Last updated January 17, 2023.
This Privacy Policy describes the privacy practices of FaceApp in connection with the FaceApp mobile applications (each, an "App" and collectively the "Apps") and the FaceApp.com website (the "Site").
Welcome to FaceApp's Privacy Policy!
If you decide not to read this entire Privacy Policy, we want you to walk away with a few key points about FaceApp's privacy practices:
- The Apps are photo or video editors that allow users to edit portraits with highly realistic facial transformations.
- We do not use photographs or videos you provide when you use the Apps for any reason other than to provide you with the editing functionality of the Apps.
- We use third-party cloud providers — specifically, Google Cloud Platform and Amazon Web Services — to process and edit photographs and videos.
- You only send to the cloud the photographs or videos that you specifically select for editing.
- Photographs or videos are temporarily cached on the cloud servers during the editing process, and encrypted using a key stored locally on your mobile device.
- Photographs or videos may remain in the cloud for a maximum limited period of 24 to 48 hours, for improved performance and lower bandwidth allowing additional changes to recently selected photos or videos in an optimal manner.
Here's more on our privacy practices.
1. Information We Collect
1.1. When you use the App and select photographs or videos for editing, we cache them for processing to render the requested editing service:
- Photographs or videos you select when you use the Apps, via your camera or camera roll (if you have granted the Apps the permission to access your camera or camera roll), or via the in-App internet search functionality. We process only specific photos and videos you choose to modify using the Apps; and we do not collect your photo or video albums even if you grant us access to them. We safeguard each photograph or video that you select using an encryption key stored locally on your device. This means that the only device that can view the photo or video is the device from which the photograph or video was submitted using the Apps – the user's device. Please note that while we do not require or request any metadata attached to the photographs or videos you select for editing, metadata (including, for example, geotags) may be associated with your photographs or videos by default. We take steps to delete any metadata that may be associated with a photograph or video you provide when you use the Apps. Photographs or videos may remain cached in the cloud for a limited period between 24 to 48 hours after your last edit, so that you can return to it and make additional changes if you so choose.
1.2. When you use the App and the Site, we may collect some information, including:
- App usage information and online activity data, such as information about 1) how you use the App and interact with it, including the features you use, your preferred language, the date and time when you first installed the App and the date and time when you launch the app; 2) sources of referrals to the Site. Our service providers and certain third parties (e.g., online advertising networks and their clients) also may collect this type of information over time and across third-party websites and mobile applications. This information may be collected on our Site using cookies, browser web storage (also known as locally stored objects, or "LSOs"), web beacons, and similar technologies. We may collect this information directly or through our use of third-party software development kits ("SDKs"). SDKs may enable third parties to collect information directly from the App. For more information, please see ourCookie Policy
- App-related purchase history, if you choose to purchase an App subscription, we will not receive such information as billing address, credit card etc. (as we don't distribute subscriptions directly), we will only receive confirmation from the relevant application store that you are a paid subscriber to the App so we can provide Pro services.
- Device data, such as your computer and mobile device operating system type and version number, manufacturer and model, push tokens, Google Advertising ID and Apple ID for Advertising, browser type, screen resolution, IP address (and the associated city/country in which you are located), and the website you visited before visiting our Site.
Only online identifiers such as the IP address, Apps Instance ID (that is assigned to an App copy, installed on your device) and Advertising ID are generally considered as personal data. However, we are not in a position to identify you directly as a data subject on the basis of such identifiers.
1.3. When you contact us by email, we may also collect:
- Contact information, such as your name and email address, and information relating to your communication.
2. How We Use Your Information
2.1. We do not use photographs or videos you provide when you use the Apps for any reason other than to provide you with the editing functionality of the Apps.
2.2. We may use information other than photographs and videos for the following purposes:
To operate and improve the Apps and the Site. We use your personal information to operate, maintain, and provide you with the Apps and the Site. In particular, we will use your personal information to perform our contractual obligations under our Terms of Use, such as to:
- Enable you to use the Apps' features and to visit the Site.
- Communicate with you about the Apps, and the Site, including by sending you announcements (if you chose to "share email address"), updates, and security alerts, which we may send through a push notification, and responding to your requests, questions, and feedback.
- Provide technical support and maintenance for the Apps.
To improve, monitor, and protect our Apps and the Site. It is in our legitimate business interests to improve and keep our services safe and secure for our users. We do this by:
- Performing statistical analysis on aggregated data relating to the use of the Apps and Site (including through the use of third-party services).
- Troubleshooting, testing, and researching.
To display advertisements to you. If you use the free version of the Apps, we work with advertising partners to display advertisements within the Apps. These advertisements are delivered by our advertising partners and may be targeted based on your online activity. Where require under applicable law, we process your personal information based on your consent for these purposes, which you may withdraw at any time. Otherwise we process your personal information for advertising purposes where it is in our legitimate interests to do so. To learn more about your choices in connection with advertisements, please see ourCookie Policy.
For compliance, fraud prevention, and safety. We may use and disclose the information we collect (such as device data and app usage information) where it is in our legitimate business interests to: (a) protect our, your, or others' rights, privacy, safety, or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern the Apps and Site; and (c) protect, investigate, and deter against fraudulent, harmful, unauthorized, unethical, or illegal activity. We may disclose this information to government authorities and other third parties as required by applicable law. We cannot disclose the photos and videos that have been cached for processing as we do not store the encryption keys.
To create anonymous, aggregated, or de-identified data. We may create anonymous, aggregated, or de-identified data where it is in our legitimate business interests, and use and share it with third parties.
2.3. We will only process personal information on the basis of our legitimate interests where such interests are not overridden by your interests or your fundamental rights and freedoms.
3. How We Share Your Information
3.1. We do not disclose user photographs or videos to third parties (with the exception of temporarily caching an encrypted version with our cloud providers, Google Cloud Platform and Amazon Web Services, to provide the photo and video editing features of the Apps). We cannot share the photos and videos cached for processing as we do not store the encryption keys.
3.2. We may share your non-photograph and non-video information in the following circumstances:
Affiliates. We may share information we collect from you with our subsidiaries and affiliates, for purposes consistent with this Privacy Policy.
Service providers. We may share your information with service providers that perform services on our behalf or help us operate the Apps (such as customer support, hosting, analytics, email delivery, marketing, and database management services). These third parties may use your information only as directed or authorized by us and in a manner consistent with this Privacy Policy and are prohibited from using or disclosing your information for any other purpose.
Advertising partners. When third-party cookies and other tracking tools are used, our advertising partners may collect information from your device to display advertisements on the Apps, and to advertise the Site and Apps (and related content) elsewhere online.
Third-party platforms and social media networks. You may select to post the edited photograph or edited video to your social media account. We do not control the third-party platforms' use of your information, which is governed by that third party's privacy policy and terms and conditions.
Professional advisors. We may disclose your information to professional advisors, such as lawyers and auditors, where necessary in the course of the professional services that they render to us.
Business transfers. We may sell, transfer, or otherwise share some or all of our business or assets, including information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization, or sale of assets, or in the event of bankruptcy or dissolution.
4. Compliance with Law
We may be required to disclose your information to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities, or for the compliance, fraud prevention, and safety reasons described above. We do not have any access to your photos or videos as they are cached in encrypted format, and the key resides on the user's device so we cannot disclose such content.
5. Your Choices
Opt out of push notifications. You may opt out of the push notifications we may send you by changing the settings on your mobile device.
Device permissions. You may revoke any permissions you previously granted to us, such as permission to access your camera, camera roll, or microphone through the settings on your mobile device.
Cloud processing. You may request that we remove your information, including the photographs and videos that are temporarily cached on Google Cloud Platform or Amazon Web Services, prior to the automatic 24 to 48 hours post-edit deletion time by clicking the"Request cloud data removal" button in the "Support" section of the App settings.
Personal information requests. We also offer you choices that affect how we handle the personal information that we control. Depending on your jurisdiction, you may request the following in relation to your personal information:
- Information about how we have collected and used your personal information. We have made this information available to you without having to request it by including it in this Privacy Policy.
- Access to a copy of the personal information that we have collected about you. Where applicable, we will provide the information in a portable, machine-readable, readily usable format.
- Correction of personal information that is inaccurate or out of date.
- Deletion of personal information that we no longer need to provide the services or for other lawful purposes.
- Additional rights, such as toobject to andrequest that we restrict our use of your personal information.
To make a request, please email us at[email protected] . We may ask for specific information from you to help us confirm your identity. California residents can empower an "authorized agent" to submit requests on their behalf. We will require authorized agents to confirm their identity and authority, in accordance with applicable laws. You are entitled to exercise the rights described above free from discrimination.
If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you maycontact us or submit a complaint to the data protection regulator in your jurisdiction. If you are in Europe, you can find your data protection regulatorhere.
Choosing not to share your information. Where we need your information in order to provide the services to you or where we are required by law to collect your information, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with our services.
Limits on your choices. In some instances, your choices may be limited, such as where fulfilling your request would impair the rights of others, our ability to provide a service you have requested, or our ability to comply with our legal obligations and enforce our legal rights. If you are not satisfied with how we address your request, you may submit a complaint by contacting us as provided in the "How to Contact Us" section below. Please note that we may require additional information in order to verify your identity and process your request.
6. Other Sites, Mobile Applications, and Services
The App may contain links to other websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications, or online services, and we are not responsible for their actions. Other websites, mobile applications, and online services follow different rules regarding the collection, use, and sharing of your personal information. We encourage you to read the privacy policies of the other websites, mobile applications, and online services you use.
7. Security Practices
We use commercially reasonable security practices to help keep the information collected through our services secure. However, FaceApp cannot guarantee the security of any information you provide, as bad actors, for example, may try to access, disclosure, alter, or destroy your information.
Please do your part to help us. You are responsible for maintaining the confidentiality of your information, and for controlling access to communications between you and FaceApp, at all times. We are not responsible for the functionality, privacy, or security measures of any other organization.
8. Retention
We configure Google Cloud Platform and Amazon Web Services to delete photographs and videos, and the information associated with those photographs and videos, within 24 to 48 hours after the photograph or video was last edited using the Apps. This allows you to revisit photographs or videos to make additional modifications during that time.
With respect to non-photograph and non-video information that we may collect, we will retain such information only for as long as necessary to fulfill the purposes we have set out in this Privacy Policy. You may also ask that we delete your information using the"Request cloud data removal" option in the "Support" section of the App settings.
9. Cross-Border Data Transfers
If we transfer your personal information internationally, these countries may not provide the same protections as the data protection laws where you are based. Where we transfer information internationally, we:
- Make sure the data transfer complies with applicable law; and
- Make sure that the relevant safeguards are in place to afford adequate protection for your personal information.
We do this using a variety of protections, as appropriate for each data transfer. For example, we use:
- Standard Contractual Clauses (or an alternative legal tool, such as the UK Government-approved International Data Transfer Agreement or Addendum) to require the third party to protect your data and to provide you with EU- and UK-level rights and protections;
- Technical protections, such as automated deletion, encryption, and pseudonymization; and
- Policies and processes to challenge disproportionate or unlawful government authority requests.
Note, our technical support team may also access your information, such as App usage information, in locations outside of your state, province, or country.
10. Children
Our Apps and Site are not directed at children under the age of 13. This explains why we do not consciously collect data from subjects under the age of 13. If you are less than 13 years old, do not use our Apps and Site. If you are a parent or the guardian of a person under the age of 13, please do not allow such person to use our Apps and Site. In certain cases, this age may be higher than 13 due to local regulatory requirements.
11. Changes to the Privacy Policy
We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the App and Site. We may, and if required by law will, provide notification of changes in another way that we believe is reasonably likely to reach you, such as through the Apps.
Any modifications to this Privacy Policy will be effective upon our posting the new terms to the Site and/or upon implementation of the new changes on the Apps and Site (or as otherwise indicated at the time of posting). In all cases, your continued use of our services after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.
12. How to Contact Us
FaceApp Technologies Limited is the entity responsible for the processing of your personal information, and is the data controller in respect of such processing.
If you have any comments or questions regarding this Privacy Policy, if you have any concerns regarding your privacy, or if you wish to make a complaint about how your personal data is being processed by FaceApp, you can contact our Data Protection Officer DPO at[email protected] .
You may also write to us via postal mail at:
FaceApp Technology Limited
Attn: DPO
28th October Ave 319a
8th Floor - Office 801A
Limassol, 3105
Cyprus
13. UK Representative Contact Information
For users in the United Kingdom, VeraSafe has been appointed as FaceApp's representative in the United Kingdom for data protection matters, pursuant to Article 27 of the UK General Data Protection Regulation. VeraSafe can be contacted only on matters related to the processing of personal data.
To make such an inquiry, please contact VeraSafe using this contact form:https://verasafe.com/public-resources/contact-data-protection-representative
or via telephone at: +44 (20) 4532 2003.
Alternatively, VeraSafe can be contacted at:
VeraSafe United Kingdom Ltd.
37 Albert Embankment
London SE1 7TL
United Kingdom