Privacy Policy – SeasonID

Last updated: [date]

1. General information

1. The controller of personal data is SeasonID (“Controller”).
2. Contact regarding data protection: hello@seasonid.com.
3. This Privacy Policy explains how personal data is processed in connection with the SeasonID website at [seasonid.com].

2. Categories of personal data

We may process the following data:

• email address,
• uploaded photo,
• contact form content,
• technical data (IP address, browser type, device),
• consent records.

3. Purposes and legal bases of processing

3.1. Provision of the Service

• Purpose: delivery of personal color analysis and report
• Legal basis: Article 6(1)(b) GDPR (performance of a contract)

3.2. Communication

• Purpose: responding to inquiries
• Legal basis: Article 6(1)(f) GDPR (legitimate interest)

3.3. Payments

• Purpose: processing payments
• Legal basis: Article 6(1)(b) GDPR
• Provider: Stripe Payments Europe Ltd.

3.4. Training and improving automated analysis models (AI / ML)

• Purpose: development and improvement of automated color analysis models
• Scope: user-uploaded photos
• Legal basis: Article 6(1)(a) GDPR (explicit consent)

This consent:

• is not required to use the Service,
• can be withdrawn at any time,
• is recorded with a timestamp.

4. Biometric data

Uploaded photos may include facial images. The Controller does not process biometric data for the purpose of uniquely identifying individuals within the meaning of Article 9 GDPR.

5. Data retention

Personal data is retained:

• for the duration of the Service,
• as required to comply with legal obligations,
• for AI/ML purposes until consent is withdrawn or data is anonymized.

6. Data recipients

Data may be shared with:

• IT and hosting providers,
• payment service providers,
• email service providers.

Personal data is not sold or shared for marketing purposes.

7. International data transfers

Where data is transferred outside the EU or UK, appropriate safeguards are applied, including standard contractual clauses.

8. Data subject rights

Users have the right to:

• access their data,
• rectification,
• erasure,
• restriction of processing,
• data portability,
• withdraw consent at any time,
• lodge a complaint with a supervisory authority.

9. Cookies

The website uses cookies for:

• technical purposes,
• analytics,
• security.

Details are described in the Cookie Policy.

10. Data security

Appropriate technical and organizational measures are applied to protect personal data.

11. Changes to this Privacy Policy

This Privacy Policy may be updated. The current version is always available on the website.