DermaPrime logoDermaPrime — Skin Intelligence
Try the app

GDPR Compliance Notice

Last updated: June 19, 2026

DermaPrime is designed with GDPR principles in mind: lawfulness, fairness and transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality, and accountability.

1. Lawful bases

  • Explicit consent for processing skin images and health-related inferences (Art. 9(2)(a)).
  • Contract for providing the Service (Art. 6(1)(b)).
  • Legal obligation for tax, accounting, and security incident records (Art. 6(1)(c)).
  • Legitimate interest, balanced against your rights, for fraud prevention and product security (Art. 6(1)(f)).

2. Your rights

  • Access — receive a copy of your data.
  • Rectification — correct inaccurate data.
  • Erasure — delete your data ("right to be forgotten").
  • Portability — export your data in a machine-readable format.
  • Restriction and objection — limit or object to certain processing.
  • Withdraw consent at any time without affecting prior lawful processing.
  • Lodge a complaint with your national data protection authority.

3. How to exercise your rights

Use the in-app Account → Privacy page to export or delete your data, or submit a request via our Contact & Privacy Requests page. We respond within one month and may extend by two further months for complex requests.

4. International transfers

Where data leaves the EEA, we rely on Standard Contractual Clauses and additional safeguards where required.

5. Data Protection Officer

You can reach our Data Protection contact at dpo@dermaprime.app.

6. Data breaches

Where a personal data breach is likely to result in a risk to your rights and freedoms, we notify the competent supervisory authority within 72 hours and affected users without undue delay.