Privacy Policy

Plastic Surgeons Reviews ("we", "us", "our", "the platform") operates the website at plasticsurgeonsreviews.com and related mobile experiences. We are the data controller for personal data processed through the platform, except where this policy says otherwise (for example, when a clinic uses our platform to manage its own profile, the clinic is a separate controller of any data it independently collects from you off-platform).

You can contact us about anything in this policy by emailing support@plasticsurgeonsreviews.com.

This policy covers all visitors, registered users, surgeons and clinic staff who use the platform. It does not cover third-party websites we link to, payment providers' own data handling, or anything that happens inside a clinic between you and a healthcare provider.

Account data — the email address, display name, country, and password (stored only as a salted hash) you give us at signup. If you sign in with Google, we receive the email, display name, and avatar URL Google chooses to share with us, and nothing else.

Profile data — anything you choose to add: bio, profile photo, language preference, country, notification settings, surgeon credentials if you are a surgeon.

Content you publish — reviews, surgeon responses, community questions, comments, short videos, scam reports, the procedures you tag, the photos and documents you attach, and the metadata embedded in those files (timestamp, device model — we strip GPS coordinates from uploaded photos on receipt).

Verification data — documents you send us privately to prove a treatment took place (appointment letters, invoices, redacted records). These are used only to verify and are deleted after the review or report is approved or rejected.

Technical data — IP address, user-agent string, device identifiers, approximate location derived from the IP (country and region only), the pages you visit, the buttons you click, the search queries you run on the platform, and crash logs.

Communication data — messages you send through our in-platform chat, the emails you exchange with our support team, the reports you file, and our responses.

Most data comes directly from you. Some comes from sources you authorise (Google sign-in, the device you use). Limited public data about surgeons — names, registration numbers, clinic addresses — is collected from official medical registries and other public sources to maintain accurate profiles.

To create and run your account. To publish what you ask us to publish. To moderate content. To detect and prevent fake reviews, harassment, coordinated manipulation, scams, and other abuse. To send you operational emails about your account, your reviews and replies to them. To improve the platform through aggregate, non-identifying analysis. To comply with our legal obligations.

We do not sell your personal data. We do not share your data with advertisers for behavioural advertising. We do not use your content to train third-party generative-AI models.

Where European or UK data protection law applies, we rely on the following legal bases: performance of a contract (running your account and publishing your content); legitimate interests (security, fraud prevention, moderation, product improvement, defending legal claims); consent (optional analytics, marketing emails — withdrawable at any time); and legal obligation (responding to lawful requests).

We rely on legitimate interests only after balancing them against your rights and freedoms. You can object to that processing — see section 18.

Hosting and infrastructure — our platform runs on Lovable Cloud (a managed backend built on Supabase) and on Cloudflare Workers for delivery and edge compute. These providers process data on our instructions only.

Email delivery — operational and transactional emails are sent through a contracted email service provider that processes recipient address and email content solely to deliver the message.

Sign-in — when you choose Google sign-in, Google processes your authentication. We do not see your Google password.

Payments — donations are processed by Stripe (or Paddle where applicable). They receive payment details directly; we receive only a confirmation, the amount, and the donor email if you provided one.

Legal — we disclose data when required by a binding legal order from a court or regulator in a jurisdiction we are subject to, when there is a credible threat to life, or to defend our legal rights. We publish aggregate transparency information about legal requests on request.

The platform is global. Personal data may be processed in countries outside your home country, including the European Economic Area, the United Kingdom, the United States, and other regions where our sub-processors operate. Where data leaves a jurisdiction with statutory protection, we rely on appropriate transfer mechanisms — the EU Standard Contractual Clauses, the UK International Data Transfer Addendum, and adequacy decisions where they exist.

We use a small number of strictly necessary cookies to keep you signed in and to remember your preferences. We use optional analytics cookies to understand how the platform is used, and these are set only with your consent. We do not use third-party advertising cookies.

You can change your cookie preferences at any time from the cookie banner or from your browser settings. Disabling strictly necessary cookies will break sign-in and some features.

We collect aggregate, non-identifying analytics — pages viewed, buttons clicked, search queries on the platform, crash and error reports — to improve reliability and product quality. Where consent is required, we ask for it before collecting analytics that include any identifying data.

Operational emails (verification, password reset, replies to your reviews, moderation outcomes) are necessary to run the service and you cannot opt out of them while you have an account. Marketing or editorial newsletters are opt-in only and every message includes a one-click unsubscribe.

Account data: while your account is active and for up to 12 months after deletion to handle disputes and abuse investigations, then permanently erased or fully anonymised. Published content: indefinitely while the account is active, because removing isolated reviews changes the overall picture of a surgeon's profile; you can edit or remove any of your own posts at any time. Verification documents: deleted within 30 days of the moderation decision. Server logs and security telemetry: typically 30–90 days. Payment receipts: kept for the period required by tax and accounting law in the relevant jurisdiction.

We protect personal data with industry-standard measures: TLS for all data in transit, encryption at rest for databases, hashed and salted passwords, row-level security on user data, principle-of-least-privilege access for staff, audit logs, and regular security review. No system is perfectly secure — if a breach affects your personal data and is likely to result in significant risk to your rights, we will notify you and the relevant supervisory authority within the timeframes required by law.

The platform is not directed at children. We do not knowingly collect personal data from anyone under 18. If you believe a child has provided personal data, contact us and we will delete it.

Reviews, photos, and community posts often describe procedures, recoveries, and personal experiences. To the extent any of that constitutes "special category" or "sensitive" personal data under applicable law, you publish it yourself by your own choice when you click publish. The platform is a public review site, not a clinical record, and you should not treat it as confidential.

If you ever want a specific post removed, you can delete it from your own dashboard, and we will honour data-subject erasure requests as the law requires.

We use AI models (currently routed through the Lovable AI Gateway, which proxies to providers including Google and OpenAI) for moderation assistance, AI Improve writing assistance, and limited community engagement features. AI providers process the inputs we send them to generate a response and do not retain those inputs for model training under our contracts. We do not feed your private messages or verification documents into AI features.

Reviews, surgeon profiles, community posts, comments, and short videos are public by default and are indexed by search engines. Your display name and any profile photo you upload may appear alongside what you post. If you want a more anonymous identity, use a non-identifying display name and avatar.

Search engines and other third parties may cache or copy public content. After you delete a post, copies may persist outside our control for some time. We will remove content from our systems on request, but we cannot guarantee removal from other indexes.

Subject to local law, you have the right to access the personal data we hold about you, to correct inaccurate data, to delete data, to restrict or object to certain processing, to receive your data in a portable format, and to withdraw consent where processing is based on consent. You can exercise these rights from your account settings or by emailing support@plasticsurgeonsreviews.com. We respond within the statutory timeframe — generally one month under GDPR — and may ask for proof of identity for sensitive requests.

You can complain to a supervisory authority. In the EU, that is the data protection authority of your country. In the UK, it is the Information Commissioner's Office. We would, of course, prefer you raise it with us first.

California residents have the right to know the categories of personal information we collect, the sources, the purposes, and the third parties we share with; to request a copy of their personal information; to request deletion; to correct inaccurate information; to limit the use of "sensitive personal information" as defined by California law; and not to be discriminated against for exercising these rights. We do not sell or "share" (as defined by the CPRA) personal information.

If you are in Brazil (LGPD), Canada (PIPEDA), Australia (Privacy Act), South Africa (POPIA), Switzerland (FADP), or any other jurisdiction with comparable rights, those rights apply to you in the manner that local law specifies. Contact us with the request you want to make and we will handle it.

We update this policy from time to time. When the changes are material we notify registered users by email or by an in-product banner at least 30 days before they take effect, where reasonably possible. The "last updated" date at the top of this page always reflects the current version.

Email support@plasticsurgeonsreviews.com with any privacy question, request, or concern. We try to respond within 5 business days for routine matters and within statutory timeframes for formal data-subject requests.