Privacy Policy

Privacy Policy

Who We Are
Our website address is: https://santilondon.com.

What Personal Data We Collect and Why

Photos and AI Interaction Data

When you upload photos and interact with our AI-powered system, we collect the following types of personal data:

  • Photos: Uploaded photos are used solely for the purpose of providing personalized skincare recommendations through our AI analysis. Photos are considered biometric data and are processed with your explicit consent.

  • Chat Interactions: Any text you provide during your interaction with the AI (e.g., questions or information) is collected and used to generate personalized responses and recommendations.

Comments

When visitors leave comments on the site, we collect the data provided in the comments form, as well as the visitor’s IP address and browser user agent string to help with spam detection. An anonymized string created from your email address (a hash) may be provided to the Gravatar service to check if you are using it. The Gravatar service privacy policy is available here. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS). Visitors to the website can download and extract any location data from images.

Cookies

If you leave a comment, you may opt-in to saving your name, email address, and website in cookies for convenience. These cookies will last for one year.

For visitors who log in, we set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. Additional cookies related to login and screen preferences will be stored for users who log in, with options to extend login sessions.

How We Use Your Data

We use the personal data collected for the following purposes:

  1. AI-Powered Recommendations: Photos and chat data are used by our AI system to provide personalized skincare analysis and recommendations.

  2. Site Functionality: Data such as comments and media uploads are processed to ensure site functionality, improve user experience, and moderate content.

  3. Service Improvement: Your interactions may be anonymized and used for service improvement, including enhancing the accuracy and performance of our AI system.

Consent and Legal Basis for Processing

We process your personal data, including biometric data such as photos, based on your explicit consent. By uploading your photos and interacting with our AI system, you consent to the collection and use of your data for the purposes described in this policy.

You have the right to withdraw your consent at any time. To do so, please contact us at privacy@santilondon.com.

Data Sharing and Third-Party Services

We use third-party service providers to process your data, including:

  • OpenAI: For the AI-powered analysis of photos and chat data. OpenAI’s privacy policy can be found here.

Your personal data may be transferred outside of the European Union, including to the United States, for processing by our third-party service providers. We ensure that appropriate safeguards, such as standard contractual clauses, are in place to protect your data during international transfers.

How Long We Retain Your Data

  • Photos and Chat Data: We retain uploaded photos and chat data for the duration necessary to provide you with AI recommendations. After processing, data may be anonymized or deleted in accordance with our data retention policy.

  • Comments: Comments and their metadata are retained indefinitely unless otherwise requested by the user.

  • Registered Users: For users who register on our website, we store the personal information provided in their profile. You can view, edit, or delete your personal information at any time (except for your username).

Your Rights Over Your Data

If you have an account on this site or have interacted with our AI system, you have the following rights under GDPR:

  1. Right of Access: You can request an export of the personal data we hold about you.
  2. Right to Rectification: You can correct any inaccurate or incomplete data.
  3. Right to Erasure: You can request that we delete any personal data we hold about you, except for data we are required to retain for legal or security purposes.
  4. Right to Restrict Processing: You can request a limitation on how we use your data.
  5. Right to Data Portability: You can request that we transfer your data to another service provider.
  6. Right to Withdraw Consent: You can withdraw your consent for data processing at any time.

To exercise any of these rights, please contact us at privacy@santilondon.com.

Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, or disclosure. This includes encryption, secure storage, and access controls.

Data Breaches

In the event of a data breach, we will notify affected users and the relevant data protection authority within 72 hours, as required by law.

Where We Send Your Data

Visitor comments may be checked through an automated spam detection service.

For users interacting with the AI service, data (including photos and chat history) may be processed by third-party providers (e.g., OpenAI) to deliver personalized recommendations.

Changes to This Privacy Policy

We reserve the right to update this privacy policy as needed. Any changes will be posted on this page, and where appropriate, we will notify users via email.

Contact Us

For any questions or concerns regarding this policy or your personal data, please contact us at info@santilondon.com.