← Back to home

Privacy Policy

Last updated: March 2025

1. Who we are

HairSimulate operates the hairsimulate.com platform and associated clinic portal (the "Service"). This policy explains what data we collect, how we use it, and the rights you have over it.

For questions, contact us at info@hairsimulate.com.

2. Data we collect

  • Account data: name, email address, clinic name, and role when you register.
  • Patient data: consultation notes, simulation images, and graft planning records that your clinic creates and controls.
  • Usage data: pages visited, features used, and session timing to improve the product.
  • Device data: browser type, operating system, and IP address for security and analytics.

3. How we use your data

  • To provide, maintain, and improve the Service.
  • To authenticate users and enforce role-based access controls.
  • To send transactional emails (account setup, password reset).
  • To respond to support requests.
  • To comply with legal obligations.

We do not sell your data to third parties.

4. Data storage and security

Data is stored on infrastructure with 256-bit AES encryption at rest and TLS in transit. Access is restricted to authorised personnel. We follow HIPAA-ready practices for handling health-related data and apply GDPR safeguards for users in the European Economic Area.

5. Data retention

Account data is retained for the lifetime of your clinic subscription plus 30 days after termination, after which it is permanently deleted. You may request earlier deletion by contacting us.

6. Your rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data.
  • Object to or restrict certain processing.
  • Port your data to another service.

Submit requests to info@hairsimulate.com. We respond within 30 days.

7. Cookies

We use essential cookies for authentication and session management. We do not use tracking or advertising cookies. You can disable cookies in your browser settings, though this will prevent login.

8. Changes to this policy

We may update this policy periodically. We will notify clinic administrators by email of material changes at least 14 days before they take effect.