What is Faceify Labs?

Faceify Labs is a browser-based AI surgical simulation platform with 85+ procedure simulators built for plastic surgeons, aesthetic clinics, and patients. It processes patient photos entirely on-device using a 468-point anatomical facial mesh — no images are uploaded to any server. It is an educational visual planning tool, not regulated as a medical device under the U.S. FDA, the Thai FDA, the Korean MFDS, ANVISA (Brazil), or the PMDA (Japan). See faceifylabs.com/clinical-safety for our full clinical posture.

How many procedures does Faceify Labs simulate?

Faceify Labs supports 85+ procedures across 6 categories: surgical (rhinoplasty, blepharoplasty, facelift, brow lift, otoplasty, V-line, and more), non-surgical (chemical peels, laser, microneedling, HIFU, RF), injectable (Botox, dermal fillers, Profhilo, Sculptra, Radiesse, Kybella, masseter Botox), dental (veneers, smile design, teeth whitening, gummy smile), body contouring (breast augmentation, liposuction, BBL, tummy tuck, brachioplasty, thigh lift), and hair restoration (DHI hair transplant, PRP hair, laser hair removal).

Is Faceify Labs free to try?

Yes. Visit faceifylabs.com/demo to try every procedure simulator free with no signup required. Surgeon plans start at $149/month. Patients can buy a $19 Day Pass for 24-hour unlimited simulator access (₹1,599 in INR).

How does Faceify Labs compare to Crisalix, Vectra, or AEDIT?

Faceify Labs runs entirely in the browser with no hardware required. Crisalix uses a 3D mobile scanner. Vectra (Canfield) requires $25k+ in dedicated 3D camera hardware. AEDIT focuses on patient discovery, not parametric simulation. FaceTouchUp is rhinoplasty-only with manual brush tools. Faceify ships 85+ parametric procedures with clinical safety constraints, 100% on-device processing, and a 468-point anatomical mesh, at $149/month.

Is patient data safe with Faceify Labs?

Yes. All facial photo processing is performed entirely on-device in the browser using WebGL2 and TensorFlow.js. No patient photos are ever uploaded to or stored on any Faceify Labs server. The platform is built with HIPAA-aligned architecture and complies with GDPR, Thailand PDPA, South Korea PIPA, Singapore PDPA, and India DPDPA.

What devices and browsers does Faceify Labs support?

Any modern browser with WebGL2: Chrome, Safari, Firefox, or Edge — on desktop, tablet, or mobile. iOS Safari 15+ and Android Chrome are fully supported. iPad is the most common device for in-clinic surgeon demos. No app download or hardware required.

How accurate are the AI simulations?

Simulations use a 468-point anatomical facial mesh (MediaPipe Face Mesh) with sub-millimeter landmark tracking precision (0.04mm RMSD per Kartynnik 2019). Each procedure has clinical safety constraints — anatomical clamps prevent unrealistic deformations such as eye-orbit displacement past 1.2% of face height. Simulations are educational, directional previews, not surgical-outcome guarantees.

Can I share a simulation with my patient or surgeon?

Yes. Surgeons can email patients a one-click link that opens the simulation plan in a browser — patients see the surgeon's parameter selections without uploading anything new. Patients can email surgeons a share link the same way. Photos stay on each person's device throughout — only the parameter state is transmitted.

AI Surgical Simulation for Plastic Surgeons

How we handle your photos — plain language

2D Simulators (default)

Landmark detection, mesh deformation, and rendering run entirely in your browser — your photo is not transmitted during simulation. Your photo is sent off your device only if you choose to save a simulation to your account (stored privately) or turn on the AI photoreal preview.

AI Photo Processing (opt-in)

When you enable the photorealistic preview feature, your photo is transmitted to a third-party AI computing service to generate the preview. This requires your explicit consent before use.

1. Data Controller

The data controller for your personal information is Formir Technologies Private Limited (operating as Faceify Labs), an Indian private limited company. For all privacy-related inquiries, please contact us at privacy@faceifylabs.com.

2. What Data We Collect

We collect only the minimum data necessary to operate our platform:

Account information: Your name, email address, and professional credentials when you sign up for an account or request a demo.
Session cookies: A secure, httpOnly session cookie (fl-session) used to authenticate your account for up to 7 days. No tracking cookies are set without your consent.
Analytics: We use PostHog (EU-hosted) and Google Analytics 4 (US-hosted) to collect anonymised usage data such as page views, session duration, and feature interactions. This data does not include any patient images or facial data.
Contact form submissions: Any messages you send through our contact or demo-request forms, including your name, email, and message content.
Billing and subscription data: Payment-related records managed through our billing provider (Polar). We store subscription status, plan type, and transaction references. We do not store credit card numbers directly.
Consultation and lead data: If you request a consultation or express interest in a procedure, we store your contact details and inquiry to connect you with a surgeon.
Security audit logs: We log authentication events (login attempts, account changes) with IP address and user agent for security and fraud prevention.
Patient facial images: For 2D simulators (the default), all face processing runs entirely in your browser. No photographs are uploaded. For the optional AI photorealistic preview feature, your photo is transmitted to a third-party AI inference provider only with your explicit prior consent — see §9b below.

3. Legal Basis for Processing

Under GDPR Article 6, we rely on the following legal bases:

Legitimate interest (Art. 6(1)(f)): Analytics data collected to understand how our platform is used and to improve our services.
Performance of a contract (Art. 6(1)(b)): Account and authentication data processed to provide you with access to our platform and fulfil your subscription.
Consent (Art. 6(1)(a)): Marketing communications and optional analytics cookies, where you have explicitly opted in via our cookie consent banner.
Legal obligation (Art. 6(1)(c)): Data we are required to retain to comply with applicable law (e.g. tax and accounting records).
Explicit consent for sensitive data (Art. 9(2)(a)): Where you choose to use the AI photorealistic preview feature, we rely on your explicit, freely-given, separately-obtained consent to process your facial photograph as biometric data for that purpose. This consent is distinct from your account consent and can be withdrawn at any time from your account settings without affecting your access to the 2D simulation features.

4. Data Retention

Session data: Authentication sessions expire after 7 days of inactivity.
Analytics data: Retained for up to 2 years, then automatically deleted or anonymised.
Contact form inquiries: Retained for up to 1 year from the date of submission.
Account data: Retained while your account is active. When you delete your account, your data is permanently removed. Security audit logs (with email redacted to user ID only) are retained for compliance purposes.
2D simulation photos (standard): Not retained by default — all face processing is on-device. Nothing is stored on our servers unless you explicitly choose to save a simulation to your account, in which case the image is stored privately and access-controlled.
AI photo processing (opt-in): When you use the photorealistic preview feature with your consent, your photo is transmitted to our third-party inference provider and deleted within approximately one hour of processing, consistent with their published data retention policy. Faceify Labs does not store your photo server-side. Your consent record (timestamp and version) is retained while your account is active.
AI photo consent records: Retained while your account is active to demonstrate regulatory compliance. Deleted when your account is deleted.

5. Your Rights

Under GDPR and similar applicable laws (including CCPA/CPRA, Thailand PDPA, South Korea PIPA, India DPDP Act 2023, and Brazil LGPD), you have the following rights in relation to your personal data. Jurisdiction-specific rights are detailed in the dedicated sections below.

Right of access: Request a copy of the personal data we hold about you.
Right to rectification: Ask us to correct inaccurate or incomplete data.
Right to erasure: Ask us to delete your personal data where there is no lawful basis for continued processing.
Right to data portability: Receive your data in a structured, machine-readable format and transfer it to another controller.
Right to object: Object to processing based on legitimate interests, including direct marketing.
Right to restrict processing: Ask us to limit how we use your data in certain circumstances.
Right to lodge a complaint: You have the right to complain to your local data protection supervisory authority. In the EU/EEA, this is the authority in your country of residence. In India, you may contact the Data Protection Board of India once operational under the Digital Personal Data Protection Act 2023. In Brazil, you may contact the ANPD (Autoridade Nacional de Proteção de Dados) at www.gov.br/anpd.

To exercise any of these rights, email privacy@faceifylabs.com. We will respond within 30 days.

6. California Residents — CCPA / CPRA Rights

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you the following rights with respect to your personal information:

Right to know / access (Cal. Civ. Code §1798.100): You may request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of that information, the business purposes for collecting it, and the categories of third parties with whom we share it.
Right to delete (§1798.105): You may request that we delete personal information we have collected from you, subject to certain exceptions permitted by law (e.g., information needed to complete a transaction or comply with a legal obligation).
Right to correct (§1798.106, CPRA): You may request that we correct inaccurate personal information we maintain about you.
Right to opt out of sale or sharing: Faceify Labs does not sell your personal information to third parties, nor do we share it for cross-context behavioural advertising. No opt-out action is required, but you may contact us to confirm this at any time.
Right to non-discrimination (§1798.125): We will not discriminate against you for exercising any of your CCPA / CPRA rights. You will not receive a different quality of service or be charged a different price as a result of exercising these rights.

To exercise any of these rights, California residents may submit a verifiable consumer request by emailing privacy@faceifylabs.com with the subject line "CCPA Rights Request". We will acknowledge your request within 10 business days and respond substantively within 45 calendar days, as required by California law.

7. Data Security

We implement industry-standard security measures to protect your information, including TLS 1.3 encryption in transit, httpOnly and secure cookies, and access controls on all server-side data. Standard 2D simulation processing is performed entirely on-device. For the opt-in AI preview path, photos are transmitted over TLS 1.3 and image metadata (EXIF) is stripped before transmission. Account, billing, and consultation data is stored server-side with appropriate security controls.

8. Third-Party Services & International Data Transfers

We use the following third-party processors. Where data is transferred outside the EEA, we rely on Standard Contractual Clauses (SCCs) or equivalent safeguards as required by GDPR Chapter V:

PostHog — Product analytics. Data stored on EU-hosted infrastructure (Frankfurt). No patient data.
Google Analytics 4 — Web analytics. Data transferred to the US under Standard Contractual Clauses. IP addresses are anonymised. No patient data.
Vercel — Hosting and edge delivery. Data may be processed in the US under Standard Contractual Clauses.
Resend — Transactional email delivery (authentication codes, account notifications). Processes your email address only.
Cerebras — AI inference API used for the in-platform clinical chatbot. No patient images or simulation data are sent to this service.
Neon (PostgreSQL) — Database hosting for account and subscription data.
Calendly— Self-serve consultation / demo scheduling. When you click a “Book a Demo” or “Book a Consultation” button, Calendly receives your name, email address, and selected time slot. Data is stored on Calendly's infrastructure; their privacy policy is at calendly.com/privacy.
Polar.sh — Merchant of record for all subscription billing and one-time Patient Pass purchases. Polar handles payment processing, invoicing, tax collection (VAT / GST where applicable), refunds, and chargeback handling on our behalf. Their terms and privacy policy govern the transaction itself; ours governs access rights. See polar.sh/legal/privacy.
Replicate (AI inference — opt-in only)— When you choose to use the photorealistic preview feature and provide explicit consent, your photograph is transmitted to Replicate, Inc. (a US-based AI computing service, replicate.com) to generate a photorealistic simulation preview. Replicate does not retain your photo beyond the processing period (approximately one hour) and does not use your data to train AI models, per their published Terms of Service and Data Processing Agreement. For EU/EEA users, transfers are covered by Standard Contractual Clauses (Module 2). For Indian users, this transfer is disclosed as part of your DPDP Act Section 6 consent. This service is only used when you have explicitly opted in — it is never activated during standard 2D simulation sessions. Replicate's privacy policy is at replicate.com/privacy.

Each processor operates under its own privacy policy and a data processing agreement with Faceify Labs. Links to their privacy policies are available on request at privacy@faceifylabs.com.

9. Simulation Photo Processing

Faceify Labs operates two distinct simulation pipelines with different privacy characteristics. Your default experience uses the on-device path. The AI photorealistic preview is strictly opt-in and requires separate, explicit consent.

9a. On-Device Processing (2D Simulators — default)

Your photo is not transmitted during standard 2D simulation. All facial image processing for standard surgical simulation — including MediaPipe face mesh detection (468-landmark model, running as WebAssembly in your browser), Delaunay warp rendering, brush-tool operations (Shrink, Grow, Reshape), and parametric slider computations — is performed entirely client-side using WebAssembly and WebGL / Canvas2D. No patient photographs, biometric landmarks, facial geometry data, or simulation frames are transmitted to Faceify Labs servers or any third-party service during a standard 2D simulation session. Your photo leaves your device only if you explicitly choose to save a simulation to your account (stored privately and access-controlled) or turn on the optional AI photoreal preview.

Analytics events (e.g. “simulation started,” “procedure selected”) may be sent to PostHog for product improvement purposes, but these events contain no image data, no facial coordinates, and no patient-identifiable information.

This on-device architecture means that for standard 2D simulation, no Protected Health Information (PHI) and no biometric personal data as defined under GDPR Article 9 is processed by Faceify Labs or any third party. The MediaPipe model weights are downloaded to your browser once and run locally; they are not used to transmit your image to Google or any other party.

9b. AI Photo Processing — Photorealistic Preview (opt-in, consent required)

This feature transmits your photo to a third-party AI service. It is available only to users who have provided explicit prior consent. It is never activated during standard 2D simulation sessions.

When you enable the photorealistic preview feature (“AI Preview”), the following processing occurs:

What is collected and transmitted: Your face photograph (as you uploaded it for simulation), along with the procedure type and slider parameter values you have selected, is transmitted over HTTPS to Replicate, Inc., a US-based AI computing service. Before transmission, image metadata (including any EXIF data such as GPS location coordinates, device identifiers, and capture timestamps) is stripped server-side to ensure only the pixel content required for generation is sent.
Purpose: To generate a photorealistic visualization of the selected cosmetic procedure on your photograph using AI image generation models. This is an aesthetic visualization only and does not constitute a medical prediction, diagnosis, or guaranteed surgical outcome. Individual results vary. Consult your surgeon.
Who receives your photo: Replicate, Inc. (replicate.com), incorporated in the United States. Replicate processes your photo solely to generate the preview and does not retain it beyond the processing period (approximately one hour), consistent with their published Data Retention Policy. Replicate does not use your photo to train AI models.
Cross-border transfer disclosure (DPDP Act §16): If you are located in India, your photo will be transferred to Replicate's servers in the United States. As of the date of this policy, the United States is not on any restricted-country list notified by the Central Government under Section 16 of the Digital Personal Data Protection Act 2023. This transfer is permitted subject to your informed consent under Section 6 of the DPDP Act, which is collected separately before your first use of this feature.
GDPR — EU/EEA users: Transfer to Replicate (US) is conducted under Standard Contractual Clauses (Module 2, controller to processor) pursuant to GDPR Chapter V. The legal basis for processing your facial photograph as biometric data is your explicit consent under GDPR Art. 9(2)(a), obtained as a standalone, granular consent request before any photo is transmitted. You may withdraw this consent at any time from your account settings.
EU AI Act Art. 50 (applicable from August 2026): AI-generated preview images are labeled as AI-generated visualizations and do not represent guaranteed surgical outcomes. The disclaimer “AI-generated simulation. Not a medical prediction. Individual results vary. Consult your surgeon.” appears adjacent to every generated preview.
US users — geographic restriction: The photorealistic AI preview feature is currently unavailable to users accessing the platform from US IP addresses, pending implementation of a fully BIPA-compliant (Illinois Biometric Information Privacy Act) consent flow. This restriction is enforced at the API level. US users continue to have full access to all 2D on-device simulation features.
Retention: Faceify Labs does not store your photo on its own servers at any point during AI preview generation. The photo is transmitted in transit only. Replicate deletes processing inputs within approximately one hour. Your consent record (timestamp and consent text version) is stored in your account and deleted when you delete your account.
Your rights:You may withdraw your consent to AI photo processing at any time from your account settings (“AI Photo Processing” section). Withdrawal does not affect the lawfulness of processing already carried out. After withdrawal, you revert to the 2D on-device simulation path. To request deletion of your consent record, email privacy@faceifylabs.com.
Training data:Your photo and the generated preview are not used to train any AI model — neither by Faceify Labs nor by Replicate, per Replicate's published Terms of Service.

10. Cookies

We use strictly necessary cookies (session authentication) which do not require consent. We use analytics cookies (PostHog, Google Analytics) only with your explicit consent, managed through our cookie consent banner. You can withdraw consent at any time by clearing cookies in your browser or adjusting your preferences in the consent banner.

11. Data Protection Officer

Faceify Labs has designated a Data Protection Officer (DPO) responsible for overseeing our data protection strategy and ensuring compliance with applicable privacy laws, including the GDPR, Thailand PDPA, South Korea PIPA, India DPDP Act 2023, and Brazil LGPD.

DPO Contact: privacy@faceifylabs.com

You may contact the DPO directly for any data protection concern, to exercise your data subject rights, or to raise a complaint about how your personal data is handled. We will acknowledge your contact within 5 business days and provide a substantive response within 30 days.

12. Thailand — Personal Data Protection Act (PDPA)

If you are located in Thailand, the Personal Data Protection Act B.E. 2562 (2019) ("PDPA") applies to the processing of your personal data. This section supplements the general provisions of this Privacy Policy.

Lawful Basis for Processing

We process your personal data under the following lawful bases recognised by the PDPA:

Consent (Section 19): Where you have explicitly agreed to the processing, such as when opting into analytics cookies, marketing communications, or creating an account. You may withdraw consent at any time without affecting the lawfulness of prior processing.
Legitimate interest (Section 24(5)): For purposes such as platform security, fraud prevention, and product analytics, where our legitimate interests are not overridden by your rights and freedoms.
Performance of a contract (Section 24(3)): To provide you with access to your account, subscription, and simulation services as agreed.
Legal obligation (Section 24(2)): Where processing is required to comply with Thai law or other applicable legal obligations.

Your Rights Under the PDPA

As a data subject under the PDPA, you have the following rights:

Right to be informed (Section 23): To be told how your data is processed before or at the time of collection.
Right of access (Section 30): To obtain a copy of your personal data and information about how it is used.
Right to data portability (Section 31): To receive your personal data in a machine-readable format where technically feasible.
Right to object (Section 32): To object to processing based on legitimate interest at any time.
Right to erasure (Section 33): To request deletion of your personal data when it is no longer necessary or when you withdraw consent, subject to legal exceptions.
Right to restrict processing (Section 34): To request suspension of processing in certain circumstances.
Right to rectification (Section 35): To request correction of inaccurate or incomplete personal data.
Right to withdraw consent (Section 19): To withdraw previously given consent at any time.

Cross-Border Data Transfers

Where your personal data is transferred to countries outside Thailand, we ensure adequate protection through one or more of the following mechanisms as required by PDPA Section 28:

Transfer to countries with an adequate level of personal data protection as recognised by the Thai Personal Data Protection Committee;
Standard contractual clauses or binding corporate rules providing equivalent protections;
Your explicit consent for the specific transfer, where required.

To exercise any PDPA rights, contact our DPO at privacy@faceifylabs.com with the subject line "PDPA Rights Request".

13. South Korea — Personal Information Protection Act (PIPA)

If you are located in South Korea, the Personal Information Protection Act ("PIPA", 개인정보 보호법) applies. This section supplements the general provisions of this Privacy Policy.

Retention Periods

Under PIPA Article 21, personal information must be destroyed without delay once the purpose of collection is fulfilled. Our specific retention periods are:

Account data: Retained while your account is active. Deleted within 30 days of account closure, except where retention is required by law.
Session and authentication data: Expires after 7 days of inactivity.
Transaction and billing records: Retained for 5 years as required under the Act on Consumer Protection in Electronic Commerce.
Security audit logs: Retained for up to 1 year for fraud prevention and security incident response.
Contact form inquiries: Retained for up to 1 year from submission.
Analytics data: Retained for up to 2 years in pseudonymised or anonymised form.

Third-Party Disclosure

Under PIPA Article 17, we disclose personal information to third parties only where one of the following applies:

You have given separate, specific consent for the disclosure;
Disclosure is required by law;
Disclosure is necessary to perform a contract to which you are a party.

Third-party processors we use include Vercel (hosting), Resend (email), Neon (database), PostHog (analytics), Google Analytics, Calendly (consultation scheduling), and Polar.sh (payment processing / merchant of record). Each operates under a data processing agreement. We do not sell personal information.

Your Rights Under PIPA

As a data subject under PIPA, you have the following rights:

Right of access (Article 35): To request disclosure of your personal information held by us.
Right to correction (Article 36): To request correction of inaccurate personal information.
Right to deletion (Article 36): To request deletion of personal information where there is no lawful basis for continued processing.
Right to suspension of processing (Article 37): To request that we stop processing your personal information in certain circumstances.
Right to data portability (Article 35-2, amended PIPA 2023): To receive your personal information in a structured, commonly used format.

To exercise any PIPA rights or to lodge a complaint, contact our DPO at privacy@faceifylabs.com with the subject line "PIPA Rights Request". You may also contact the Personal Information Protection Commission (PIPC) at www.pipc.go.kr or call 182.

14. India — Digital Personal Data Protection Act 2023 (DPDP Act)

If you are located in India, the Digital Personal Data Protection Act 2023 ("DPDP Act") applies to the processing of your personal data. Faceify Labs is incorporated as an India Pvt Ltd entity registered in Maharashtra, and as a Data Fiduciary we are subject to the obligations set out in this Act. This section supplements the general provisions of this Privacy Policy.

Consent and Legitimate Purpose

Under the DPDP Act, we process your personal data only for lawful purposes with your free, specific, informed, and unambiguous consent (Section 6), or on other grounds specified in the Act such as performance of a contract, compliance with a legal obligation, or a legitimate use notified by the Central Government. Where consent is the basis, we provide a clear and plain-language consent notice before or at the point of collection. You may withdraw consent at any time; withdrawal does not affect the lawfulness of processing carried out before withdrawal.

Data Fiduciary Obligations

As a Data Fiduciary, Faceify Labs is obligated to:

Process personal data only for the specific, clear, and lawful purpose for which consent was given;
Implement reasonable security safeguards to prevent personal data breaches;
Notify the Data Protection Board of India and affected Data Principals in the event of a personal data breach, as required under Section 8(6);
Erase personal data (and direct Data Processors to do likewise) once the purpose of processing is fulfilled or consent is withdrawn, unless retention is required by applicable law;
Ensure the accuracy and completeness of personal data that may be used to make decisions affecting Data Principals.

Your Rights as a Data Principal

As a Data Principal under the DPDP Act, you have the following rights:

Right of access (Section 11): To obtain a summary of your personal data being processed by us, the processing activities undertaken, and the identities of all Data Processors and third parties with whom your personal data has been shared.
Right to correction and erasure (Section 12): To request correction of inaccurate or misleading personal data, completion of incomplete data, and erasure of personal data no longer required for the purpose for which it was collected, subject to any legal retention obligations.
Right to grievance redressal (Section 13): To have your grievances redressed by us in a timely manner. You may contact our DPO at privacy@faceifylabs.com with the subject line "DPDP Grievance". We will acknowledge your request within 48 hours and respond substantively within 30 days.
Right to nominate (Section 14): To nominate another individual to exercise your rights in the event of your death or incapacity.

Data Protection Board of India

If your grievance is not resolved to your satisfaction by Faceify Labs, you have the right to file a complaint with the Data Protection Board of India (Section 27 of the DPDP Act). The Board is the statutory adjudicatory body established under the Act with authority to investigate complaints, issue directions, and impose financial penalties on Data Fiduciaries. Information on filing a complaint will be available on the Board's official portal once operationally established by the Central Government.

Cross-Border Data Transfers

The DPDP Act permits transfer of personal data outside India except to countries or territories restricted by the Central Government by notification under Section 16. Where we transfer your personal data to our third-party processors (such as Vercel, Neon, Resend, PostHog, Google, Calendly, and Polar.sh) operating outside India, we ensure that such transfers are to jurisdictions not on any restricted-country list notified under Section 16 of the DPDP Act. Each processor operates under a data processing agreement with Faceify Labs.

AI Photo Processing — cross-border transfer (Section 16): If you choose to use the opt-in AI photorealistic preview feature, your photograph will be transferred to Replicate, Inc. (United States) for processing. As of the date of this policy, the United States has not been notified as a restricted country under Section 16 of the DPDP Act. This transfer is therefore permissible under the DPDP Act provided that valid Section 6 consent has been obtained — which Faceify Labs collects through a dedicated consent screen before your first use of this feature. The consent screen specifically discloses: (a) what data is collected, (b) the purpose, (c) the identity of the third-party provider and its country, and (d) your right to withdraw consent. This satisfies the DPDP Act Section 6 requirements for free, specific, informed, and unambiguous consent.

IT Act 2000 / SPDI Rules 2011: Biometric data (including face photographs) constitutes Sensitive Personal Data or Information (SPDI) under the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011. Faceify Labs complies with these Rules by obtaining your consent before collecting your photograph for AI processing (Rule 5), disclosing the purpose and recipients (Rule 5(3)), and ensuring that Replicate provides equivalent data protection via contractual terms (Rule 7).

15. Brazil — Lei Geral de Proteção de Dados (LGPD)

If you are located in Brazil, the Lei Geral de Proteção de Dados Pessoais (Law No. 13,709/2018, "LGPD") applies to the processing of your personal data. This section supplements the general provisions of this Privacy Policy.

Legal Bases for Processing

Under the LGPD (Article 7), we process your personal data on one or more of the following legal bases:

Consent (Art. 7(I)): Where you have freely, informedly, and unambiguously agreed to the processing, such as when opting into analytics cookies, marketing communications, or creating an account. Consent may be withdrawn at any time.
Performance of a contract (Art. 7(V)): To provide you with access to your account, subscription, and simulation services as agreed.
Legitimate interest (Art. 7(IX)): For purposes such as platform security, fraud prevention, and improving product quality, where our legitimate interests do not override your fundamental rights and freedoms.
Compliance with a legal obligation (Art. 7(II)): Where processing is required to fulfil a legal or regulatory obligation imposed by Brazilian law.

Your Rights Under the LGPD

Under LGPD Article 18, you have the following rights with respect to your personal data:

Confirmation of existence of processing (Art. 18(I)): To obtain confirmation that we process your personal data.
Right of access (Art. 18(II)): To receive a copy of your personal data that we hold.
Right to correction (Art. 18(III)): To request correction of incomplete, inaccurate, or out-of-date data.
Anonymization, blocking, or deletion (Art. 18(IV)): To request anonymization, blocking, or deletion of unnecessary, excessive, or unlawfully processed data.
Data portability (Art. 18(V)): To receive your personal data in a structured, interoperable format for transfer to another service or product provider.
Deletion of consent-based data (Art. 18(VI)): To request deletion of personal data processed on the basis of your consent.
Information about third-party sharing (Art. 18(VII)): To receive information about public and private entities with which we have shared your personal data.
Right to consent revocation (Art. 18(IX)): To revoke consent at any time by a free and simplified procedure; revocation does not affect the lawfulness of processing carried out prior to revocation.

Supervisory Authority — ANPD

The Autoridade Nacional de Proteção de Dados (ANPD) is the Brazilian national supervisory authority responsible for overseeing and enforcing the LGPD. If you believe your rights under the LGPD have been violated and your complaint has not been resolved by Faceify Labs, you may file a complaint with the ANPD at www.gov.br/anpd.

International Data Transfers

Where your personal data is transferred to countries outside Brazil, we ensure adequate protection through one or more of the following safeguards as required by LGPD Article 33:

Transfer to countries or international organisations that provide a degree of personal data protection deemed adequate by the ANPD;
Standard contractual clauses or binding corporate rules that provide equivalent protections to those guaranteed by the LGPD;
Your specific and highlighted consent for the transfer, where required.

To exercise any LGPD rights, contact our privacy team at privacy@faceifylabs.com with the subject line "LGPD Rights Request". We will respond within 15 days, as required by Brazilian law.

16. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes by email. Continued use of the platform after the effective date of the updated policy constitutes acceptance of the changes.

17. Contact

For all privacy-related inquiries, data subject requests, or questions about this policy, contact our privacy team at privacy@faceifylabs.com.

How we handle your photos — plain language

2D Simulators (default)

AI Photo Processing (opt-in)

When you enable the photorealistic preview feature, your photo is transmitted to a third-party AI computing service to generate the preview. This requires your explicit consent before use.

1. Data Controller

2. What Data We Collect

We collect only the minimum data necessary to operate our platform:

Account information: Your name, email address, and professional credentials when you sign up for an account or request a demo.
Session cookies: A secure, httpOnly session cookie (fl-session) used to authenticate your account for up to 7 days. No tracking cookies are set without your consent.
Analytics: We use PostHog (EU-hosted) and Google Analytics 4 (US-hosted) to collect anonymised usage data such as page views, session duration, and feature interactions. This data does not include any patient images or facial data.
Contact form submissions: Any messages you send through our contact or demo-request forms, including your name, email, and message content.
Billing and subscription data: Payment-related records managed through our billing provider (Polar). We store subscription status, plan type, and transaction references. We do not store credit card numbers directly.
Consultation and lead data: If you request a consultation or express interest in a procedure, we store your contact details and inquiry to connect you with a surgeon.
Security audit logs: We log authentication events (login attempts, account changes) with IP address and user agent for security and fraud prevention.
Patient facial images: For 2D simulators (the default), all face processing runs entirely in your browser. No photographs are uploaded. For the optional AI photorealistic preview feature, your photo is transmitted to a third-party AI inference provider only with your explicit prior consent — see §9b below.

3. Legal Basis for Processing

Under GDPR Article 6, we rely on the following legal bases:

Legitimate interest (Art. 6(1)(f)): Analytics data collected to understand how our platform is used and to improve our services.
Performance of a contract (Art. 6(1)(b)): Account and authentication data processed to provide you with access to our platform and fulfil your subscription.
Consent (Art. 6(1)(a)): Marketing communications and optional analytics cookies, where you have explicitly opted in via our cookie consent banner.
Legal obligation (Art. 6(1)(c)): Data we are required to retain to comply with applicable law (e.g. tax and accounting records).
Explicit consent for sensitive data (Art. 9(2)(a)): Where you choose to use the AI photorealistic preview feature, we rely on your explicit, freely-given, separately-obtained consent to process your facial photograph as biometric data for that purpose. This consent is distinct from your account consent and can be withdrawn at any time from your account settings without affecting your access to the 2D simulation features.

4. Data Retention

Session data: Authentication sessions expire after 7 days of inactivity.
Analytics data: Retained for up to 2 years, then automatically deleted or anonymised.
Contact form inquiries: Retained for up to 1 year from the date of submission.
Account data: Retained while your account is active. When you delete your account, your data is permanently removed. Security audit logs (with email redacted to user ID only) are retained for compliance purposes.
2D simulation photos (standard): Not retained by default — all face processing is on-device. Nothing is stored on our servers unless you explicitly choose to save a simulation to your account, in which case the image is stored privately and access-controlled.
AI photo processing (opt-in): When you use the photorealistic preview feature with your consent, your photo is transmitted to our third-party inference provider and deleted within approximately one hour of processing, consistent with their published data retention policy. Faceify Labs does not store your photo server-side. Your consent record (timestamp and version) is retained while your account is active.
AI photo consent records: Retained while your account is active to demonstrate regulatory compliance. Deleted when your account is deleted.

5. Your Rights

Right of access: Request a copy of the personal data we hold about you.
Right to rectification: Ask us to correct inaccurate or incomplete data.
Right to erasure: Ask us to delete your personal data where there is no lawful basis for continued processing.
Right to data portability: Receive your data in a structured, machine-readable format and transfer it to another controller.
Right to object: Object to processing based on legitimate interests, including direct marketing.
Right to restrict processing: Ask us to limit how we use your data in certain circumstances.
Right to lodge a complaint: You have the right to complain to your local data protection supervisory authority. In the EU/EEA, this is the authority in your country of residence. In India, you may contact the Data Protection Board of India once operational under the Digital Personal Data Protection Act 2023. In Brazil, you may contact the ANPD (Autoridade Nacional de Proteção de Dados) at www.gov.br/anpd.

To exercise any of these rights, email privacy@faceifylabs.com. We will respond within 30 days.

6. California Residents — CCPA / CPRA Rights

Right to know / access (Cal. Civ. Code §1798.100): You may request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of that information, the business purposes for collecting it, and the categories of third parties with whom we share it.
Right to delete (§1798.105): You may request that we delete personal information we have collected from you, subject to certain exceptions permitted by law (e.g., information needed to complete a transaction or comply with a legal obligation).
Right to correct (§1798.106, CPRA): You may request that we correct inaccurate personal information we maintain about you.
Right to opt out of sale or sharing: Faceify Labs does not sell your personal information to third parties, nor do we share it for cross-context behavioural advertising. No opt-out action is required, but you may contact us to confirm this at any time.
Right to non-discrimination (§1798.125): We will not discriminate against you for exercising any of your CCPA / CPRA rights. You will not receive a different quality of service or be charged a different price as a result of exercising these rights.

7. Data Security

8. Third-Party Services & International Data Transfers

We use the following third-party processors. Where data is transferred outside the EEA, we rely on Standard Contractual Clauses (SCCs) or equivalent safeguards as required by GDPR Chapter V:

PostHog — Product analytics. Data stored on EU-hosted infrastructure (Frankfurt). No patient data.
Google Analytics 4 — Web analytics. Data transferred to the US under Standard Contractual Clauses. IP addresses are anonymised. No patient data.
Vercel — Hosting and edge delivery. Data may be processed in the US under Standard Contractual Clauses.
Resend — Transactional email delivery (authentication codes, account notifications). Processes your email address only.
Cerebras — AI inference API used for the in-platform clinical chatbot. No patient images or simulation data are sent to this service.
Neon (PostgreSQL) — Database hosting for account and subscription data.
Calendly— Self-serve consultation / demo scheduling. When you click a “Book a Demo” or “Book a Consultation” button, Calendly receives your name, email address, and selected time slot. Data is stored on Calendly's infrastructure; their privacy policy is at calendly.com/privacy.
Polar.sh — Merchant of record for all subscription billing and one-time Patient Pass purchases. Polar handles payment processing, invoicing, tax collection (VAT / GST where applicable), refunds, and chargeback handling on our behalf. Their terms and privacy policy govern the transaction itself; ours governs access rights. See polar.sh/legal/privacy.
Replicate (AI inference — opt-in only)— When you choose to use the photorealistic preview feature and provide explicit consent, your photograph is transmitted to Replicate, Inc. (a US-based AI computing service, replicate.com) to generate a photorealistic simulation preview. Replicate does not retain your photo beyond the processing period (approximately one hour) and does not use your data to train AI models, per their published Terms of Service and Data Processing Agreement. For EU/EEA users, transfers are covered by Standard Contractual Clauses (Module 2). For Indian users, this transfer is disclosed as part of your DPDP Act Section 6 consent. This service is only used when you have explicitly opted in — it is never activated during standard 2D simulation sessions. Replicate's privacy policy is at replicate.com/privacy.

Each processor operates under its own privacy policy and a data processing agreement with Faceify Labs. Links to their privacy policies are available on request at privacy@faceifylabs.com.

9. Simulation Photo Processing

9a. On-Device Processing (2D Simulators — default)

9b. AI Photo Processing — Photorealistic Preview (opt-in, consent required)

When you enable the photorealistic preview feature (“AI Preview”), the following processing occurs:

What is collected and transmitted: Your face photograph (as you uploaded it for simulation), along with the procedure type and slider parameter values you have selected, is transmitted over HTTPS to Replicate, Inc., a US-based AI computing service. Before transmission, image metadata (including any EXIF data such as GPS location coordinates, device identifiers, and capture timestamps) is stripped server-side to ensure only the pixel content required for generation is sent.
Purpose: To generate a photorealistic visualization of the selected cosmetic procedure on your photograph using AI image generation models. This is an aesthetic visualization only and does not constitute a medical prediction, diagnosis, or guaranteed surgical outcome. Individual results vary. Consult your surgeon.
Who receives your photo: Replicate, Inc. (replicate.com), incorporated in the United States. Replicate processes your photo solely to generate the preview and does not retain it beyond the processing period (approximately one hour), consistent with their published Data Retention Policy. Replicate does not use your photo to train AI models.
Cross-border transfer disclosure (DPDP Act §16): If you are located in India, your photo will be transferred to Replicate's servers in the United States. As of the date of this policy, the United States is not on any restricted-country list notified by the Central Government under Section 16 of the Digital Personal Data Protection Act 2023. This transfer is permitted subject to your informed consent under Section 6 of the DPDP Act, which is collected separately before your first use of this feature.
GDPR — EU/EEA users: Transfer to Replicate (US) is conducted under Standard Contractual Clauses (Module 2, controller to processor) pursuant to GDPR Chapter V. The legal basis for processing your facial photograph as biometric data is your explicit consent under GDPR Art. 9(2)(a), obtained as a standalone, granular consent request before any photo is transmitted. You may withdraw this consent at any time from your account settings.
EU AI Act Art. 50 (applicable from August 2026): AI-generated preview images are labeled as AI-generated visualizations and do not represent guaranteed surgical outcomes. The disclaimer “AI-generated simulation. Not a medical prediction. Individual results vary. Consult your surgeon.” appears adjacent to every generated preview.
US users — geographic restriction: The photorealistic AI preview feature is currently unavailable to users accessing the platform from US IP addresses, pending implementation of a fully BIPA-compliant (Illinois Biometric Information Privacy Act) consent flow. This restriction is enforced at the API level. US users continue to have full access to all 2D on-device simulation features.
Retention: Faceify Labs does not store your photo on its own servers at any point during AI preview generation. The photo is transmitted in transit only. Replicate deletes processing inputs within approximately one hour. Your consent record (timestamp and consent text version) is stored in your account and deleted when you delete your account.
Your rights:You may withdraw your consent to AI photo processing at any time from your account settings (“AI Photo Processing” section). Withdrawal does not affect the lawfulness of processing already carried out. After withdrawal, you revert to the 2D on-device simulation path. To request deletion of your consent record, email privacy@faceifylabs.com.
Training data:Your photo and the generated preview are not used to train any AI model — neither by Faceify Labs nor by Replicate, per Replicate's published Terms of Service.

10. Cookies

11. Data Protection Officer

DPO Contact: privacy@faceifylabs.com

12. Thailand — Personal Data Protection Act (PDPA)

Lawful Basis for Processing

We process your personal data under the following lawful bases recognised by the PDPA:

Consent (Section 19): Where you have explicitly agreed to the processing, such as when opting into analytics cookies, marketing communications, or creating an account. You may withdraw consent at any time without affecting the lawfulness of prior processing.
Legitimate interest (Section 24(5)): For purposes such as platform security, fraud prevention, and product analytics, where our legitimate interests are not overridden by your rights and freedoms.
Performance of a contract (Section 24(3)): To provide you with access to your account, subscription, and simulation services as agreed.
Legal obligation (Section 24(2)): Where processing is required to comply with Thai law or other applicable legal obligations.

Your Rights Under the PDPA

As a data subject under the PDPA, you have the following rights:

Right to be informed (Section 23): To be told how your data is processed before or at the time of collection.
Right of access (Section 30): To obtain a copy of your personal data and information about how it is used.
Right to data portability (Section 31): To receive your personal data in a machine-readable format where technically feasible.
Right to object (Section 32): To object to processing based on legitimate interest at any time.
Right to erasure (Section 33): To request deletion of your personal data when it is no longer necessary or when you withdraw consent, subject to legal exceptions.
Right to restrict processing (Section 34): To request suspension of processing in certain circumstances.
Right to rectification (Section 35): To request correction of inaccurate or incomplete personal data.
Right to withdraw consent (Section 19): To withdraw previously given consent at any time.

Cross-Border Data Transfers

Where your personal data is transferred to countries outside Thailand, we ensure adequate protection through one or more of the following mechanisms as required by PDPA Section 28:

Transfer to countries with an adequate level of personal data protection as recognised by the Thai Personal Data Protection Committee;
Standard contractual clauses or binding corporate rules providing equivalent protections;
Your explicit consent for the specific transfer, where required.

To exercise any PDPA rights, contact our DPO at privacy@faceifylabs.com with the subject line "PDPA Rights Request".

13. South Korea — Personal Information Protection Act (PIPA)

If you are located in South Korea, the Personal Information Protection Act ("PIPA", 개인정보 보호법) applies. This section supplements the general provisions of this Privacy Policy.

Retention Periods

Under PIPA Article 21, personal information must be destroyed without delay once the purpose of collection is fulfilled. Our specific retention periods are:

Account data: Retained while your account is active. Deleted within 30 days of account closure, except where retention is required by law.
Session and authentication data: Expires after 7 days of inactivity.
Transaction and billing records: Retained for 5 years as required under the Act on Consumer Protection in Electronic Commerce.
Security audit logs: Retained for up to 1 year for fraud prevention and security incident response.
Contact form inquiries: Retained for up to 1 year from submission.
Analytics data: Retained for up to 2 years in pseudonymised or anonymised form.

Third-Party Disclosure

Under PIPA Article 17, we disclose personal information to third parties only where one of the following applies:

You have given separate, specific consent for the disclosure;
Disclosure is required by law;
Disclosure is necessary to perform a contract to which you are a party.

Your Rights Under PIPA

As a data subject under PIPA, you have the following rights:

Right of access (Article 35): To request disclosure of your personal information held by us.
Right to correction (Article 36): To request correction of inaccurate personal information.
Right to deletion (Article 36): To request deletion of personal information where there is no lawful basis for continued processing.
Right to suspension of processing (Article 37): To request that we stop processing your personal information in certain circumstances.
Right to data portability (Article 35-2, amended PIPA 2023): To receive your personal information in a structured, commonly used format.

14. India — Digital Personal Data Protection Act 2023 (DPDP Act)

Consent and Legitimate Purpose

Data Fiduciary Obligations

As a Data Fiduciary, Faceify Labs is obligated to:

Process personal data only for the specific, clear, and lawful purpose for which consent was given;
Implement reasonable security safeguards to prevent personal data breaches;
Notify the Data Protection Board of India and affected Data Principals in the event of a personal data breach, as required under Section 8(6);
Erase personal data (and direct Data Processors to do likewise) once the purpose of processing is fulfilled or consent is withdrawn, unless retention is required by applicable law;
Ensure the accuracy and completeness of personal data that may be used to make decisions affecting Data Principals.

Your Rights as a Data Principal

As a Data Principal under the DPDP Act, you have the following rights:

Right of access (Section 11): To obtain a summary of your personal data being processed by us, the processing activities undertaken, and the identities of all Data Processors and third parties with whom your personal data has been shared.
Right to correction and erasure (Section 12): To request correction of inaccurate or misleading personal data, completion of incomplete data, and erasure of personal data no longer required for the purpose for which it was collected, subject to any legal retention obligations.
Right to grievance redressal (Section 13): To have your grievances redressed by us in a timely manner. You may contact our DPO at privacy@faceifylabs.com with the subject line "DPDP Grievance". We will acknowledge your request within 48 hours and respond substantively within 30 days.
Right to nominate (Section 14): To nominate another individual to exercise your rights in the event of your death or incapacity.

Data Protection Board of India

Cross-Border Data Transfers

15. Brazil — Lei Geral de Proteção de Dados (LGPD)

Legal Bases for Processing

Under the LGPD (Article 7), we process your personal data on one or more of the following legal bases:

Consent (Art. 7(I)): Where you have freely, informedly, and unambiguously agreed to the processing, such as when opting into analytics cookies, marketing communications, or creating an account. Consent may be withdrawn at any time.
Performance of a contract (Art. 7(V)): To provide you with access to your account, subscription, and simulation services as agreed.
Legitimate interest (Art. 7(IX)): For purposes such as platform security, fraud prevention, and improving product quality, where our legitimate interests do not override your fundamental rights and freedoms.
Compliance with a legal obligation (Art. 7(II)): Where processing is required to fulfil a legal or regulatory obligation imposed by Brazilian law.

Your Rights Under the LGPD

Under LGPD Article 18, you have the following rights with respect to your personal data:

Confirmation of existence of processing (Art. 18(I)): To obtain confirmation that we process your personal data.
Right of access (Art. 18(II)): To receive a copy of your personal data that we hold.
Right to correction (Art. 18(III)): To request correction of incomplete, inaccurate, or out-of-date data.
Anonymization, blocking, or deletion (Art. 18(IV)): To request anonymization, blocking, or deletion of unnecessary, excessive, or unlawfully processed data.
Data portability (Art. 18(V)): To receive your personal data in a structured, interoperable format for transfer to another service or product provider.
Deletion of consent-based data (Art. 18(VI)): To request deletion of personal data processed on the basis of your consent.
Information about third-party sharing (Art. 18(VII)): To receive information about public and private entities with which we have shared your personal data.
Right to consent revocation (Art. 18(IX)): To revoke consent at any time by a free and simplified procedure; revocation does not affect the lawfulness of processing carried out prior to revocation.

Supervisory Authority — ANPD

International Data Transfers

Where your personal data is transferred to countries outside Brazil, we ensure adequate protection through one or more of the following safeguards as required by LGPD Article 33:

Transfer to countries or international organisations that provide a degree of personal data protection deemed adequate by the ANPD;
Standard contractual clauses or binding corporate rules that provide equivalent protections to those guaranteed by the LGPD;
Your specific and highlighted consent for the transfer, where required.

To exercise any LGPD rights, contact our privacy team at privacy@faceifylabs.com with the subject line "LGPD Rights Request". We will respond within 15 days, as required by Brazilian law.

16. Changes to This Policy

17. Contact

For all privacy-related inquiries, data subject requests, or questions about this policy, contact our privacy team at privacy@faceifylabs.com.