Privacy Policy – iGlowly Assistant

Last updated: 30 March 2026

Introduction

This Privacy Policy explains how iGlowly collects, uses, stores, and protects information when visitors interact with the iGlowly Assistant widget embedded on clinic websites.

This policy applies exclusively to the iGlowly Assistant widget and its related data processing. It does not apply to the clinic website on which the assistant is embedded, nor to the iGlowly platform website (iglowly.com), which is covered by a separate privacy policy.

What the iGlowly Assistant Is

The iGlowly Assistant is an informational software tool designed for general education about aesthetic treatments, procedures, and clinic-related topics.

The iGlowly Assistant is:

• not a medical device
• not a healthcare service
• not a diagnostic tool
• not a patient communication channel
• not intended for emergencies

The assistant provides general informational content only. It does not provide medical advice, diagnosis, or treatment recommendations. Users must not use the assistant to submit personal, sensitive, or medical information.

Data Controller

The data controller for the processing described in this Privacy Policy is iGlowly, currently operated by its founder within:

Jobyourself Coop SC Chaussée de Charleroi 112 1060 Brussels  Belgium VAT: BE 0479.233.349

The founder operates as an independent professional within this cooperative framework. Editorial responsibility and operation of the iGlowly Assistant remain under the responsibility of the founder of iGlowly.

Data We Do Not Collect

The iGlowly Assistant is specifically designed to minimise data collection. We do not store:

• names
• email addresses
• phone numbers
• street addresses
• dates of birth
• uploaded files or photos
• medical records
• personal health information
• full chat messages
• assistant responses
• conversation transcripts or history
• raw IP addresses
• tracking cookies
• localStorage or browser-persistent identifiers

Chat messages exist only in volatile memory (RAM) during real-time processing and are never written to disk, database, or log storage.

Data We Do Collect

The assistant stores only anonymous, non-identifying usage statistics. These may include:

• concern topics discussed (e.g., wrinkles, dark circles, hair loss)
• treatment or procedure topics discussed (e.g., Botox, dermal fillers, facelift)
• clinic information questions (e.g., opening hours, parking, team)
• general question category (e.g., pricing, recovery, booking intent)
• language used
• date and time of interaction
• clinic identifier (which clinic's widget was used)
• anonymous session identifier (not linked to any personal data)

This data cannot be used to identify any individual. It is used to provide demand analytics to clinics and to improve the assistant.

Personal Data Sanitisation

If a visitor nevertheless enters personal information into the assistant, the system applies automated detection and redaction before any message reaches the AI processing layer.

Sanitisation operates in two layers:

• Layer 1: pattern-based detection using regular expressions, targeting email addresses, phone numbers, identification numbers, and similar structured personal data
• Layer 2: AI-powered entity recognition using Azure AI (Microsoft Azure Cognitive Services), detecting names, addresses, and other personal identifiers

When personal data is detected, it is replaced with anonymised tokens (e.g., "[name hidden]", "[email hidden]") before the message is sent for AI response generation.

Sanitisation processing takes place in the European Union (Azure Western Europe region).

This architecture is designed to prevent personally identifying information from reaching AI providers and to minimise the handling of identifiable health information.

AI Processing

Some visitor questions are processed by an AI system to generate responses.

• Messages are sanitised before AI processing (see Section 6)
• Messages are processed in real time in volatile memory
• Chat messages are not stored by iGlowly
• The system is designed not to transmit personally identifying information to the AI provider
• Only anonymous interaction analytics are retained

For common questions (e.g., "Do you offer Botox?", pricing queries), the assistant uses deterministic response paths that do not involve AI processing.

Cookies, localStorage, and Browser Storage

The iGlowly Assistant does not use:

• tracking cookies
• localStorage
• sessionStorage
• any browser-persistent storage mechanism

The assistant operates entirely in browser session memory. When the browser tab is closed, no assistant-related data remains on the visitor's device.

Data Hosting and Security

Anonymous usage analytics are hosted on secure servers located in the European Union (Germany), using Supabase infrastructure on AWS EU.

Personal data sanitisation is processed in the European Union (Azure Western Europe).

Security measures include:

• encrypted data transmission (HTTPS/TLS)
• encryption at rest for stored data
• role-based access control (each clinic can access only its own data)
• rate limiting at session, IP, and clinic level
• automated protection against jailbreak attempts, spam, and code injection
• separation between real-time processing and stored analytics

Subprocessors

iGlowly uses the following subprocessors for the assistant:

Supabase (AWS) Purpose: Database hosting, anonymous analytics storage Location: EU (Germany)

Microsoft Azure Purpose: Personal data detection and sanitisation (PII redaction) Location: EU (Western Europe)

OpenAI Purpose: AI response generation Location: United States

Vercel Purpose: Frontend delivery, widget code hosting Location: Global CDN

These providers process information under contractual confidentiality and security obligations.

The current subprocessor list is available at iglowly.com/assistant/trust/processors.

Data Shared with Clinics

Clinics that embed the iGlowly Assistant receive anonymous demand analytics through a dashboard. This includes aggregated data such as:

• which concerns visitors are researching
• which treatments visitors are asking about
• volume of pricing, booking, and general questions
• language distribution
• activity trends over time

Clinics do not receive chat transcripts, visitor identities, or any personally identifying information. They see aggregated signals, not individual conversations.

International Data Transfers

Anonymous usage data is hosted in the European Union (Germany).

AI response generation is processed by OpenAI, which may process sanitised, non-identifying message content in the United States. Messages are sanitised before transmission to remove personal identifiers (see Section 6).

Where data is transferred internationally, iGlowly relies on appropriate legal safeguards, including contractual protections and, where applicable, Standard Contractual Clauses or other lawful transfer mechanisms.

Legal Bases for Processing (GDPR)

Where the General Data Protection Regulation applies, iGlowly relies on:

• Legitimate interests (Article 6(1)(f)): to operate, secure, and improve the assistant; to provide anonymous demand analytics to clinics; to prevent abuse and maintain service quality.
• Compliance with legal obligations (Article 6(1)(c)): where processing is required by law, regulation, or legal process.

Because the assistant processes only anonymous, non-identifying data in its stored analytics, and sanitises messages before AI processing, the processing is designed to have minimal impact on the fundamental rights and freedoms of data subjects.

California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) may provide you with certain rights regarding personal information.

The iGlowly Assistant is designed according to data minimization and privacy-by-design principles. The system does not store personal data, does not use tracking cookies, and does not sell or share personal information.

Because the iGlowly Assistant does not store personal data or user identifiers, iGlowly generally does not hold personal information that can be linked to an identifiable consumer through the Assistant.

Nevertheless, under the CCPA/CPRA, California residents may have the right to:

• Request disclosure of personal information collected about them;
• Request deletion of personal information;
• Request correction of inaccurate personal information;
• Opt out of the sale or sharing of personal information;
• Not be discriminated against for exercising privacy rights.

iGlowly does not sell personal information and does not share personal information for cross-context behavioral advertising.

Requests related to privacy or personal data can be submitted to: privacy@iglowly.com

Because the iGlowly Assistant does not store personal data or conversation transcripts, iGlowly may not be able to identify or link requests to specific individuals using the Assistant.

Health Information and Zero-PHI Architecture

The iGlowly Assistant operates under a Zero-PHI (Protected Health Information) architecture. The system is designed not to collect, store, or process Protected Health Information as defined under HIPAA or equivalent health-data regulations.

The system prevents PHI handling through:

• no storage of free-text messages
• no collection of personal data fields
• no persistent identifiers linked to health topics
• automated PII sanitisation before AI processing
• Terms of Service instructing users not to submit personal or medical information

This architecture is designed to reduce compliance exposure under health-data and privacy regulations. Because no PHI is handled, a Business Associate Agreement is typically not required under HIPAA. However, iGlowly can provide a Zero-PHI Statement and, upon request, a BAA template for legal review.

For further information, see iglowly.com/assistant/trust/zero-phi.

Data Retention

• Full chat messages: not retained
• Assistant responses: not retained
• Anonymous usage analytics: retained for demand analysis, service improvement, and reporting
• Technical security logs: retained for a limited period for abuse prevention and troubleshooting, then deleted

When data is no longer needed, iGlowly deletes, anonymises, or securely restricts it as appropriate.

Your Rights

Under applicable data protection law, you may have the right to:

• request access to personal data about you
• request correction of inaccurate data
• request deletion of personal data
• request restriction of processing
• object to certain processing
• request data portability, where applicable
• withdraw consent, where processing is based on consent
• lodge a complaint with a competent supervisory authority

Because the assistant is designed not to retain personal messages or identifiable content, iGlowly may be unable to link anonymous analytics back to a specific individual.

Children

The iGlowly Assistant is not directed to children and is not intended for use by persons under 16. iGlowly does not knowingly collect personal data from children.

Changes to This Policy

iGlowly may update this Privacy Policy to reflect legal, technical, or business changes. The updated version will be posted with a revised "Last updated" date.

Contact

For privacy-related questions or requests:

trust@iglowly.com

Postal contact:
Jobyourself Coop SC
Chaussée de Charleroi 112
1060 Brussels  Belgium 

‍