Privacy Policy

This Privacy Policy describes how Follicare ('we', 'us' or 'our') processes personal data in connection with the use of its software-as-a-service solution ('the Solution'). It is intended for business customers ('Clients') and end users, including patients, whose data may be processed through the Solution.

1. Roles and Responsibilities

For personal data processed through the Solution, the Client acts as the data controller within the meaning of the General Data Protection Regulation (GDPR), and Follicare acts as a data processor on behalf of the Client. For data collected directly by Follicare for its own purposes (such as account management and billing), Follicare acts as data controller.

2. Categories of Data Processed

Depending on the use of the Solution, Follicare may process the following categories of personal data:

• Identification and contact data (name, email address)
• Professional data (clinic name, role)
• Usage and technical data (logs, IP address)

3. Purposes of Processing

Personal data is processed for the following purposes:

• Provision and operation of the Solution
• Account management and authentication
• Customer support and communications
• Billing and subscription management
• Security, monitoring and service improvement
• Compliance with legal obligations

4. Data Retention

Personal data is retained only for the duration necessary to fulfill the purposes described above and in accordance with applicable legal requirements.

5. Data Security

Follicare implements appropriate technical and organizational measures to ensure a level of security appropriate to the risks, including access controls, encryption, and monitoring.

6. Data Recipients and Subprocessors

Follicare may engage subprocessors to provide the Solution (such as hosting and infrastructure providers). Subprocessors are bound by contractual obligations ensuring data protection and confidentiality.

7. International Transfers

Personal data may be processed anywhere in the world, including countries that may not offer the same level of data protection as your country. Appropriate safeguards will be applied where required by law.

8. Data Subject Rights

Data subjects have the right to access, rectify, erase, restrict or object to the processing of their personal data, as well as the right to data portability, in accordance with applicable law. Requests should be addressed to the Client acting as data controller. Follicare will assist the Client in responding to such requests.

9. Contact

For questions relating to this Privacy Policy or data protection, you may contact Follicare at contact@follica.re.