Privacy Policy

Scope

This Privacy Policy explains how Estetix, Inc. collects, uses, stores, and shares information when you use Estetix websites, clinic discovery experiences, clinic-specific AI assistants, embedded widgets, dashboards, checkout flows, and related services.

Estetix operates several product surfaces, including the business ecosystem at co.estetix.chat, the patient discovery layer at estetix.chat, clinic-specific assistants on *.estetix.chat, and supporting infrastructure services.

Information We Collect

• Clinic application and business information, including name, email address, clinic name, role, website, location, treatment categories, messages, onboarding details, and other information submitted through forms or support channels.
• Patient discovery information, including questions, treatment intent, city or location preferences, search refinements, optional photo-analysis inputs, device/session metadata, rate-limit signals, and interaction events. The global estetix.chat discovery layer is designed not to collect patient names, WhatsApp numbers, or contact details.
• Clinic-specific assistant information, including chat messages, optional facial images for non-diagnostic aesthetic analysis, name, WhatsApp number, intent, booking preferences, and other details a patient chooses to provide so a clinic can follow up.
• Account, access, and dashboard information, including user email, clinic membership status, role, profile changes, invitation status, audit events, and authentication/session metadata.
• Technical and analytics information, including IP address, browser and device data, pages viewed, referring URLs, cookies or local storage entries, fraud prevention signals, performance logs, and analytics events.
• Payment and subscription information processed through Stripe. Estetix does not store complete card numbers on its own servers.

Photos And AI Analysis

When a user chooses to submit or capture a facial image, Estetix uses it for non-diagnostic aesthetic pattern analysis and product functionality. The platform is designed to process patient images in memory through short-lived analysis workflows and to discard images after analysis by default.

Photo analysis is not a medical diagnosis, clinical evaluation, prescription, or treatment recommendation. Users should consult a qualified medical professional before making any clinical decision.

How We Use Information

• Provide, secure, maintain, and improve the Estetix platform.
• Operate patient discovery, clinic matching, AI consultation, lead capture, WhatsApp or CRM routing, booking workflows, dashboards, and support.
• Review clinic applications, manage memberships, configure clinic-specific AI knowledge, and provide onboarding.
• Process billing, subscriptions, invoices, refunds, and account administration.
• Monitor quality, search relevance, zero-result patterns, latency, abuse prevention, rate limits, and platform reliability.
• Generate analytics and improve AI workflows using aggregated or de-identified interaction patterns without exposing clinic-specific confidential data.
• Comply with legal obligations, enforce terms, prevent fraud, and protect users, clinics, Estetix, and the public.

Service Providers And Sharing

Estetix may share information with infrastructure and service providers that help us operate the platform, including hosting, database, analytics, AI orchestration, knowledge retrieval, payment, email, security, and support providers. Current platform infrastructure described in the product documentation includes Vercel, Supabase, Hyppe, Stripe, Google Analytics, and email delivery providers.

For clinic-specific flows, Estetix may route patient-provided contact and intent details to the selected clinic, its configured WhatsApp, CRM, booking system, or authorized staff so the clinic can respond to the patient.

We may disclose information if required by law, to enforce our agreements, to protect rights and safety, in connection with corporate transactions, or with user consent.

Cookies And Local Storage

Estetix uses cookies, local storage, and similar technologies for session continuity, analytics, security, bot protection, preferences, and product behavior. For example, clinic assistant flows may store local metadata such as whether a lead capture prompt has already been shown or completed.

Retention

We retain information for as long as needed to provide the services, operate clinic accounts, satisfy legal and accounting obligations, resolve disputes, enforce agreements, maintain security, and improve platform reliability. Retention periods vary by data type, product surface, legal requirement, and clinic configuration.

Security

Estetix uses technical and organizational safeguards designed to protect information, including HTTPS/TLS in transit, encrypted storage where supported by our infrastructure providers, tenant-aware access controls, authentication controls for dashboards, audit logging, and restricted service-role operations.

No internet service can be guaranteed to be completely secure. Users and clinics are responsible for protecting their own account credentials, devices, and authorized integrations.

International And Regional Rights

Depending on location, users may have rights to access, correct, delete, restrict, object to, or receive a copy of their personal information. Estetix is designed to support region-specific privacy requirements, including GDPR in Europe and Law 1581 / Habeas Data in Colombia where applicable.

To make a privacy request, contact Estetix through the Contact page. We may need to verify identity and authority before acting on a request.

Children

The Estetix platform is not intended for children or minors. Users should not submit personal information or facial images for minors without appropriate authority and clinical context.

Changes

We may update this Privacy Policy as the platform, legal requirements, or operating practices change. The updated version will be posted on this page with a revised date.