy for details.

3. Why we collect it

We use your data to:

  • Provide personalised K-beauty product recommendations based on your skin type.
  • Save your Skin Match results to your account so you don't need to retake it.
  • Improve our website and recommendation accuracy.
  • Send you account-related emails (password reset, etc.) — never marketing without explicit consent.

Our legal basis for processing is legitimate interests (personalisation) and contract performance (providing the service you signed up for).

4. Affiliate links

Some product links on this site are affiliate links. When you click these and make a purchase, we may earn a small commission from the retailer at no extra cost to you. We do not share any of your personal data with affiliate partners.

5. Data sharing

We do not sell your personal data. We use the following trusted service providers who process data on our behalf under strict agreements:

  • Supabase: Database and authentication — EU servers (Frankfurt).
  • Vercel: Website hosting — EU edge network.

6. Your rights (UK GDPR)

You have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Delete your account and all associated data.
  • Restrict or object to processing.
  • Data portability — receive your data in a machine-readable format.
  • Lodge a complaint with the ICO (ico.org.uk) if you believe we have mishandled your data.

To exercise any of these rights, email us at privacy@kbeautymatch.com. We will respond within 30 days.

7. Data retention

We keep your account data for as long as your account is active. If you delete your account, all personal data is permanently removed within 30 days. Anonymised analytics data may be retained indefinitely.

8. Changes to this policy

We may update this policy from time to time. We will notify registered users of significant changes by email. Continued use of the site after changes constitutes acceptance of the updated policy.