Privacy Policy

Last updated: January 20, 2026

1. INTRODUCTION

Flixr application ("App," "Flixr," "we," "our") operates as an AI-driven platform for video creation and facial replacement technology. This document outlines our data handling practices.

By accessing or using Flixr, you acknowledge and agree to the practices described here. This policy integrates with our Terms of Use and may be revised as noted in the Updates section.

2. FACE DATA COLLECTION AND USE

What Face Data We Collect

We collect facial geometry, feature points, and face mapping data extracted from photos and videos you upload. This includes eye position, facial contours, and alignment measurements necessary to generate the requested face replacement effect.

Purpose of Collection

Face data is used exclusively to generate face replacement effects in your videos. We do not use it for facial recognition, biometric authentication, user identification, or any other purpose whatsoever.

FACE DATA IS NOT RETAINED: Face data is not retained after processing is complete. All facial analysis is performed during active processing only, and the data is permanently and irreversibly deleted upon completion of your request.

Temporary Storage Duration and Reason

During processing, face data is temporarily held on our secure, encrypted servers for a maximum of 24 hours. This period exists purely as a technical safeguard — to ensure your request completes successfully even in cases of network interruption, connectivity issues, or processing queue delays. Face data is never stored indefinitely. Under normal conditions, deletion occurs immediately upon processing completion; 24 hours is a hard upper limit, not a standard retention period.

Processing Workflow

When you upload media, our servers analyze facial features, create a temporary face map for blending, generate your requested effect, and immediately delete the face data upon completion, no later than 24 hours after your session ends.

Face Data Is NOT Shared with Third Parties

Face data is never shared with, sold to, transferred to, or made accessible by any third party for any reason whatsoever. This prohibition is absolute and has no exceptions.

Third-Party Retention of Face Data

None of our third-party service providers — including cloud infrastructure providers or analytics services — receive, access, or store face data. Our infrastructure partners (Google Cloud Platform and Amazon Web Services) transmit encrypted data packets to power our servers, but they have no access to raw facial analysis results or biometric data derived therefrom. Our analytics partners (Firebase, AppsFlyer, Amplitude, Google Analytics, Facebook App Events) receive only anonymized technical and behavioral data — no face data is ever passed to them.

No Biometric Identification

We do not store facial data as a biometric template and do not operate a facial recognition system. Face data is never used to identify or authenticate any user.

3. WHAT INFORMATION DO WE GATHER?

Direct User Input

- Photographs and videos (camera or device storage, permission required)

- Facial characteristic data extracted solely for face replacement processing (not used for biometric identification, deleted within 24 hours)

Automated Technical Data

- Interaction patterns (features accessed, duration)

- Network data (IP address, connection source)

- Device specifications (model, OS version, screen resolution)

- Mobile network details and device identifiers (IDFA)

- Regional, language, browser, battery, and timezone settings

Analytics platforms (Google Analytics, Facebook App Event Tracking) collect performance metrics for optimization. These services do not receive face data.

Digital Identifiers

Session cookies enable authentication and features. Additional tracking (pixels, beacons, local storage) supports operations.

4. OUR DATA PROCESSING PRACTICES

Primary Functionality

Visual media and facial data serve one purpose: generating face replacement effects. No biometric identification, authentication, or recognition occurs.

Processing Steps

Upload → server analysis → face data extraction → result integration → encrypted temporary storage → automatic deletion upon completion, no later than 24 hours after session end.

Additional Data Uses

Non-visual, non-facial data supports service delivery, performance optimization, technical troubleshooting, security, usage analysis, feature development, and personalized advertising.

5. INFORMATION DISCLOSURE

Face Data Protection

Face data is never shared with any external party under any circumstances and is permanently deleted after processing is complete.

Service Infrastructure

We operate on cloud infrastructure provided by Google Cloud Platform and Amazon Web Services. These providers support our server operations by handling encrypted data packets. They do not have access to raw facial analysis results or any biometric information derived from your content, and they do not receive, store, or process face data in any form.

Platform Integrations

The following third-party services are integrated into Flixr for analytics and performance monitoring. None of these services receive face data:

- Firebase (Google) — app infrastructure and stability monitoring. Does not receive face data.

- AppsFlyer — marketing attribution and campaign analytics. Does not receive face data.

- Amplitude — product analytics and user behavior insights. Does not receive face data.

- Google Analytics — traffic and usage analysis. Does not receive face data.

- Facebook App Event Tracking — engagement and event tracking. Does not receive face data.

These services operate under independent privacy policies. We encourage you to review them.

International Transfers

Cross-border data transfers use standard contractual clauses and appropriate legal safeguards in compliance with applicable data protection laws.

Legal Requirements

We may disclose information (excluding face data, which is deleted before any such obligation could arise) when legally required or to protect rights, users, or public welfare.

6. DATA STORAGE AND PROTECTION

Retention

- Face data: NOT retained after processing. Permanently deleted upon completion, maximum 24 hours. No exceptions.

- Visual media: Maximum 24 hours after session end, then deleted from our servers.

- Device content: Stored locally on your device until you delete it manually.

- Anonymized/aggregated data (excludes face data): Retained as operationally needed for analytical purposes. Cannot be used to identify you or reconstruct face data.

Security

Technical and organizational safeguards protect against unauthorized access, loss, or corruption. All third-party service providers operate under data protection and confidentiality agreements.

7. USER RIGHTS

Depending on jurisdiction, you may have the right to:

- Access & Portability: Request processed data in machine-readable format

- Correction: Amend inaccurate records

- Deletion: Request removal (note that face data is already automatically deleted within 24 hours of processing)

- Processing Restriction: Limit processing under legal circumstances

- Consent Withdrawal: Revoke consent at any time

- Objection: Challenge processing including marketing

8. RESPONSE TIMEFRAME

Requests answered within one month. Complex requests may be extended by up to two additional months with prior notification explaining the reason.

9. AGE REQUIREMENTS

Standard: 13+ years required. Users aged 13–17 require parental or guardian consent.

EU Residents: 16+ years required unless valid parental consent is obtained.

Underage data is immediately deleted upon discovery. If you are aware of underage use, please contact us immediately.

10. POLICY UPDATES

Revisions reflect legal or operational changes. In-app notifications will be provided. Continued use one week after notification constitutes acceptance unless explicit consent is required by applicable law.

11. CONTACT

Questions regarding this Privacy Policy or face data practices:

Email: dragan@tsvgrandmarketing.com

— End of Privacy Policy —

Page updated

Google Sites

Report abuse