Skip to main content
Faceify Labs

Loading...

Faceify Labs

เครื่องมือแสดงตัวอย่างการผ่าตัดด้วย AI สำหรับศัลยแพทย์พลาสติก ช่วยผู้ป่วยมองเห็นผลลัพธ์ที่เป็นไปได้ จัดความคาดหวัง และตัดสินใจอย่างมีข้อมูล

แพลตฟอร์ม

  • หัตถการทั้งหมด
  • จำลอง AI
  • เทคโนโลยี
  • ความไว้วางใจและความเป็นส่วนตัว
  • ราคา
  • ทะเบียนศัลยแพทย์
  • กรณีการใช้งาน
  • เรื่องราวของเรา
  • Partner Program

สำรวจ

  • ศัลยกรรมจมูก
  • ศัลยกรรมเปลือกตา
  • ยกหน้า
  • คำถามที่พบบ่อย
  • แกลเลอรีเคส
  • การปรึกษา

สนับสนุน

WhatsApp ด่วนceo@faceifylabs.compartners@faceifylabs.com
ความเป็นส่วนตัวเป็นอันดับแรก — ไม่มีการอัปโหลดขึ้นคลาวด์

© 2026 Faceify Labs. สงวนลิขสิทธิ์

นโยบายความเป็นส่วนตัวข้อกำหนดการใช้บริการ
Legal

Privacy Policy

Last updated: March 2026

1. Data Controller

The data controller for your personal information is Faceify Labs. For all privacy-related inquiries, please contact us at privacy@faceifylabs.com.

2. What Data We Collect

We collect only the minimum data necessary to operate our platform:

  • Account information: Your name, email address, and professional credentials when you sign up for an account or request a demo.
  • Session cookies: A secure, httpOnly session cookie (fl-session) used to authenticate your account for up to 30 days. No tracking cookies are set without your consent.
  • Analytics: We use PostHog (EU-hosted) and Google Analytics 4 (US-hosted) to collect anonymised usage data such as page views, session duration, and feature interactions. This data does not include any patient images or facial data.
  • Contact form submissions: Any messages you send through our contact or demo-request forms, including your name, email, and message content.
  • Patient facial images — none collected: All face processing for surgical simulation is performed entirely in your browser using client-side AI models. No patient photographs, facial landmarks, or simulation results are ever transmitted to or stored on our servers.

3. Legal Basis for Processing

Under GDPR Article 6, we rely on the following legal bases:

  • Legitimate interest (Art. 6(1)(f)): Analytics data collected to understand how our platform is used and to improve our services.
  • Performance of a contract (Art. 6(1)(b)): Account and authentication data processed to provide you with access to our platform and fulfil your subscription.
  • Consent (Art. 6(1)(a)): Marketing communications and optional analytics cookies, where you have explicitly opted in via our cookie consent banner.
  • Legal obligation (Art. 6(1)(c)): Data we are required to retain to comply with applicable law (e.g. tax and accounting records).

4. Data Retention

  • Session data: Authentication sessions expire after 30 days of inactivity.
  • Analytics data: Retained for up to 2 years, then automatically deleted or anonymised.
  • Contact form inquiries: Retained for up to 1 year from the date of submission.
  • Account data: Retained while your account is active, and for up to 90 days after deletion to allow recovery.
  • Patient simulation data: Not retained — all face processing is on-device and nothing is stored on our servers.

5. Your Rights

Under GDPR (and similar applicable laws), you have the following rights in relation to your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Ask us to correct inaccurate or incomplete data.
  • Right to erasure: Ask us to delete your personal data where there is no lawful basis for continued processing.
  • Right to data portability: Receive your data in a structured, machine-readable format and transfer it to another controller.
  • Right to object: Object to processing based on legitimate interests, including direct marketing.
  • Right to restrict processing: Ask us to limit how we use your data in certain circumstances.
  • Right to lodge a complaint: You have the right to complain to your local data protection supervisory authority. In the EU/EEA, this is the authority in your country of residence. In India, you may contact the Data Protection Board of India once operational under the Digital Personal Data Protection Act 2023.

To exercise any of these rights, email privacy@faceifylabs.com. We will respond within 30 days.

6. Data Security

We implement industry-standard security measures to protect your information, including TLS 1.3 encryption in transit, httpOnly and secure cookies, and access controls on all server-side data. Our platform is built with HIPAA and GDPR privacy principles in mind.

7. Third-Party Services & International Data Transfers

We use the following third-party processors. Where data is transferred outside the EEA, we rely on Standard Contractual Clauses (SCCs) or equivalent safeguards as required by GDPR Chapter V:

  • PostHog — Product analytics. Data stored on EU-hosted infrastructure (Frankfurt). No patient data.
  • Google Analytics 4 — Web analytics. Data transferred to the US under Standard Contractual Clauses. IP addresses are anonymised. No patient data.
  • Vercel — Hosting and edge delivery. Data may be processed in the US under Standard Contractual Clauses.
  • Resend — Transactional email delivery (authentication codes, account notifications). Processes your email address only.
  • Google AI / OpenAI / Groq — AI APIs used for the in-platform clinical chatbot. No patient images or simulation data are sent to these services.
  • Neon (PostgreSQL) — Database hosting for account and subscription data.

Each processor operates under its own privacy policy and a data processing agreement with Faceify Labs. Links to their privacy policies are available on request at privacy@faceifylabs.com.

8. No Patient Image Uploads — On-Device Processing

Patient photos never leave the device.All facial image processing for surgical simulation — including MediaPipe face mesh detection, landmark computation, and simulation rendering — is performed entirely in the user's browser using client-side WebAssembly and WebGL. No patient photographs, biometric data, facial landmark coordinates, or simulation results are transmitted to or stored on Faceify Labs servers or any third-party server.

This architecture means that for simulation use, no Protected Health Information (PHI) as defined under HIPAA, and no biometric personal data as defined under GDPR Article 9, is processed by Faceify Labs.

9. Cookies

We use strictly necessary cookies (session authentication) which do not require consent. We use analytics cookies (PostHog, Google Analytics) only with your explicit consent, managed through our cookie consent banner. You can withdraw consent at any time by clearing cookies in your browser or adjusting your preferences in the consent banner.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes by email. Continued use of the platform after the effective date of the updated policy constitutes acceptance of the changes.

11. Contact

For all privacy-related inquiries, data subject requests, or questions about this policy, contact our privacy team at privacy@faceifylabs.com.