Privacy Policy DermaLens AI Last updated: 03 February 2026 DermaLens AI (“we”, “our”, “us”) is operated by RATHOD SAMIR SUNILBHAI, India. This Privacy Policy explains how we collect, use, store, share, and protect information when you use the DermaLens AI mobile application and related services (“App”, “Service”). By accessing or using the App, you agree to this Privacy Policy. 1. Information We Collect 1.1 Personal Information We may collect limited personal information, including: Email address Phone number Authentication identifiers (e.g., Firebase UID) Login method (Google sign-in, email/password, phone OTP, or anonymous guest) We do not collect personal profile details such as age, gender, address, or government identification numbers. 1.2 Medical & Health-Related Information To provide AI-assisted dermatology information, we may collect: Skin images/photos uploaded by users Health-related descriptions or symptoms Chat messages exchanged with doctors on the platform This information is treated as Sensitive Personal Data under the Information Technology Act, 2000 (India) and Special Category Personal Data under GDPR. 1.3 AI Processing Information Uploaded images and inputs are processed by AI models to generate dermatology-related insights AI outputs are provided for informational purposes only AI outputs do not constitute a confirmed or final medical assessment 1.4 Usage & Analytics Information We automatically collect limited technical data such as: App usage patterns Device and performance information Crash and error logs This data is collected using Firebase Analytics to improve app stability, safety, and performance. 1.5 Data Safety We take data safety and transparency seriously. The following summarizes key details you will also see in the Google Play Data Safety section: - Photos and videos (skin images): Collected — Purpose: AI inference and doctor consultation; Shared with: platform doctors and Microsoft Azure for storage and processing; Encrypted in transit: Yes (TLS); Encrypted at rest: Yes; Retention: 90 days by default unless the user requests earlier deletion. - Health & fitness data (symptoms, health descriptions, chat messages): Collected — Purpose: consultation and medical recordkeeping; Shared with: platform doctors and Microsoft Azure; Encrypted in transit: Yes; Encrypted at rest: Yes; Retention: 90 days unless otherwise required by law. - Identifiers (Firebase UID, device identifiers): Collected — Purpose: authentication, fraud prevention, and analytics; Shared with: Firebase and analytics providers; Encrypted in transit: Yes; Encrypted at rest: Yes; Retention: as required to operate the service. - Crash and diagnostics (logs): Collected — Purpose: app stability and debugging; Shared with: Firebase (Crashlytics) for diagnostics; Encrypted in transit: Yes; Encrypted at rest: Yes; Retention: per provider default. Third-party processing partners and links: - Firebase (Google): https://firebase.google.com/support/privacy - Microsoft Azure: https://privacy.microsoft.com By uploading images or providing health information you explicitly consent to the processing of Sensitive Personal Data for the purposes described above. You may withdraw consent and request deletion as described in the "Data Retention" and "Contact" sections below. Data retention and deletion process Images and consultation records are retained for 90 days after last access by default. You can request deletion at any time. To request deletion outside the app, email dermalensai@outlook.com with your account UID; we will verify identity and complete deletion or anonymization within 30 days of a verified request. Deletion requests submitted from the in-app `Delete Account` flow are treated as verified and should be actioned within 30 days. Age verification and minors The App is intended for users aged 18 and over and relies on self-declaration at account creation. If we become aware of an account used by a person under 18, we will suspend the account and provide instructions to have data removed upon verified parental/guardian request. Not a medical device The App and its AI functionality are not medical devices. All AI outputs are informational only and are not intended for clinical use or as the sole basis for medical decisions. 2. How We Use Your Information We use collected information to: Authenticate users and manage accounts Provide AI-assisted skin analysis and information Enable chat-based consultations with doctors Improve app functionality and user experience Maintain security and prevent misuse Comply with applicable legal and regulatory obligations 3. Legal Basis for Processing (GDPR) We process personal data based on: Explicit user consent Performance of services requested by the user Legitimate interests, such as improving safety and functionality Legal compliance under applicable laws 4. Medical Disclaimer DermaLens AI provides AI-assisted dermatology insights for informational purposes only. AI outputs are not a substitute for professional medical advice AI predictions may be inaccurate, incomplete, or delayed Users should consult a qualified dermatologist or medical professional before making any medical decisions Medical decisions and outcomes remain the responsibility of the user and the treating medical professional. For legal terms and limitations of liability, please refer to the Terms of Service. 5. Medication Information Disclaimer (Prescription & OTC) 5.1 Prescription-Only Drugs The App may display medications or treatments marked as “DOCTOR’S PRESCRIPTION ONLY (INFORMATIVE).” - Such information is strictly educational - The App does not prescribe medications - Display of a drug does not constitute a medical prescription - Prescription medicines must be used only under supervision of a qualified medical practitioner 5.2 Over-The-Counter (OTC) Drugs The App may display information about certain medications that are commonly available as Over-The-Counter (OTC) drugs. You acknowledge and agree that: - OTC drug information is provided only for general awareness and education - Availability without prescription does not mean the drug is safe for everyone - You must check whether you are allergic, sensitive, or contraindicated to any medication before use - You should read the drug label, warnings, and instructions carefully - If you have any medical condition, are pregnant, breastfeeding, or taking other medicines, you must consult a qualified medical professional before using any OTC drug DermaLens AI does not assume responsibility for allergic reactions, side effects, misuse, or adverse outcomes arising from OTC drug use. 6. Data Storage & Security 6.1 Storage Infrastructure Your data is stored using secure cloud infrastructure, including: Firebase – authentication and analytics Microsoft Azure – backend services, chat data, and image storage Data may be stored on servers located outside India, subject to applicable data protection laws. 6.2 Security Measures We use reasonable security practices, including: Encrypted data transmission Secure authentication mechanisms Role-based access controls No method of transmission or storage is completely secure, and absolute security cannot be guaranteed. Encryption at rest: Data stored by our cloud providers is protected using industry-standard encryption at rest in addition to TLS in transit. Where we control storage configuration, we ensure encryption-at-rest is enabled. 7. Data Sharing We may share data only in the following circumstances: With doctors on the platform, for consultation purposes With service providers (Firebase and Microsoft Azure) for infrastructure and analytics With legal authorities, if required by law or government request We do not sell personal or medical data to third parties. 8. Payments (Future Provision) Currently, DermaLens AI does not process payments. If payment features are introduced in the future: Secure and compliant payment gateways will be used This Privacy Policy will be updated accordingly 9. User Rights 9.1 GDPR Rights You have the right to: Access your personal data Correct inaccurate data Request deletion of your data Restrict or object to processing Withdraw consent at any time 9.2 Indian IT Act Rights Under the Information Technology Act, 2000 and IT (Reasonable Security Practices and Sensitive Personal Data) Rules, 2011, you may: Review and correct your information Withdraw consent by discontinuing use of the App Requests can be made by contacting: 📧 dermalensai@outlook.com Account deletion via app: You can request deletion from the app by using the `Delete Account` option available under your Profile. Requests submitted via the app are processed as verified deletion requests. If you cannot access the app, contact us at the email above and include your account UID. 10. Data Retention Data is retained only as long as necessary to provide services, comply with legal obligations, or resolve disputes Upon account deletion, data is deleted or anonymized unless retention is required by law 11. Age Restriction & Guardian Use DermaLens AI is intended for users aged 18 years and above. We do not knowingly allow users below 18 to create independent accounts If information or assistance is required for a person below 18 years of age, the App may be used only by a parent or legal guardian who is 18 years or older In such cases, the parent or legal guardian must: Log in using their own account Upload images and information on behalf of the minor Provide consent for data processing Assume full responsibility for use of the App and reliance on its content 12. Third-Party Links The App may contain links to third-party services. We are not responsible for the privacy practices of those third parties. 13. Changes to This Privacy Policy We may update this Privacy Policy from time to time. Changes will be reflected within the App, and continued use constitutes acceptance of the updated policy. 14. Contact Information Owner: RATHOD SAMIR SUNILBHAI App Name: DermaLens AI Email: dermalensai@outlook.com Country: India