Privacy Policy of HairRec
**Effective date: May 1, 2025**
HairRec ("us", "we", or "our") operates the HairRec mobile application (the "Service").
This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data. Our Privacy Policy for HairRec is managed through Free Privacy Policy.
We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.
Information Collection And Use
We collect several different types of information for various purposes to provide and improve our Service to you.
Types of Data Collected
AI and Biometric Data
While using our Service, we collect and process the following additional types of data:
Hair Scan Data
- Images and videos of your hair captured through our app
- Measurements and analysis data derived from your hair scans
- Technical metadata associated with scan captures
- Historical scan data for tracking changes over time
Face Shape Data
- Images or scans of your face captured through our app to analyze face shape
- Measurements and geometric data derived from face scans for hairstyle recommendations
- Technical metadata associated with face scan captures
- Historical face shape data for personalized recommendations
Chat Conversation Data
 When you use the chat feature to interact with our AI-powered coach, we collect and process the following data:
- Text content of your conversations with the coach
- Metadata associated with chat interactions (e.g., timestamps, session IDs)
- References to your hair scan or face shape data discussed in the conversation
- User preferences or inputs provided during the chat
This data is used to provide personalized coaching, improve the chat feature, and enhance our Service.
AI Processing Information
- AI-generated analysis of your hair condition
- Pattern recognition data used for recommendations
- Algorithmic assessment results
- Technical processing metadata
Health-Related Information
Our Service may collect or infer information about your hair health. This information:
- Is not intended as medical advice
- Should not be used for medical diagnosis
- Is for informational purposes only
- May include general hair health indicators
Special Data Processing Considerations
AI Processing and Analysis
Our Service uses artificial intelligence to:
- Analyze hair images and provide recommendationsÂ
- Analyze face shape scans to recommend hairstyles tailored to your facial structureÂ
- Generate personalized hair care and styling adviceÂ
- Track changes in hair condition over timeÂ
- Improve our AI models and service accuracy
- Analyze conversation inputs to provide personalized hair care and styling advice
- Reference your hair scan or face shape data to tailor responses
- Improve the conversational capabilities of our AI coach
We want you to understand that:
- AI analysis is performed using automated processing
- Some data may be reviewed by trained professionals for quality assurance
- Our AI models are regularly updated to improve accuracy
- Results should be considered suggestions, not medical advice
Data Usage for AI Training
To improve our Service:
- We may use anonymized scan data to train our AI models
- Personal identifiers are removed before any training use
- You can opt out of having your data used for AI training
- Opting out won't affect your access to core services
Storage and Retention of Scan and Chat Conversation Data
Your hair scan and face shape data is:
- Encrypted during storage and transmission
- Retained for 12 months after your last active use
- Stored using industry-standard security measures
- Backed up securely to prevent loss
Your chat conversation data is:
- Encrypted during storage and transmission
- Limited to your last 10 conversations, with older conversations automatically deleted
- Retained for 12 months after your last active use, unless you request earlier deletion
- Stored using industry-standard security measures
You can request:
- Deletion of individual hair or face scan data
- Complete removal of all your historical scans
- Export of your hair and face scan data history
- Access to all AI-generated analyses
#### Third-Party AI Processing
We work with select partners to process hair scan, face shape, and chat conversation data:
- All partners meet our strict security requirements
- Data is encrypted during transfer
- Partners are contractually bound to protect your data
- No unauthorized use of scan data is permitted
- No personally identifiable conversation data is retained by AI model beyond the necessary processing period
#### Personal Data
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally identifiable information may include, but is not limited to:
- Cookies and Usage Data
#### Usage Data
When you access the Service by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data ("Usage Data").
#### Tracking & Cookies Data
We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
- Session Cookies: We use Session Cookies to operate our Service.
- Preference Cookies: We use Preference Cookies to remember your preferences and various settings.
- Security Cookies: We use Security Cookies for security purposes.
### Use of Data
HairRec uses the collected data for various purposes:
- To provide and maintain the Service
- To notify you about changes to our Service
- To allow you to participate in interactive features of our Service when you choose to do so
- To provide customer care and support
- To provide analysis or valuable information so that we can improve the Service
- To monitor the usage of the Service
- To detect, prevent and address technical issues
- To provide personalized coaching through the AI-powered chat feature
## Transfer Of Data
Your information, including hair scan and face shape data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.
All user data collected by HairRec is stored using Firebase, a service provided by Google Inc., on servers located in the United States, specifically in the NAM5 (North America) regions. If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.
Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.
HairRec will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. No transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place, including the security of your data and other personal information.
## Disclosure Of Data
### Legal Requirements
HairRec may disclose your Personal Data in the good faith belief that such action is necessary to:
- To comply with a legal obligation
- To protect and defend the rights or property of HairRec
- To prevent or investigate possible wrongdoing in connection with the Service
- To protect the personal safety of users of the Service or the public
- To protect against legal liability
## Security Of Data
The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
## Service Providers
We may employ third party companies and individuals to facilitate our Service ("Service Providers"), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
### Marketing and Research Use
#### Use of Scan Data for Marketing
We may use:
- Aggregated, anonymized scan statistics
- General trend data from our user base
- Non-identifiable success stories
- Anonymous before/after comparisons
We will never use:
- Your individual scan results without consent
- Personally identifiable before/after images
- Individual health-related information
- Private analysis results
#### Research and Development
To improve our services:
- Anonymous scan data may be analyzed for trends
- Aggregate statistics may be used for research
- Technical data may be used for AI improvement
- Pattern analysis may be conducted for feature development
You can:
- Opt out of research data usage
- Request exclusion from aggregate studies
- Maintain full service access regardless of choice
- Change your preferences at any time
### Analytics
We may use third-party Service Providers to monitor and analyze the use of our Service.
#### Firebase
Firebase is an analytics service provided by Google Inc.
You may opt-out of certain Firebase features through your mobile device settings, such as your device advertising settings or by following the instructions provided by Google in their Privacy Policy: https://policies.google.com/privacy?hl=en
We also encourage you to review Google's policy for safeguarding your data: https://support.google.com/analytics/answer/6004245.
For more information on what type of information Firebase collects, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
## Links To Other Sites
Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
## Children's Privacy
### For Users Under 13
In compliance with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect personal information from children under 13 without verifiable parental consent. If we learn that we have collected personal information from a child under 13 without parental consent, we will take steps to remove that information from our servers.
### For Users 13-17
Users between the ages of 13 and 17 may use our App with parental or guardian consent. By using our App, users in this age range confirm they have received such consent. We collect minimal personal information from these users and implement additional safeguards to protect their privacy.
### Parental Rights
If you are a parent or guardian and you believe your child has provided us with personal information without appropriate consent, please contact us at hairrecai@gmail.com. We will:
- Verify your identity and relationship to the child
- Review the information collected, if any
- Remove information if collected without appropriate consent
- Provide you with direct notice of our practices
- Obtain verifiable consent if required
### Age Verification
We implement reasonable measures to verify the age of our users. This may include:
- Age gates during registration
- Parental consent verification processes
- Technical measures to identify and prevent child users where appropriate
## Changes To This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.
We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the "effective date" at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
## United States State-Specific Privacy Rights
### California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- Right to Know: Request disclosure of personal information we collect, use, and share
- Right to Delete: Request deletion of your personal information
- Right to Correct: Request correction of inaccurate personal information
- Right to Data Portability: Receive your personal information in a portable format
- Right to Opt-Out: Opt out of the sale or sharing of personal information
- Right to Limit: Limit the use and disclosure of sensitive personal information
- Right Against Discrimination: Exercise your rights without discrimination
To exercise these rights, contact us at hairrecai@gmail.com. We will respond within 45 days.
California residents can also designate an authorized agent to make requests on their behalf.
### Virginia Privacy Rights (VCDPA)
Under the Virginia Consumer Data Protection Act (VCDPA), Virginia residents have the right to:
- Access their personal data
- Request correction of inaccurate data
- Delete personal data
- Obtain a copy of their personal data
- Opt out of targeted advertising
- Appeal a business's denial of a consumer request
### Colorado Privacy Rights (CPA)
Colorado residents have rights under the Colorado Privacy Act (CPA), including:
- Access their personal data
- Correct inaccurate personal data
- Delete personal data
- Data portability
- Opt out of targeted advertising and profiling
- Appeal denied requests
### Connecticut Privacy Rights (CTDPA)
Connecticut residents have rights under the Connecticut Data Privacy Act (CTDPA), including:
- Access their personal data
- Correct inaccuracies
- Delete personal data
- Obtain a copy of their data
- Opt out of targeted advertising and profiling
### Utah Privacy Rights (UCPA)
Under the Utah Consumer Privacy Act (UCPA), Utah residents have the right to:
- Access their personal data
- Delete personal data
- Data portability
- Opt out of targeted advertising
### Nevada Privacy Rights
Nevada residents have the right to opt out of the sale of their personal information. While we do not sell personal information, you may submit an opt-out request to hairrecai@gmail.com.
## Do Not Track Signals
Some browsers have "Do Not Track" features. Our App honors Do Not Track signals, and we do not track, plant cookies, or use advertising when a Do Not Track browser mechanism is in place.
## Data Broker Registration
Where required by state law (such as in California, Vermont, and other jurisdictions), we maintain necessary data broker registrations if our practices qualify us as a data broker.
## European Union (EU) User Rights Under GDPR
If you are a resident of the European Economic Area (EEA), you have specific rights regarding your personal data under the General Data Protection Regulation (GDPR):
### Legal Basis for Processing
We process your personal data under the following legal bases:
- Consent: When you explicitly agree to the processing of your data
- Contractual Necessity: To fulfill our contractual obligations to you
- Legal Obligations: To comply with applicable laws
- Legitimate Interests: When processing is necessary for our legitimate business interests
### Your Data Rights
As an EEA resident, you have the right to:
- Access your personal data
- Correct inaccurate personal data
- Request erasure of your personal data ("right to be forgotten")
- Restrict or object to processing of your data
- Data portability (receive your data in a structured, commonly used format)
- Withdraw consent at any time (where processing is based on consent)
- Lodge a complaint with your local data protection authority
### Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law.
### International Data Transfers
For EEA users, when we transfer your data outside the EEA, we ensure adequate protection through:
- Data transfer agreements incorporating Standard Contractual Clauses approved by the European Commission
- Transfers to countries with an adequacy decision from the European Commission
- Other legally compliant transfer mechanisms
### Data Protection Officer
For GDPR-related inquiries or to exercise your rights, contact our Data Protection Officer at:
hairrecai@gmail.com
## Cookie Compliance (ePrivacy Directive)
In accordance with EU cookie laws, we:
- Obtain explicit consent before placing non-essential cookies
- Provide detailed information about each cookie category
- Allow you to modify your cookie preferences at any time
- Enable you to use basic services without accepting non-essential cookies
## Contact Us
If you have any questions about this Privacy Policy, please contact us:
- By email: hairrecai@gmail.com