Privacy Policy

SkinExpert pays special attention to protecting your personal data and respects your privacy. This Privacy Policy explains how we collect, use, store and protect your personal information in accordance with the General Data Protection Regulation (GDPR).

The data controller for your personal data is: SkinExpert SARL 1 Rue Bon Secours 44000 Nantes, France Email: privacy@skinexpert.com Phone: +33 7 67 37 49 02

We collect the following types of personal data: 2.1. Data you provide directly: • First and last name • Email address • Phone number • Skin type and health information (with consent) • Treatment history • Care preferences 2.2. Automatically collected data: • IP address • Browser and device type • Pages visited • Date and time of visits 2.3. Booking data: • Selected service and date • Payment data (processed through secure systems) • Special requests

We use your data for: 3.1. Service provision: • Process bookings • Provide personalized treatments • Send confirmations and reminders • Process payments 3.2. Communication: • Answer your questions • Send important information • Change notifications 3.3. Marketing (with consent): • Inform about new services • Personalized recommendations • Special offers for loyal customers 3.4. Service improvement: • Analyze effectiveness • Improve user experience • Anonymized statistics

We process your data based on: • Contract performance: to provide requested services • Consent: for marketing communications • Legitimate interests: to improve our services • Legal obligations: accounting and tax compliance

We do not sell your data. We only share it with: 5.1. Service providers: • Payment systems (PayPal, Stripe) • Email services • Hosting provider (Timeweb Cloud) All comply with GDPR. 5.2. Legal requirements: Disclosure if required by law.

Some providers are outside EEA. We ensure: • EU standard contractual clauses • Adequate data protection • Transfer minimization

Security measures: • SSL/TLS encryption • Secure servers • Limited access to authorized personnel • Regular backups • Incident procedures

We retain your data: • Active clients: duration of relationship • Bookings: 3 years (accounting obligations) • Marketing: until consent withdrawal or 3 years of inactivity • Analytics: anonymized form unlimited

Under GDPR, you have the rights to: • Access: obtain copy of your data • Rectification: correct inaccurate data • Erasure: right to be forgotten • Restriction: limit processing • Portability: receive your data • Object: refuse marketing processing • Withdraw consent Contact us: privacy@skinexpert.com

Our site uses cookies. Details in our Legal Notice. You can disable cookies in your browser.

Services for 18+ years. We do not knowingly collect data from minors. For 16-18 years: parental consent required.

We do not use automated decision-making or profiling. All decisions made individually by our specialists.

We may update this policy. Notification of important changes by email or on site. Update date at beginning of document.

If your rights are violated, you can file a complaint with: CNIL (Commission Nationale de l'Informatique et des Libertés) 3 Place de Fontenoy, TSA 80715 75334 Paris Cedex 07, France Phone: +33 1 53 73 22 22 www.cnil.fr We invite you to contact us first.