パーソナルカラー診断とは何ですか？

肌・髪・瞳の色味から、あなたに似合う色のグループ（ブルベ/イエベ × 春夏秋冬4シーズン）を判定する手法です。

ColorFitappは本当に無料ですか？

はい、完全無料・会員登録不要でご利用いただけます。任意のご支援は Buy Me a Coffee で受け付けています。

アップロードした写真はどうなりますか？

診断完了後、サーバーから自動的に削除されます。第三者への提供は行いません。

診断にはどのくらい時間がかかりますか？

写真をアップロードしてから診断結果が表示されるまで、約30秒です。

4タイプとは何ですか？

スプリング（イエベ春）、サマー（ブルベ夏）、オータム（イエベ秋）、ウィンター（ブルベ冬）の4分類です。

Privacy Policy

Last updated: May 3, 2026

This Privacy Policy describes how ColorFitapp (the "Service", operated by "we", "us", or "our") collects, uses, retains, shares, and protects information about you. We handle personal information in accordance with Japan's Act on the Protection of Personal Information (APPI), the EU/UK General Data Protection Regulation (GDPR/UK GDPR), the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA), and other applicable laws.

1. Information we collect

We collect: (a) Face photos you upload, which may be considered "sensitive personal information", "special category data", or "biometric information" under various laws; (b) Email address, only if you choose to provide one; (c) Consent flags (whether you accepted the Terms, Privacy Policy, AI processing notice, and data handling notice, and when); (d) Optional feedback you submit through forms; (e) Technical logs (timestamps, coarse IP address, browser type, OS, referrer). We use the minimum cookies and local storage needed to operate the Service and do not use third-party advertising or cross-site tracking cookies.

2. How we use your information

We use your information solely to: (a) perform the personal color analysis and generate the output; (b) deliver the result and reminder emails; (c) detect and prevent abuse and fraud; (d) comply with legal obligations; and (e) where you have given separate, explicit consent, perform aggregated, statistical analysis to improve quality. We do not use your photos or results to train or fine-tune AI models, ours or any third party's.

3. Legal bases (GDPR / UK GDPR users)

If you are in the EEA or the UK, we rely on the following legal bases: (a) explicit consent (Art. 9(2)(a)) for processing facial images; (b) performance of a contract and consent for delivering emails; (c) legitimate interests for security, fraud prevention, and aggregated quality analysis. You may withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

4. Retention schedule

We keep data only as long as needed for the purposes described above. (a) Uploaded photos: auto-deleted within 24 hours after analysis completes. (b) Generated images: auto-deleted 7 days after generation (images attached to emails remain in your inbox under your control). (c) Email address: deleted promptly upon unsubscribe, or after 24 months of inactivity, whichever is earlier. (d) Technical logs: up to 90 days. Longer retention may apply where required by law.

5. Service providers and sub-processors

We share the minimum data necessary with the following processors, each contractually bound to use your data only to provide services to us: (a) Microsoft Azure (US East 2 region) — hosting, storage, serverless compute; (b) Azure OpenAI Service / Azure AI Foundry — image analysis and image generation. Prompts and images are not used to train OpenAI's production models; (c) Azure Communication Services Email — transactional email delivery; (d) Cloudflare — DNS and edge delivery. We do not sell or share your personal information with any other third parties.

6. International data transfers

The Service processes data in the United States (Azure US East 2). For users in the EEA, the UK, or Japan, transfers to the United States are protected by Standard Contractual Clauses (SCCs) or equivalent safeguards as required by applicable law.

7. No sale or "sharing" of personal information

We do not sell your personal information for monetary or other valuable consideration, and we do not "share" your personal information for cross-context behavioral advertising as those terms are defined under the CCPA/CPRA. We have not done so in the preceding 12 months.

8. Your rights

Depending on where you live, you have the following rights: (a) Japan (APPI): access, correction, suspension of use, and disclosure of third-party transfer records; (b) EEA / UK (GDPR): access, rectification, erasure, restriction, portability, objection, withdrawal of consent, and the right to lodge a complaint with your local supervisory authority; (c) California (CCPA/CPRA): right to know, delete, correct, limit use of sensitive personal information, and non-discrimination for exercising rights; (d) Other US states (VA, CO, CT, UT, etc.): equivalent rights under your state's privacy law. To exercise any of these rights, contact us at [email protected] or via the /subscribe form. We will verify your identity and respond within the time periods required by applicable law.

9. Notice regarding facial / biometric-derived information

The Service analyzes your face photo to estimate your personal color type. We do so for personal color analysis only — not to identify you, not to build a face-recognition database, and not for any unrelated purpose. We obtain your explicit consent at upload, auto-delete the source image within 24 hours, do not reconstruct the original image from analysis results, and do not sell or transfer face images to third parties (other than the sub-processors listed above). If you reside in a jurisdiction with stricter biometric privacy laws (such as Illinois BIPA in the United States), please review this notice carefully before using the Service.

10. Security

We implement industry-standard technical and organizational measures to protect your information against unauthorized access, disclosure, alteration, and destruction. These include TLS in transit, AES-256 at rest, least-privilege access via Azure managed identities, and regular log review. No method of transmission or storage is 100% secure, but we work to maintain commercially reasonable safeguards.

11. Children's privacy

The Service is not directed to children under 13, and we do not knowingly collect personal information from them. If we learn that we have collected information from a child under 13, we will delete it promptly. Parents and guardians who believe their child has provided personal information should contact us immediately.

12. Cookies and local storage

We use only the minimum local storage required to remember your language preference and similar functional settings. We do not use third-party advertising or analytics cookies that track you across other websites.

13. Changes to this Policy

We may update this Policy from time to time as the Service or applicable law changes. Material changes will be announced on the Service and, where reasonable, via the email address you provided. The latest version will always be posted on this page.

14. Contact

For privacy questions or to exercise your rights, contact us at [email protected] (operator: ColorFitapp Team, Tokyo, Japan), or via the /subscribe form on the Service.