Our Privacy Policy
Our Privacy Policy was posted on 01.01.2022 and last updated on 12.06.2023.
We at iHairium Inc. care about your (in the text of this document, you are listed as the User) privacy. Protecting your Personal Data is very important for us and we are fully committed to protecting and safeguarding the Personal Data you share with us when you use our Service. Please read this Privacy Policy carefully to help you understand what Personal Data is and how we process it, who has access to your data and what rights you have. If you do not agree with our processing of Personal Data as described in this Privacy Policy, you cannot continue the use of our Services.
If you have any questions, do not hesitate to contact us via the contact details listed at this Privacy Policy.
This document can be printed for reference by using the print command in the settings of any browser.
PRIVACY POLICY
1. TERMS AND DEFINITIONS
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
1.1. “App” - means the “iHairium” mobile application developed by iHairium Inc. and available on the Website at: https://ihairium.com and available for iOS, through which Users interact;
1.2. “Automated data processing” – means processing Personal Data by means of computer technology;
1.3. “Consultative Diagnostics” – means the process of recognizing and evaluating the properties, characteristics, and conditions of a person, consisting in the purposeful examination of data (carried out within the framework of the User's consent to such consultation) submitted by the User in the App. No Medical Diagnosis is made (no medical report (opinion) is given) based on the results of the Consultative Diagnostics The results of the Consultative Diagnostics may be submitted to a competent specialist or medical organization in accordance with the Applicable Law and/or the User's request;
1.4. “Cookies” – means small files that are placed on User’s computer, mobile device, or any other device by a Website, containing the details of User’s browsing history on Website among its many uses;
1.5. “Depersonalization of Personal Data” or “Depersonalization” – means actions that make it impossible to determine whether Personal Data belongs to a specific subject Personal Data without using additional information;
1.6. “Destruction of Personal Data” or “Destruction” – means actions, as a result of which the content of Personal Data in the information system becomes impossible to restore and / or as a result of which Destruction of tangible carriers of Personal Data is performed;
1.7. “Disclaimer” – means a statement (made in the form of a notice) in the App/Website aimed at alerting the User (the User, by ticking the checkbox and using further the Services, agrees to the Terms of Use and this Privacy Policy after the Disclaimer) to specific points about iHairium Inc.’s liability;
1.8. “Law” or “Applicable Law” – means current United States of America, European (GDPR) data protection laws;
1.9. “Medical Diagnosis” – means a medical report (opinion) on a patient's state of health, his/her illnesses (injuries), drawn up in accordance with current standards and medical regulations. Medical Diagnosis is made by competent doctors (specialists in a particular medical) as part of the patient's application to the appropriate medical facility. The text of the Medical Diagnosis shall be expressed in the terms provided for in the current classifications and nomenclatures of diseases;
1.10. “Non-automated data processing” – means the processing of Personal Data carried out with the direct participation of the person;
1.11. “Privacy of Personal Data” – the obligation of persons who obtained access to Personal Data not to disclose and not to distribute Personal Data to third parties without the consent of the subject of Personal Data, unless otherwise provided by Applicable Law;
1.12. “Operator” or “iHairium Inc.” – means iHairium Inc., independently or jointly with other persons organizing and (or) processing Personal Data, as well as determining the purposes of Personal Data processing, the composition of Personal Data to be processed, actions/operations performed with Personal Data;
1.13. “Personal Data” – means any information relating to a directly or indirectly defined or identifiable individual (User);
1.14. “Provision of Personal Data” - actions aimed at disclosure of Personal Data to a certain person or a certain circle of persons;
1.15. “Registration” – means the process of creating a User authentication record and a Personal account by entering the registration data in the registration form in the App;
1.16. “Service (-s)” – means actions performed by iHairium Inc. for the User within the framework of the use of the App/Website related to the costs of providing medical care (Consultative Diagnostics), as well as other additional actions provided by third parties;
1.17. “Subject of Personal Data” – means the User (an individual) to whom Personal Data belongs;
1.18. “User” – means a person who has completed the Registration and has access to the Website and/or the App via the Internet;
1.19. “Website” – the website owned by the Operator and located on the Internet at the following link: https://ihairium.com;
For the purposes for GDPR, Personal Data means any information relating to a User, such as name, identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity.
For the purposes of the Delaware Online Privacy and Protection Act (“DOPPA”), Personal Data means any information that identifies, relates to, describes or is capable of being associated with, or could reasonably be linked, directly or indirectly, with a User.
2. PRINCIPLES OF PERSONAL DATA PROCESSING
2.1. The Operator shall process Personal Data both with and without the use of automation tools in accordance with the following principles:
2.1.1. The Operator takes all necessary measures to comply with legal requirements, does not process data in cases when it is not allowed by Law, does not use data to the detriment of the User;
2.1.2. Processing of Personal Data is limited to achieving specific, predetermined, and legitimate purposes;
2.1.3. The Operator shall take all reasonable measures to keep processed data up-to-date, including but not limited to exercising the right of each Subject to receive for review their data and to request the Operator to clarify, block or destroy it if the data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the processing purposes stated in this Privacy Policy;
2.1.4. It is not permitted to combine databases containing Personal Data whose processing is carried out for purposes incompatible with each other;
2.1.5. Personal Data must be processed in a way that ensures its security, using appropriate technical and organizational measures;
2.1.6. Personal Data is stored in a form that identifies the User, no longer than required by the purposes of data processing, and it must be destroyed when the purposes of processing are achieved or when they are no longer needed.
3. COLLECTING AND USING PERSONAL DATA
3.1. The Operator collects and stores only those Personal Data that are necessary to provide the Services to the User. The Operator may use Personal Data for the following purposes:
3.1.1. to provide and maintain the Services, including to monitor the usage of the Service;
3.1.2. to manage a User's account (to manage the User's registration as a User of the Services);
3.1.3. to conduct statistical and other studies (including, but not limited to, scientific, analytical) on the basis of depersonalized Personal Data;
3.1.4. for the performance of a contract (the development, compliance and undertaking of the purchase contract for the products, items or services the User have purchased or of any other contract with iHairium Inc. through the App);
3.1.5. informing the User about the Operator's services offers (sending of advertising and marketing materials and messages);
3.1.6. to ensure communications with the Operator (by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application's push notifications regarding updates or informative communications related to the functionalities, products, or contracted services, including the security updates, when necessary or reasonable for their implementation);
3.1.7. for business transfers (iHairium Inc. may use Users information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all iHairium Inc. assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by iHairium Inc. about services Users is among the assets transferred);
3.1.8. to communicate with Users within the App (including, but not limited to, sending responses to submitted comments, feedbacks, evaluations);
3.1.9. to handle and resolve legal disputes, for regulatory investigations and compliance (including as part of compliance with license requirements for the provision of advisory services to Users when using the Service), or to enforce the terms of use of the Service as reasonably expected.
4. SCOPE OF PROCESSED PERSONAL DATA AND PROCESSING PURPOSES
4.1. Personal Data.
4.1.1. While using the Services, iHairium Inc. may ask Users to provide certain personally identifiable information that can be used to contact or identify Users. Personally identifiable information may include, but is not limited to:
4.1.1.1. first name, last name, patronymic (if applicable) (including surnames, first names, and patronymics, if changed);
4.1.1.2. gender;
4.1.1.3. location;
4.1.1.4. date of birth;
4.1.1.5. e-mail;
4.1.1.6. location (address, state, province, ZIP/postal code, city);
4.1.1.7. phone number;
4.1.1.8. language (that the User speaks and uses in the App);
4.1.1.9. usage data (as defined below).
4.2. Usage Data.
4.2.1. Usage Data is collected automatically when using the Service. Usage data may include information such as the internet protocol address of the User's device (e.g., IP address), browser type, browser version, the pages of the Service that the User visits, the time and date of the User's visit, the time spent on those pages, unique device identifiers, and other diagnostic data.
4.2.2. When the User accesses the Services with or through a mobile device, iHairium Inc. may collect certain information automatically, including, but not limited to, the type of mobile device the User uses, unique identifier of User's mobile device, IP address of User's mobile device, operating system of User's mobile device, type of User's mobile Internet browser, unique device identifiers and other diagnostic data.
4.2.3. iHairium Inc. may also collect information that User's browser sends each time the User visits the Website/App or when the User accesses the Services with or through a mobile device.
4.3. Cookies and other tracking technologies.
4.3.1. iHairium Inc. uses Cookies and similar tracking technologies to track the activity on the Services and store certain information. Tracking technologies that are used include beacons, tags, and scripts to collect and track information and to improve and analyze the Services. Technologies may include:
4.3.1.1. Cookies or browser Cookies. Please note that the User can set their browser to refuse all Cookies or specify when Cookies are sent. However, if the User does not accept Cookies, the User will not be able to take advantage of certain features of the Services. If the User has not configured their browser in this way (set restrictions on accepting Cookies) the Website can use Cookies.
4.3.1.2. Web beacons. Certain sections of the Services and emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit iHairium Inc., for example, to count Users who have visited those pages or opened an email and for other related website statistics.
4.3.2. Please note that Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on the User’s personal computer or mobile device when the User goes offline, while Session Cookies are deleted as soon as the User closes web browser. iHairium Inc. use both Session and Persistent Cookies for the purposes set out below:
4.3.2.1. Essential Cookies administrated by iHairium Inc. (Session Cookies): to provide the Services available through the Website and to enable Users to use some of its features. They help to authenticate Users and prevent fraudulent use of User accounts. Without these Cookies, the Services that the User have asked for cannot be provided, and iHairium Inc. uses these Cookies only to provide such Services to the User.
4.3.2.2. Tracking and performance Cookies administered by third-parties (Persistent Cookies): to track information about visitors to the Website and how Users use the Website. The information collected by these Cookies may directly or indirectly identify the User as an individual visitor. iHairium may also use these Cookies to test new pages, features, or new functionality on the Website to see how Users respond to them.
4.3.2.3. Notice acceptance Cookies administrated by iHairium Inc. (Persistent Cookies): to identify if Users have accepted the use of Cookies on the Website;
4.3.2.4. Functionality Cookies administrated by iHairium Inc. (Persistent Cookies): are used to allow iHairium Inc. to remember choices made by the User when using the Site, such as remembering login information or language preferences.
4.4. Special Data.
4.4.1. With the unconditional consent of the User (As indicated above, by using the App, the User agrees to the Privacy Policy. For the purpose of informing the User, when using the App, additional consent may be requested before the User submits Personal Data to the Operator) and within the framework of ensuring the vital interests of the User, the Operator may also process:
4.4.1.1. information about the User’s hair type,
4.4.1.2. information about the risk profile of the hair and scalp,
4.4.1.3. photos of hair and scalp (including affected areas),
and other information (including comments by the User) given by the User regarding hair and scalp.
4.5. Personal Data of children
4.5.1. The Service does not address anyone under the age of 18 (eighteen). iHairium Inc. does not knowingly collect personally identifiable information from anyone under the age of 18.
4.5.1.1. If the User (as a parent or guardian) becomes aware that his/her child has transferred Personal Data using the Service, in this case the User should contact iHairium Inc. to delete the relevant data.
4.5.1.2. If iHairium Inc. becomes aware that it has collected Personal Data from persons under the age of 18 without verifying parental consent, iHairium Inc. will take all reasonable steps to remove that information from its servers.
4.5.1.3. If iHairium Inc. needs to rely on consent as the legal basis for processing User information, and parent or guardian consent is required in specified User's country, we may require consent from such parent or guardian before collecting and using that information.
5. PERSONAL DATA PROVIDED BY USERS ABOUT THE HEALTH OF OTHERS
5.1. The Service is intended solely for the personal use of the Users who have given their consent to the processing of their Personal Data. iHairium Inc. does not collect Personal Data of third parties who have not downloaded their own version of the Service to their mobile device and have not given their consent to processing of Personal Data. Users are responsible for the accuracy of the provided data. In case unreliable information or information about another (third) person is provided in the course of Consultative Diagnostics when using the Service, iHairium Inc. shall not be liable for the results of such Consultative Diagnostics.
6. RETENTION OF PERSONAL DATA
6.1. iHairium Inc. retains Personal Data of Users only as long as necessary for the purposes set forth in this Privacy Policy. iHairium Inc. retains and uses Personal User data to the extent necessary to comply with legal obligations (for example, if iHairium Inc. is required to retain User data to comply with Applicable Law), resolve disputes and enforce legal agreements and iHairium Inc. policies. iHairium Inc. will also retain data submitted by Users for internal review purposes.
6.2. Personal Data may be transferred and stored at a destination outside the User's location. All data provided by the User to the Operator and collected by the Operator are stored on secure cloud servers on the territory of the United States of America (the servers may be either owned by iHairium Inc. or used by third party servers under the concluded contracts). By providing their Personal Data, the User agrees to the transfer of Personal Data to such servers.
6.3. User data is stored for the entire time of using the Service and for 12 (twelve) months after unsubscribing from the Service, unless
6.3.1. this data is used to improve the security or functionality of the Service;
6.3.2. iHairium Inc. is required by law to store this data for a longer period;
6.3.3. the storage period is reduced by the User by sending a written (including by electronic means) notice on Destruction of the data.
7. TRANSFER OF PERSONAL DATA
7.1. Information about Users, including Personal Data, is processed at the operating offices of iHairium Inc. and any other locations where parties (such as medical consultants as part of consulting services in the App) involved in the processing are located. This means that this information may be transmitted to computers located outside of the User's state, province, country, or other jurisdiction.
7.2. Personal Data may be transferred and stored at a destination outside the User's location. All data that the User provides to the Operator and that the Operator collects are stored on secure cloud servers in the United States. By providing their Personal Data, the User agrees to the transfer of Personal Data to such servers.
7.3. User's consent to this Privacy Policy and User's subsequent submission of such information constitutes User's consent to such transfer.
7.4. iHairium Inc. will take all steps reasonably necessary to ensure that User Data is processed securely in accordance with this Privacy Policy, and no transfer of User Personal Data will be made to an organization or country unless adequate controls, including the security of Personal Data and other personal information, are in place.
8. DETAILED INFORMATION ON THE PROCESSING OF PERSONAL DATA
8.1. Analytics (research activities): In order to support scientific research into hair loss and how to detect their problems, iHairium Inc. may use User data in a depersonalized form (without a direct link to the User’s identity) or anonymized (without allowing us to identify the User at all), for purposes of scientific research (project) called [•]. The research plan may be accessed by the User by sending a written request or notice to the following email: support@ihairium.com. Such research may include the transfer of User data to carefully selected third-party research institutions, but only after obtaining consent for such transfer. By uploading images to the App, Users explicitly consent to the processing of images for the purpose of providing the Services and to their anonymous use for research and testing purposes.
8.2. Other service providers: Service providers used by iHairium Inc. may have access to Users' Personal Data. These third-party providers collect, store, use, process and share information about Users' activities on the Service in accordance with their privacy policies.
8.3. Marketing: iHairium Inc. may use Users' Personal Data to contact Users with newsletters, marketing or promotional materials and other information that may be of interest to Users. Users may opt out of receiving any or all such communications by following the unsubscribe link (instructions for opting out will be contained in the text of such information) or by contacting iHairium Inc. at the following email: support@ihairium.com.
8.4. Payments: iHairium Inc. may provide paid products and/or services within the Service. In that case, iHairium Inc. may use third-party services for payment processing (e.g., payment processors). iHairium Inc. will not store or collect User payment card information. This information is provided directly to third-party payment processors whose use of Users' Personal Data is governed by their privacy policies. Payment information may contain identifiers of Apple ID because all purchases in the iHairium App are made by Apple ID account. For more information about the terms of purchases, see the section “Fees for Use of the Service and Payment policy” in iHairium Terms of Use.
9. CONFIDENTIALITY OF PERSONAL DATA
9.1. The Operator shall ensure the confidentiality of the Personal Data it processes and other data in the manner prescribed by Applicable Law. Confidentiality is not required in respect of:
9.1.1. Personal Data after Depersonalization;
9.1.2. Personal Data, access to which is granted to the general public by the User or at the User's request (Personal Data, made publicly available by the User);
9.1.3. Personal Data that is subject to publication or mandatory disclosure under Applicable Laws.
9.2. It is not a breach of confidentiality of Personal Data when the Operator provides information to third parties acting based on a contract or other agreement with the Operator (including, but not limited to, medical workers, medical institutions, IT service providers, insurers) to fulfill obligations to the User.
9.3. The Operator is not responsible for the disclosure of Personal Data by clinics (medical institutions) to third parties.
10. USER RIGHTS
10.1. The User has the right to receive information regarding the processing of their Personal Data and other Data. The User has the right to request the Operator to clarify, block or destroy their Personal Data if the Personal Data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of Processing, as well as to take statutory measures to protect their rights. In order to perform these actions, it is necessary to contact the Operator by sending a written application or notice to the following email: support@ihairium.com.
10.2. If the User believes that the Operator is processing their Personal Data in violation of the Applicable Law or otherwise violates their rights and freedoms, the User may appeal against the actions or inaction of the Operator in the authorized body for the protection of the rights of subjects of Personal Data or in court.
10.3. The User has the right to defend their rights and legitimate interests, including compensation for damages and (or) compensation for moral harm, in court.
11. USER'S CONSENT TO THE TRANSFER AND PROCESSING OF DATA
11.1. The User decides to provide their Personal Data to the Operator and gives consent to their processing freely, of their own free will and in their own interest. The consent to the processing of Personal Data shall be specific, informed and conscious and shall be given by the User at the time of their Registration or at the time of acceptance of certain actions (agreement) with the Operator, as well as in any form that allows confirming the fact of its receipt, unless otherwise established by the Applicable Law.
11.2. In case of requests from organizations that do not have the appropriate authority, the Operator is obliged to obtain the User's prior consent to provide their Personal Data and to warn the persons receiving the Personal Data that this data may be used only for the purposes for which it is communicated, and to require these persons to confirm that this rule will be (was) respected.
11.3. The User understands that he/she is providing his/her consent to the transfer of special, sensitive data (concerning hair health and risk assessment). To comply with Applicable Laws, iHairium Inc. will additionally request the User's consent before taking appropriate actions (e.g., sending photos of hair, scalp) to inform the User of the commencement of processing of the relevant data. The User has the right to withdraw their consent to the Provision of Personal Data. In order to do so, a written request or notification must be made to the following email: support@ihairium.com. If the User withdraws or revokes their consent to the Provision of Personal Data, some of the functionality of the App may not be available to that User.
12. LIABILITY
12.1. The App/Website may have Disclaimers.
12.2. By agreeing to the iHairium Inc. exclusion or limitation of liability terms set forth in the Disclaimer, the User is solely responsible for any consequences associated with the use of the Service after such consent.
12.3. Given the nature of the Services provided within the App, the result of the consultations (for the avoidance of doubt, such Services in the App are called “Consultations”, “Diagnostics”) cannot be regarded as a Medical Diagnosis.
12.3.1. The result of using the Service “Consultations” (an online consultation with a specialist selected by the User) is a Consultative Diagnostics, which does not replace a visit to a competent specialist (to a medical institution for help).
12.3.2. iHairium Inc. shall not be responsible for
12.3.2.1. actions taken by the User based on the results of the Consultative Diagnostics;
12.3.2.2. untimely application of the User to a competent specialist (to a medical institution) for help with any health issues;
12.3.2.3. other actions of the User.
13. OTHER PROVISIONS
13.1. Failure by iHairium Inc. to enforce any right or provision of the Privacy Policy will not be considered a waiver of those rights. The Privacy Policy constitute the entire agreement between iHairium Inc. and the User regarding the Service and supersede and replace any prior agreements iHairium Inc. might have had between iHairium Inc. and the User regarding the Service.
13.2. Consideration of disputes and objections:
13.2.1. In the case of automated processing of Personal Data, the Operator shall consider the User's objections within [15 (fifteen)] calendar days from the date of its receipt by the Operator and notify the User of the results of the consideration of such objection;
13.2.2. If the User believes that the Operator carries out the processing of their Personal Data in violation of the requirements of the law (both automated and non-automated way) or otherwise violates their rights and freedoms, the Subject of Personal Data may appeal the actions or inaction of the Operator to the authority to protect the rights of subjects of Personal Data or in court. The Subject of Personal Data has the right to protect their rights and legitimate interests, including compensation for losses and (or) compensation for moral harm, in court.
13.3. If, for any reason, one or more provisions of this Privacy Policy are deemed invalid or unenforceable, the validity or enforceability of the remaining provisions of this Privacy Policy shall not be affected.
13.4. The Operator has the right to change the Privacy Policy (in whole or in part) unilaterally at any moment without prior agreement with the User. All changes take effect on the next day after they are posted on the site (unless otherwise expressly stated): https://ihairium.com/privacy_policy.
13.5. The User undertakes to independently monitor changes in the Privacy Policy by reviewing the current version.
СONTACT INFORMATION
Operator: iHairium Inc, 8 The Green, STE A, Dover, DE, USA, 19901
Сontact email: ceo@ihairium.com