Privacy Policy

Last updated: August 23, 2025

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You. We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.

1. Data Controller

The data controller responsible for your data is:

Katarzyna Roszak
Kantstraße 65
10627, Berlin, Germany
Email: info@hairclinicai.com

2. Types of Data Collected

Personal Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. This includes:

  • Email address
  • Clinic Name
  • Usage Data

Patient Data (Processed on Your Behalf)

As a clinic using our Service, you will upload patient data, including names, contact information, and medical images. In this context, You are the Data Controller for this patient data, and We act as the Data Processor on your behalf, processing this data only as instructed by You to provide the Service.

3. Use of Your Personal Data

The Company may use Personal Data for the following purposes:

  • To provide and maintain our Service, including to monitor the usage of our Service.
  • To manage Your Account: to manage Your registration as a user of the Service.
  • To manage Your subscription and process payments.
  • To contact You: To contact You by email regarding updates or informative communications related to the functionalities, products or contracted services.

4. Legal Basis for Processing (GDPR)

We process your data based on Art. 6 GDPR, primarily for the performance of our contract with you (to provide the Service), and for our legitimate business interests.

5. Data Storage and Security

Your information is stored on secure servers provided by Google Cloud Platform (Firebase) located within the European Union. We take appropriate technical and organizational measures to protect your data from unauthorized access, loss, or destruction.

6. Your Data Protection Rights under GDPR

You have the right to access, rectify, or erase your personal data, as well as the right to data portability and to object to or restrict processing. You can exercise these rights by contacting us at info@hairclinicai.com.

7. Third-Party Services

We use the following third-party services to provide our Service:

  • Firebase (Google Cloud): For database, authentication, and hosting.
  • Stripe: For payment processing.
  • Google AI Platform: For the AI analysis of images.