Tricholens ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our platform. By using Tricholens, you agree to the practices described in this Policy.
We collect the following types of information:
When you sign in via Google, we receive your name, email address, and profile picture from Google. We store this to identify your account and personalise your experience.
You may upload photographs of your scalp for analysis. These images are stored securely and used solely to provide the analysis features of the Service. We do not share your images with third parties for any commercial purpose.
We store the results of analyses performed on your images, including session metadata, scores, and trend data, to enable you to track your hair health over time.
If you participate in our Community features, we store posts, comments, likes, follows, and direct messages associated with your account.
Conversations with AI chat assistants may be stored to provide continuity of service and improve our features. You can delete your chat history at any time via Account Settings.
We collect standard usage data such as page views, feature interactions, and error logs. This data is used to improve the Service and is not linked to identifiable personal information where possible.
Payment transactions are processed by our third-party payment processor (Stripe). We do not store your full card details. We may retain subscription status and billing history for account management purposes.
We use your information to:
We do not use your scalp images or health data for advertising, marketing profiling, or any purpose unrelated to providing you with the Service.
Your data is stored using Google Firebase infrastructure, which provides enterprise-grade security including encryption at rest and in transit (TLS/HTTPS). We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, loss, destruction, or alteration.
While we take security seriously, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security of your data and encourage you to use a strong, unique password for your Google account.
We do not sell your personal data to third parties. We may share your information with third parties only in the following limited circumstances:
Some features of Tricholens use AI models (including large language models) to process your inputs and generate responses. When you use AI chat or AI analysis features, relevant data (such as your questions or image metadata) may be sent to our AI service providers for processing.
AI-generated responses are not based on your stored personal medical history in any clinically meaningful way. AI outputs are for general information and research purposes only. Please refer to our Terms of Service for full disclaimers regarding AI features.
You have full control over your data. Through your Account Settings, you can:
If you need help managing your data, use the self-service tools in Account Settings or contact us through the app.
We retain your personal data for as long as your account is active or as needed to provide you with the Service. When you delete specific data or your account, we will remove it from our active systems within a reasonable period. Some data may be retained in backups for a limited time before permanent deletion, and we may retain certain information where required by law or for legitimate business purposes such as fraud prevention.
We process your personal data for the following purposes:
Tricholens uses third-party service providers including Google Firebase (infrastructure and authentication), Stripe (payments), and OpenAI (AI features). These providers may process data in countries outside the EEA or United Kingdom, including the United States.
Where personal data is transferred outside the EEA/UK, we rely on appropriate safeguards including the European Commission's Standard Contractual Clauses (SCCs) and the UK International Data Transfer Agreements (IDTAs) in place with our providers. Google, Stripe, and OpenAI each operate under their own data processing agreements which include these safeguards.
Tricholens uses browser local storage to remember your preferences (such as your colour theme). We may use cookies or similar technologies for authentication sessions and service functionality. We do not use tracking cookies for advertising purposes.
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately and we will take steps to delete such information.
We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the updated Policy on this page with a revised "Last updated" date. Your continued use of the Service following any changes constitutes your acceptance of the updated Policy.
If you have questions or concerns about this Privacy Policy or how we handle your data, please contact us through the support section in Account Settings within the app.