← Back to Home

Privacy Policy

Last updated: December 2, 2025

1. Introduction

Dermaly ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information during our early access validation phase.

Important: We are currently in early access validation. No clinical services are being provided at this stage. This policy covers data collection for our waitlist and validation process only.

2. Information We Collect

We collect the following information when you join our waitlist:

  • Personal Information: Name, email address, phone number (optional)
  • Medical Information: Skin condition, age, treatment history, urgency level
  • Preference Data: Preferred care tier, price comfort level, willingness to pay
  • Marketing Data: How you heard about us, feedback and survey responses
  • Technical Data: IP address, browser type, device information, usage data

3. How We Use Your Information

We use your information to:

  • Validate market demand for our service
  • Notify you when we launch (priority access for waitlist members)
  • Understand customer needs and preferences
  • Improve our service design and features
  • Send occasional updates about our progress (you can unsubscribe anytime)
  • Analyze usage patterns and improve our website

4. Data Storage & Security

Your data is stored securely and is protected by industry-standard security measures:

  • Encrypted data transmission (HTTPS/TLS)
  • Secure database storage with access controls
  • Regular security audits and updates
  • Limited employee access on a need-to-know basis

5. Data Sharing

We do NOT sell your personal information. We may share your data with:

  • Service Providers: Third-party tools for data storage (e.g., Airtable, Google Sheets), analytics (e.g., PostHog, Vercel Analytics)
  • Legal Requirements: If required by law or to protect our legal rights
  • Business Transfers: In the event of a merger, acquisition, or sale of assets

6. Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to certain processing activities
  • Withdraw Consent: Withdraw consent at any time

To exercise any of these rights, email us at privacy@dermaly.xyz

7. Data Retention

We retain waitlist data for the duration of our validation phase and launch preparation (approximately 6-12 months). After launch, your data will either:

  • Be transferred to your patient account (with your consent)
  • Be securely deleted if you do not sign up for the service

8. Cookies & Analytics

We use cookies and analytics tools (Vercel Analytics, PostHog) to understand how users interact with our website. This helps us improve the user experience. You can disable cookies in your browser settings.

9. Children's Privacy

Our service is not intended for children under 13. If you are signing up for our pediatric dermatology track, you must be a parent or legal guardian providing information on behalf of a child.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes via email or by posting a notice on our website.

11. Contact Us

If you have questions about this Privacy Policy or how we handle your data:

Email: privacy@dermaly.xyz

Mail: Dermaly, [Address TBD], United Kingdom