NoseJourney – Privacy Notice (UK/EU GDPR)

Overview

This Privacy Notice explains how NoseJourney Ltd ("NoseJourney", "we", "us") collects and uses personal data when you use the nosejourney web application and related websites and services (together, the "Service"). It is designed to comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and, where applicable, the EU General Data Protection Regulation (EU GDPR).

1. Who We Are (Controller)

NoseJourney Ltd operates the rhinomatch web application, which matches patients with rhinoplasty doctors and clinics.

For most processing described in this notice, NoseJourney Ltd acts as the data controller under UK GDPR and, where applicable, EU GDPR. This means we decide how and why your personal data is used.

Contact details (replace with your real details):

Company name: NoseJourney Ltd
Registered address: NoseJourney Ltd, 123 Example Street, London, United Kingdom
Email: [email protected]
Website: https://nosejourney.com

If we appoint a Data Protection Officer (DPO) or an EU representative (for EU users), we will publish their contact details on this page in an updated version of this Privacy Notice.

2. What Data We Collect

The data we collect depends on how you use the Service (for example, as a patient/user, as a doctor, or as a clinic representative).

2.1. Account And Identification Data

Name
Email address
Password hash (we never store your plain-text password)
User role (e.g. patient/user, doctor, clinic admin, platform admin)
Links to your patient or doctor/clinic profile, if applicable

2.2. Patient Profile And Preferences

For patients and prospective patients, we may process:

Full name and contact details (email, phone, country/region)
Gender and date of birth
Your budget range and logistical preferences (online consultation, willingness to travel, international treatment)
Whether you are seeking primary or revision rhinoplasty
Whether you mention functional/breathing issues or complex cases
Any free-text comments you choose to provide (for example, about your goals or concerns)

Some of this information may indicate health-related data (for example, that you are considering or have undergone a rhinoplasty procedure). Under GDPR this may qualify as special category data (health data), which requires additional protection.

2.3. Image Data (Photos And Before/After Cases)

We process several types of images:

Photos that users upload of their face/nose for analysis and matching (via the analysis flow).
Derived analysis tags about physical characteristics (e.g. skin type, dorsal hump, deviation, tip rotation) based on those photos.
Before/after photos uploaded by doctors to showcase their work, with captions and procedure type.
Profile photos for doctors.

Facial images and surgery-related photos can reveal health information and may qualify as special category data (health), especially where they show or imply medical procedures or conditions.

2.4. AI Analysis And Tags

When you upload photos or write reviews, we may send that content to an AI model (Google Gemini) to generate structured tags and summaries for matching and quality insights.

This may include:

Image analysis: AI-generated tags about nose anatomy and appearance (e.g. thick skin, dorsal hump, tip rotation) for matching purposes.
Review analysis: AI-generated tags and summaries from text reviews about doctors (e.g. mentions of recovery, breathing, revision, natural vs. more dramatic style).
Internal scoring data such as match scores, tag breakdowns and timelines.

2.5. Doctor Profiles And Professional Data

For doctors and clinics, we may process:

Full name, professional title and specialty
Clinic name, address, website URL, phone and email
Languages spoken
Typical budget range, accepted payment methods, and whether online or international coordination is offered
Matching-related fields, such as anatomical specialties, aesthetic styles, medical capabilities, and consents for profile publication
Before/after case portfolios, AI-generated review summaries and ratings
Licensing/registration information you choose to publish (where applicable)

2.6. Usage, Logs And Device Data

When you use the Service, certain technical data are collected automatically, for example:

IP address and inferred country/region
Browser and device information
Page views and actions (e.g. which doctors you view, when you submit consultation requests)
Rate-limiting and security logs (e.g. CSRF checks, analysis rate limits, suspicious login attempts)

2.7. Payment And Credit Information

NoseJourney may maintain internal credit balances and transaction records for doctors and clinics (e.g. credits used to unlock leads). When we use third-party payment processors, we do not store raw card details on our own servers. Payment processors act as independent controllers or processors under their own privacy policies.

2.8. Children And Minimum Age

The Service is intended for adults (generally 18+). If we become aware that we have collected personal data from a child under the minimum age of consent in their country without appropriate authorisation, we will take steps to delete that data.

3. Purposes And Legal Bases

We only process personal data when we have a valid legal basis and a clear purpose under UK/EU GDPR.

3.1. Providing The Service And Matching Patients With Doctors

We use your account data, preferences and analysis results to:

Create and manage your user/doctor/clinic account.
Enable you to upload photos, answer questions and receive suggested matches.
Present doctor and clinic profiles, before/after cases and reviews.
Facilitate communications and consultation requests between you and selected doctors/clinics.
Maintain internal records of your activity where necessary to provide and improve the Service.

Legal bases:

Performance of a contract (or steps prior to entering into a contract) with you (UK GDPR/EU GDPR Article 6(1)(b)).
Our legitimate interests in operating and improving a patient–doctor matchmaking platform (Article 6(1)(f)), provided these interests do not override your rights and freedoms.

For photos and health-related data we rely on your explicit consent as an additional condition for processing special category data (Article 9(2)(a)), as explained in section 3.3.

3.2. Operating, Securing And Improving The Platform

We process logs, events and aggregate statistics to:

Protect the Service from abuse and attacks (rate limiting, CSRF checks, fraud monitoring).
Detect and investigate suspicious or fraudulent activity.
Debug technical issues and measure performance.
Understand how features are used and improve user experience.

Legal basis: our legitimate interests in securing, operating and improving our services (Article 6(1)(f)).

3.3. Processing Sensitive Data (Photos And Health Context)

Your photos, AI-generated anatomical tags and certain questionnaire answers may reveal health-related information about past or planned procedures. Under UK/EU GDPR this can be special category data, which requires a specific Article 9 condition in addition to a lawful basis under Article 6.

We treat this as special category data and process it only when you give explicit consent, for example when you tick a box and upload photos for analysis, or when a doctor uploads before/after cases having obtained written consent from their patient.

You can withdraw this consent at any time by deleting your photos, requesting deletion, or closing your account, subject to certain legal limitations (see section 7).

3.4. Marketing And Communication

We may send service-related communications (for example, account verification, important changes to the Service, consultation request notifications) without separate consent, as these are necessary to provide the Service.

For optional marketing communications (for example, newsletters, product updates or promotions), we will ask for your consent where required by law. You can unsubscribe or change your preferences at any time via the links in the emails or your account settings.

3.5. Legal Obligations And Disputes

We may process and retain some data to:

Comply with legal, accounting or tax obligations.
Respond to lawful requests from public authorities.
Establish, exercise or defend legal claims (for example, in case of disputes or enforcement of our Terms of Use).

Legal bases: compliance with legal obligations (Article 6(1)(c)) and our legitimate interests in protecting our rights and defending claims (Article 6(1)(f)).

4. AI Processing And Use Of Google Gemini

4.1. How Gemini Is Used

When you submit photos for analysis, NoseJourney sends the images, in base64-encoded form, to Google’s Gemini model via the Google Generative AI API. The model returns structured tags about your nose anatomy and appearance (such as skin type, dorsal hump, deviation, and tip rotation), which we use as part of our matching algorithms.

We may also send text reviews to Gemini to obtain structured tags and summarised insights about a doctor’s performance and review trends.

4.2. What Gemini Receives And Returns

For image analysis, Gemini receives:

One or more face/nose photos that you upload in the analysis flow.
A written prompt describing the taxonomy and required JSON output.
Technical metadata needed by the API (for example, MIME type).

For text analysis, Gemini receives:

The review text you submit about a doctor or clinic.
A written prompt describing the review-tagging and summarisation task.

Gemini returns:

A list of selected anatomical tags (for example, thicksebaceous, humpkyphosis, etc.).
Parsed JSON responses summarising review content into standard tags and pros/cons lists.

We do not use Gemini to generate free-form, personalised psychological profiles about you. Instead, it is used to map your images and reviews into a controlled taxonomy for the matching and analytics algorithms.

4.3. Gemini As A Processor/Sub-Processor

For data protection purposes, Google (through the Gemini API) generally acts as a processor or sub-processor handling data on our instructions to provide AI analysis functions.

We ensure that appropriate contractual and security safeguards are in place with Google (for example, data processing terms and, where necessary, Standard Contractual Clauses or UK International Data Transfer Agreement/Addendum for international transfers).

4.4. International Transfers

Gemini and some of our other cloud services may process data on servers located outside the UK/EEA (for example, in the United States).

Where this happens and the destination country has not been recognised as providing an adequate level of data protection, we rely on appropriate safeguards, such as Standard Contractual Clauses or the UK International Data Transfer Agreement/Addendum, together with additional technical and organisational measures, to protect your data in line with UK/EU GDPR requirements.

5. Other Recipients And Service Providers

We share personal data only when necessary and with appropriate safeguards.

5.1. Doctors And Clinics

When you choose to contact or book with a doctor or clinic via NoseJourney, relevant personal data are shared with that doctor or clinic, such as:

Your contact details and preferences.
The analysis result and tags, where necessary for a meaningful consultation.
Your consultation request messages and attached photos, if you choose to include them.
Any follow-up messages you send through the platform.

Doctors and clinics act as independent controllers for the data they receive from us and are responsible for complying with data protection law in their own practices.

5.2. Hosting, Storage And Infrastructure Providers

We use third-party providers to host the application and databases, store images and files (for example, S3-compatible storage), and deliver transactional emails and notifications.

These providers typically act as processors on our behalf. We sign data processing agreements and require them to implement appropriate security and international transfer safeguards.

5.3. Analytics, Security And Support Tools

We may use logging, monitoring, analytics and error-reporting tools to maintain service stability and security. Where these tools involve personal data, they do so under contracts that limit their use to providing services to NoseJourney and prohibit use for their own unrelated purposes.

5.4. Legal And Compliance Recipients

We may disclose personal data where reasonably necessary to:

Comply with legal obligations or requests from competent authorities.
Protect our rights, property or safety, or that of users, doctors, clinics or the public.
Detect, prevent or otherwise address fraud, security or technical issues.

In such cases, we will only disclose what is reasonably required.

6. Data Retention

We keep personal data only for as long as necessary for the purposes described in this notice or as required by law. We apply data minimisation and retention principles in line with UK/EU GDPR.

In general:

Account data are stored while your account is active and for a limited period afterwards (for example, to handle disputes, prevent abuse, and fulfil legal obligations).
User photos and image analysis results are stored while needed to provide matching and consultation services and are removed or anonymised when you delete them or close your account, subject to technical backup cycles.
Before/after case photos remain visible while the doctor’s or clinic’s profile is active or until the doctor or patient requests removal, subject to contractual and legal obligations.
Logs and security data are kept for a limited period (for example, weeks or months) and may then be aggregated or anonymised.

We maintain an internal retention schedule specifying concrete periods for each data category and regularly review our retention practices.

7. Your Rights Under UK/EU GDPR

Depending on your location and subject to legal conditions and exemptions, you may have the rights described below in relation to your personal data.

You can exercise these rights by contacting us using the details in section 1. We may ask you to verify your identity where necessary to protect your data.

7.1. Right Of Access

You can request confirmation of whether we process your personal data and obtain a copy of your personal data we hold, together with certain information about how we use it.

7.2. Right To Rectification

You can ask us to correct inaccurate or incomplete personal data. You can also update some information directly via your account settings where this functionality is available.

7.3. Right To Erasure ("Right To Be Forgotten")

You can request deletion of your personal data, for example where it is no longer needed for the purposes for which it was collected, where you withdraw consent for processing of special category data (such as photos), or where you successfully object to processing.

We will honour such requests unless we have compelling legitimate grounds or legal obligations to retain certain information (for example, for accounting, fraud prevention or dispute resolution).

7.4. Right To Restriction And Objection

You can ask us to restrict certain processing (for example, while a dispute or accuracy challenge is being resolved) or object to processing based on our legitimate interests, including certain uses of analytics or personalised content.

Where we rely on legitimate interests, we will stop processing unless we have compelling legitimate grounds that override your interests, rights and freedoms, or the processing is needed for legal claims.

7.5. Right To Data Portability

You can request certain personal data you have provided to us in a structured, commonly used and machine-readable format and ask us to transmit it to another controller, where technically feasible and where the relevant legal conditions are met (for example, where processing is based on consent or contract and carried out by automated means).

7.6. Rights Related To Automated Decision-Making

Where significant decisions about you are based solely on automated processing (including profiling), you can request human intervention, express your point of view and contest the decision.

NoseJourney’s matching system uses scoring algorithms based on your inputs and AI-generated tags to rank and suggest doctors, but we do not make legal or similarly significant decisions about you based solely on automated processing. You always remain free to choose any doctor or clinic and to disregard the suggestions.

7.7. Complaints

If you are unhappy with how we handle your data, please contact us first so we can try to resolve the issue.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) or your local data protection authority in the EU.

ICO website: https://ico.org.uk
ICO telephone (UK): 0303 123 1113 (or as updated on the ICO website)

8. Cookies And Similar Technologies

Our website may use cookies and similar technologies for purposes such as:

Remembering your session and preferences.
Measuring site traffic and performance.
Enhancing security and preventing abuse.
(Where applicable) Providing analytics and A/B testing.

Where required by law, we will request your consent via a cookie banner before setting non-essential cookies (such as analytics or advertising cookies). You can change your cookie preferences at any time via your browser settings or our cookie settings panel.

We may provide a separate Cookie Policy with more detailed information about the specific cookies and similar technologies we use.

9. Security Measures

We implement appropriate technical and organisational measures to protect personal data, taking into account the nature of the data and the risks of processing.

These measures may include:

Encryption in transit (HTTPS/TLS) and, where supported, encryption at rest for key storage systems.
Role-based access control and "need-to-know" principles for staff and systems accessing sensitive data like photos.
Secure coding practices, CSRF protection and rate limiting for certain operations (such as AI analyses, logins and registrations).
Logging and monitoring access to critical resources, with alerts for suspicious activity.
Regular review of access rights and security configurations.

While no system can be 100% secure, we work to keep your data safe and will notify you and relevant authorities of certain personal data breaches when legally required.

10. Changes To This Notice

We may update this Privacy Notice from time to time, for example to reflect changes in our services, our processing activities or legal requirements.

When we make significant changes, we will provide appropriate notice (for example, via a banner on the website, in-app notification or email) and indicate the date of the latest update at the top of this notice.

If required by law, we will seek your consent to material changes that affect how we process your personal data.