Patient Privacy Policy
Last updated: March 24, 2026
This policy applies to the HairCare+ patient
application. If you use the clinic-facing app for authorized staff,
see the Clinic Privacy Policy.
1. Introduction
HairCare+ is operated by Aleh Leuchanka, Voltastrasse 106, 4056 Basel,
Switzerland ("we", "our", or "us"). This Privacy Policy explains how we
collect, use, disclose, and safeguard your information when you use the
HairCare+ mobile application (the "App").
2. Information We Collect
We collect the following types of information:
-
Personal Information: Name, email address, and phone
number provided during registration via clinic invite code.
-
Health Information: Hair transplant surgery date and
post-operative care progress data, including daily task completion.
-
Photos: Recovery images of the transplant and donor
areas captured in the App for progress tracking and clinician
follow-up. These images may incidentally include parts of your face.
-
Audio: Voice messages recorded in the chat feature
for communication with your clinic and AI assistant.
-
Location: Approximate (coarse) location, used only
when you ask the AI assistant to find nearby pharmacies or clinics.
Location is not stored on our servers.
-
Device Information: Push notification tokens for
delivering reminders and messages.
2.1 Face Data and Biometric Information
The App may process images that incidentally include parts of your face
as part of medical recovery documentation.
- We do not use facial recognition.
-
We do not create or store biometric templates or face
geometry.
-
We do not use face data for identity verification,
advertising, or profiling.
3. How We Use Your Information
-
Provide personalized post-operative care schedules based on your
surgery date.
- Enable communication between you and your clinic.
-
Power the AI assistant to answer your recovery-related questions.
-
Track and visualize your recovery progress through photos, including
images that may incidentally contain face data.
- Send push notifications for care reminders and clinic messages.
4. Data Sharing
We share your data only with:
-
Your Clinic: The clinic that issued your invite code
has access to your profile, progress photos, and chat messages.
-
Service Providers: We use Supabase for secure data
storage and OpenAI for AI assistant functionality. These providers
process data under strict contractual obligations.
We do not sell your personal data to third parties. We
do not use your data for advertising or tracking
purposes.
Face-related photos are shared only with your clinic and infrastructure
providers required to host and deliver the service.
5. Data Storage and Security
Your data is stored on secure cloud infrastructure in the European
region with encryption in transit and at rest. Some data (daily tasks,
cached messages) is stored locally on your device using an encrypted
SQLite database for offline access.
6. Data Retention
We retain your data, including face-related photos, for the duration of
your active account. You may request deletion of your account and
associated data by contacting your clinic or us directly. We delete
requested data unless a longer retention period is required by
applicable law or medical record obligations.
7. Your Rights
If you are located in the European Economic Area (EEA), Switzerland, or
the United Kingdom, you have rights under the General Data Protection
Regulation (GDPR), the Swiss Federal Act on Data Protection (nFADP), or
equivalent legislation. These rights include:
- Access the personal data we hold about you.
- Request correction of inaccurate data.
- Request deletion of your data ("right to be forgotten").
- Object to or restrict the processing of your data.
- Export your data in a portable format (data portability).
- Withdraw consent for data processing at any time.
- Lodge a complaint with your local data protection authority.
To exercise these rights, contact us at privacy@haircare.clinic. We will respond to your request within 30
days.
8. Legal Basis for Processing
We process your personal data on the following legal bases:
-
Consent: You provide explicit consent when creating
your account and granting access to your camera, microphone, and
location.
-
Contract: Processing is necessary to provide the
services you requested through the App.
-
Legitimate Interest: We may process data to improve
our services and ensure security, where this does not override your
rights.
9. Children's Privacy
The App is not intended for use by individuals under the age of 18. We
do not knowingly collect personal data from children.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you
of any material changes through the App or by other means. Your
continued use of the App after such changes constitutes acceptance of
the updated policy.
11. Contact Us
If you have questions about this Privacy Policy, please contact us at:
Aleh Leuchanka
Voltastrasse 106, 4056 Basel, Switzerland
privacy@haircare.clinic