Privacy Policy

At Braidery, your privacy isn't just important to us—it's fundamental to who we are. As a platform built for inclusion and empowerment, we understand that trust is earned through transparency and respect for your personal information.

This Privacy Policy explains in clear, straightforward language how we collect, use, and protect your information when you use Braidery. We've designed our privacy practices with your rights and dignity in mind, ensuring that your hair journey remains yours to control.

**What makes our approach different:** • We collect only what's necessary to provide you with exceptional service • You have complete control over your hair photos and personal data • We never sell your information to third parties • Our AI learns from your data to help you, not to profit from you

By using Braidery, you're joining a community that values your privacy as much as your hair journey.

We collect several types of information from and about users of our Service:

**Personal Information:** • Name, email address, and phone number • Profile photos and hair analysis images • Location data (when you enable location services) • Payment information (processed securely through third-party providers) • Communication preferences and settings

**Hair Journey Data:** • Hair type, texture, and condition information • Hair care routine logs and product usage • Progress photos and analysis results • Service booking history and preferences

**Technical Information:** • Device information (type, operating system, unique device identifiers) • Usage data and app analytics • Log files and crash reports • IP address and browser information (for website users)

**Business User Information:** • Professional credentials and certifications • Business address and contact information • Service offerings and pricing • Portfolio images and work samples • Customer reviews and ratings

We use the information we collect for various purposes:

**Service Provision:** • Provide and maintain our Service • Process bookings and facilitate appointments • Enable communication between clients and service providers • Provide AI-powered hair analysis and recommendations

**Personalization:** • Customize your experience based on preferences • Provide personalized hair care recommendations • Show relevant services and stylists in your area • Send targeted notifications and updates

**Business Operations:** • Process payments and manage transactions • Provide customer support and respond to inquiries • Analyze usage patterns to improve our Service • Conduct research and development

**Legal and Safety:** • Comply with legal obligations • Protect against fraud and abuse • Enforce our Terms of Service • Resolve disputes and investigate complaints

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

**Service Providers:** • Third-party companies that help us operate our Service (payment processors, cloud storage, analytics) • These providers are bound by confidentiality agreements and can only use your information for specified purposes

**Business Users:** • When you book a service, we share necessary information with the service provider (name, contact information, service details) • Your hair profile may be shared with stylists to provide better service recommendations

**Legal Requirements:** • When required by law, regulation, or legal process • To protect our rights, property, or safety, or that of our users • In connection with a merger, acquisition, or sale of assets

**With Your Consent:** • Any other sharing will only occur with your explicit consent

We retain your personal information for as long as necessary to: • Provide our Service to you • Comply with legal obligations • Resolve disputes and enforce agreements

**Specific Retention Periods:** • Account information: Retained while your account is active and for 3 years after deletion • Hair journey data: Retained for 5 years or until you request deletion • Payment information: Retained as required by financial regulations (typically 7 years) • Communication records: Retained for 2 years for customer service purposes

You can request deletion of your personal information at any time by contacting us at privacy@braidery.com.

We implement appropriate technical and organizational measures to protect your personal information:

**Technical Safeguards:** • Encryption of data in transit and at rest • Secure server infrastructure with regular security updates • Multi-factor authentication for administrative access • Regular security audits and penetration testing

**Organizational Measures:** • Employee training on data protection • Access controls limiting who can view personal information • Data processing agreements with all third-party providers • Incident response procedures for data breaches

**Payment Security:** • PCI DSS compliant payment processing • No storage of full credit card numbers • Tokenization of payment information • Fraud detection and prevention systems

You have several rights regarding your personal information:

**Access and Portability:** • Request a copy of your personal information • Export your hair journey data • Receive information about how we process your data

**Correction and Updates:** • Update your profile information at any time • Correct inaccurate information • Complete incomplete information

**Deletion and Restriction:** • Request deletion of your personal information • Restrict processing of your data • Object to certain types of processing

**Communication Preferences:** • Opt out of marketing communications • Adjust notification settings • Choose communication channels

**Location Data:** • Enable or disable location services • Clear location history • Use the app without location data

To exercise these rights, contact us at privacy@braidery.com or use the settings in your app.

Our website uses cookies and similar tracking technologies:

**Types of Cookies:** • Essential cookies: Required for basic website functionality • Analytics cookies: Help us understand how you use our website • Preference cookies: Remember your settings and preferences • Marketing cookies: Used to show relevant advertisements

**Third-Party Services:** • Google Analytics for website analytics • Social media plugins for sharing content • Payment processors for secure transactions

**Your Choices:** • You can control cookies through your browser settings • Opt out of analytics tracking through Google Analytics opt-out • Disable social media tracking through platform settings

Note that disabling certain cookies may affect website functionality.

Braidery is based in Norway, and we process data in accordance with Norwegian and EU data protection laws. Your information may be transferred to and processed in countries outside your residence, including:

• Norway (our primary data processing location)
• European Union (for EU-based service providers)
• United States (for certain cloud services and analytics)

When we transfer data internationally, we ensure appropriate safeguards: • Standard Contractual Clauses (SCCs) for EU transfers • Adequacy decisions for transfers to approved countries • Additional security measures for transfers to other countries

All international transfers comply with applicable data protection laws.

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@braidery.com. We will take steps to remove such information from our systems.

If we become aware that we have collected personal information from a child under 16 without parental consent, we will take steps to delete that information promptly.

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make changes:

• We will post the updated Privacy Policy on our website
• We will notify you through the app or by email for significant changes
• The "Last Updated" date will be revised
• Continued use of our Service after changes constitutes acceptance

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

**C. Gamman AS** Email: privacy@braidery.com Support: support@braidery.com Website: https://braidery.com

**Data Protection Officer:** For EU residents, you can contact our Data Protection Officer at: dpo@braidery.com

**Regulatory Authority:** If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.

**Norwegian Data Protection Authority (Datatilsynet)** Website: https://www.datatilsynet.no Email: postkasse@datatilsynet.no