The Face Report

Privacy Policy

Last updated: March 11, 2026

The Face Report ("we," "us," or "our") operates the website at https://thefacereport.com. This Privacy Policy explains how we collect, use, and protect your information when you use our facial analysis services.

By using The Face Report, you agree to the practices described here. If you do not agree, please do not use our services.

1. Information We Collect

Facial analysis data (free tools)

When you use our free tools (Face Shape Detector, Symmetry Test, Harmony Score), your photo is processed entirely in your browser using MediaPipe Face Mesh. We do not upload, transmit, or store your photo or the resulting facial landmark data on our servers. No biometric data is collected for free tool usage.

Facial analysis data (paid analysis)

When you use the Full AI Analysis (paid feature), your photo is sent to Google's Gemini API for qualitative analysis and visualization generation. This transmission is encrypted in transit. We do not permanently store your photo — it is automatically deleted within 24 hours of processing. The analysis results (text scores, recommendations) are stored in your account.

Account information

When you create an account, we collect your email address and password (hashed, never stored in plain text). Account data is managed by Supabase.

Payment information

Payment processing is handled entirely by Stripe. We never see or store your credit card number. We receive only your Stripe customer ID and purchase history.

Automatically collected data

We use essential cookies for authentication (session management). We do not use tracking cookies, advertising pixels, or third-party analytics that track individual users.

2. Biometric Data Notice

Certain jurisdictions (including Illinois under BIPA, Washington under MHMDA, and the EU under GDPR) classify facial geometry as biometric or special category data. We take this seriously:

  • Free tools: Facial landmarks are computed locally in your browser and never transmitted to us. No biometric data is collected.
  • Paid analysis: Your photo is temporarily transmitted (encrypted) to Google Gemini for AI analysis. We obtain your explicit consent before any paid analysis. Photos are deleted within 24 hours.
  • We do not sell, lease, or trade biometric data to any third party.
  • We do not use your facial data to train AI models.
  • You may request deletion of all your data at any time by contacting contact@thefacereport.com.

3. How We Use Your Information

  • To provide facial analysis results and recommendations
  • To generate your "optimized self" visualization (paid feature)
  • To manage your account and report credits
  • To store your analysis history so you can track progress
  • To respond to support requests

We do not use your data for advertising, profiling, or automated decision-making beyond the analysis you explicitly request.

4. Data Retention

  • Photos: Automatically deleted 24 hours after upload.
  • Analysis results: Stored for as long as your account is active. You can delete individual analyses or your entire account at any time.
  • Account data: Retained until you request deletion. Upon deletion, all associated data is permanently removed within 30 days.

5. Third-Party Services

We use the following third-party services:

  • Supabase — Authentication and database hosting (EU/US servers)
  • Google Gemini API — AI-powered facial analysis and image generation (paid tier uses the Paid API which does not use inputs for training)
  • Stripe — Payment processing
  • Vercel — Website hosting

Each service processes data according to their own privacy policies. We select services that meet high data protection standards.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Delete your data and account
  • Export your data in a portable format
  • Withdraw consent for biometric data processing at any time
  • Object to processing of your data

To exercise any of these rights, contact us at contact@thefacereport.com. We will respond within 30 days.

7. Children's Privacy

The Face Report is intended for users aged 18 and older. We do not knowingly collect data from anyone under 18. If we learn that we have collected data from a minor, we will delete it immediately.

8. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or a prominent notice on our website. The "Last updated" date at the top reflects the most recent revision.

9. Contact

For questions about this Privacy Policy or your data, contact us at:

contact@thefacereport.com