Biometric Data Policy — Face Scan

1. What this policy covers

This policy applies to the Face Scan tool at dripology.co/face-scan/. It explains how Dripology, LLC (“Dripology,” “we,” “us”) collects, uses, and protects the photographic and related data you provide when you use the tool.

This policy supplements (and does not replace) Dripology’s general Privacy Policy. Where the two conflict on biometric-specific matters, this policy controls.

2. The biometric data we collect

When you use the Face Scan tool, we collect:

• The photo you upload or capture via your device’s camera.
• Technical metadata associated with the request: IP address (one-way hashed for abuse detection), timestamp, browser type, and a session ID.
• If you submit the email gate: your first name, email, and phone number.
• If you rate the recommendations: your interest selections.

We do not collect: facial geometry templates, face IDs, persistent biometric identifiers, voice prints, fingerprints, retina scans, DNA, or any other biometric data beyond the photo itself.

3. How we use your photo

We use your photo solely to:

• Generate AI-powered cosmetic treatment recommendations to display to you.
• Validate that the image is a real face (basic technical sanity).
• If you choose to receive the recommendations by email, include selected fields (but never the photo itself) in that email and in our customer records.

We do not use your photo to:

• Train AI models — neither ours nor any third party’s.
• Identify you, verify your identity, or match you against other photos.
• Build a profile of you over time.
• Share with advertisers, data brokers, or any other third party for commercial purposes.

4. How long we keep your photo

Your photo is never stored in our database.

When you submit a photo, here is the full lifecycle:

1. Your browser uploads the photo to our processing server (a Cloudflare Worker).
2. The server forwards the photo to Anthropic’s Claude API (our AI vision provider).
3. Anthropic returns the analysis as text.
4. Our server returns the analysis to your browser.
5. The photo bytes are released from server memory at the end of the request — they are never written to disk, never persisted, never archived.

The maximum time your photo exists on our infrastructure is the duration of the analysis itself — typically 8 to 15 seconds.

The 24-hour deletion window we commit to on the consent screen is a conservative upper bound: in practice, deletion happens within seconds, not hours.

5. Who sees your photo

Dripology employees do not view your photo. The analysis is fully automated. The only humans with technical access to the data are our engineering team, and access is logged, audited, and only used to debug system errors — never to view individual customers’ photos in the normal course of business.

Anthropic, our AI processing partner, processes the photo as part of the analysis call. Anthropic’s data handling for API calls is governed by their Commercial Terms and Privacy Policy. As of the date of this policy, Anthropic does not retain API request inputs (including your photo) beyond what is required to process the request, does not train models on API inputs without explicit opt-in, and processes data in their own secure environment.

Aside from Anthropic, no third party receives your photo. We do not sell, share, rent, or disclose your photo to advertisers, data brokers, social platforms, analytics vendors, or any other recipient.

6. Your contact information (if you submit the email gate)

If you submit your first name, email, and phone number to receive the full personalized plan, that information is:

• Recorded in our secure customer relationship system.
• Used to email you your plan, occasional follow-ups about your recommendations (you can unsubscribe anytime), and information about Dripology services that may interest you.
• Shared with our front desk and clinical team so they have context if you book a consult.
• Not sold, rented, or shared with third-party advertisers.

You can unsubscribe from emails at any time via the link in any email. You can request deletion of your record at any time — see Section 9.

7. Cookies and tracking

The Face Scan tool uses Google Analytics 4 to measure aggregate usage (how many people start scans, complete scans, submit emails). Google Analytics does not receive your photo. It receives anonymized event data only.

See our general Privacy Policy for full disclosure on site-wide cookies and tracking.

8. Security

We protect your data using industry-standard measures:

• Encryption in transit: all photo uploads use HTTPS (TLS 1.2+).
• No storage at rest: as described in Section 4, photos are never written to disk.
• API keys protected: our AI API keys are server-side secrets, never exposed in the browser.
• Rate limiting: per-IP throttling prevents abuse and bulk extraction.
• Access controls: customer records are accessible only to authorized Dripology staff via two-factor authentication.

No system is perfectly secure. If we ever discover a breach affecting biometric data, we will notify affected users within 72 hours, consistent with CCPA breach notification requirements.

9. Your rights

You have the following rights regarding your data:

• Right to know: request what personal information we have about you and how we use it.
• Right to delete: request deletion of your record (note: since we don’t store photos, deletion applies only to your contact info, scan recommendations, and any related records).
• Right to opt out: opt out of marketing emails (link in every email) or request we stop processing your data entirely.
• Right to non-discrimination: exercising any of these rights does not affect the quality of service you receive at Dripology.
• Right to correct: request correction of inaccurate information in our records.

To exercise any of these rights, email [email protected] with “Privacy Request” in the subject line. We will respond within 45 days as required by CCPA, and typically much faster.

You can also use the “Do Not Sell or Share My Personal Information” link in our site footer — Dripology does not sell your personal information, but the link is available as required by California law.

10. Children

The Face Scan tool is intended for users 18 years of age or older. The consent checkbox on the capture screen requires you to confirm you are 18+. We do not knowingly collect or process biometric data from minors.

If you believe a minor has used the tool and you would like their information removed, please contact [email protected] and we will delete the record promptly.

11. Medical disclaimer

The Face Scan tool provides cosmetic treatment suggestions only. It is not a medical diagnosis, does not diagnose any medical or dermatological condition, and is not a substitute for an in-person consultation with a licensed medical professional. Treatment recommendations are reviewed and tailored by Dripology’s licensed clinical staff during your in-person consult.

If our AI flags something we think a clinician should look at in person, we will tell you in the “Worth discussing in person” section of your results.

12. Changes to this policy

We may update this policy from time to time. When we do, we will update the “Last updated” date at the top of the page and, for material changes affecting how we handle biometric data, we will notify customers whose contact information we have on file.

13. Governing law

This policy is governed by the laws of the State of California. Any disputes will be resolved consistent with the dispute resolution provisions of our general Terms of Service.