Your Privacy Matters

Privacy Policy

We are committed to protecting your privacy and maintaining the security of your personal information.

Last Updated: August 4, 2025

This Privacy Policy describes how Skin Type Solutions collects, uses, and protects your information when you use our professional platform and services.

1. Information We Collect

Account Information

Name, email address, and contact information
Professional credentials and license information
Practice details and business information
Billing and payment information

Usage Information

Platform usage patterns and feature interactions
AudreyAI consultation requests and responses
Quiz responses and skin type assessments
Product recommendations and purchase history

Technical Information

IP address, browser type, and device information
Log files and analytics data
Cookies and similar tracking technologies

2. How We Use Your Information

We use your information to provide, improve, and personalize our services:

Platform Services

Account management and authentication
Skin type analysis and recommendations
AI-powered consultation assistance
Product catalog and marketplace access

Business Operations

Billing and payment processing
Customer support and communications
Platform analytics and improvements
Legal compliance and security

3. HIPAA Compliance & Healthcare Data

We understand the importance of protecting health information and maintain appropriate safeguards for healthcare-related data.

While Skin Type Solutions serves healthcare professionals, we recognize that some data processed through our platform may be subject to HIPAA regulations:

We implement technical, physical, and administrative safeguards
Access to data is restricted to authorized personnel only
We provide Business Associate Agreements (BAAs) when required
Healthcare providers remain responsible for ensuring HIPAA compliance

4. Information Sharing

We do not sell, rent, or trade your personal information. We may share information only in the following circumstances:

Service Providers

Trusted third-party vendors who help us operate our platform (e.g., payment processors, cloud hosting providers) under strict confidentiality agreements.

Legal Requirements

When required by law, court order, or government regulation, or to protect our rights and the safety of our users.

Business Transfers

In connection with a merger, acquisition, or sale of assets, subject to appropriate confidentiality protections.

5. Data Security

We implement industry-standard security measures to protect your information:

Technical Safeguards

SSL/TLS encryption for data transmission
AES-256 encryption for data at rest
Multi-factor authentication
Regular security monitoring and testing

Administrative Controls

Role-based access controls
Employee security training
Incident response procedures
Regular security audits

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze platform usage:

Essential Cookies

Required for platform functionality, including authentication and security features.

Analytics Cookies

Help us understand how users interact with our platform to improve performance and features.

Preference Cookies

Remember your settings and preferences to provide a personalized experience.

7. Your Rights and Choices

You have the following rights regarding your personal information:

Access and Control

Access your personal information
Update or correct your data
Export your data
Delete your account and data

Communication Preferences

Opt out of marketing emails
Manage notification settings
Control cookie preferences
Request data portability

8. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

Account information: Retained while your account is active
Usage data: Typically retained for 2-3 years for analytics purposes
Billing records: Retained for 7 years for tax and legal compliance
Healthcare-related data: Retained according to applicable regulations

Upon account deletion, we will securely delete or anonymize your personal information, except where retention is required by law.

9. International Data Transfers

Our services are primarily hosted in the United States. If you access our platform from outside the U.S., your information may be transferred to, stored, and processed in the U.S.

We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses and data processing agreements where required.

10. Children's Privacy

Our platform is designed for healthcare professionals and is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children under 13.

If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

11. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by:

Sending an email notification to your registered email address
Posting a prominent notice on our platform
Updating the "Last Updated" date at the top of this policy

Your continued use of our platform after changes become effective constitutes acceptance of the updated Privacy Policy.

Privacy Questions or Concerns?

If you have questions about this Privacy Policy or how we handle your information, please contact us:

Privacy Officer: privacy@skintypesolutions.com

General Support: support@skintypesolutions.com

Mail: Skin Type Solutions LLC
Privacy Department
Miami, FL 33101