Face Data Policy

1. Does the app collect face data?

Toonify allows users to upload an image which may contain a face. However, we do not extract, analyze, or identify any facial or biometric data from these images. The photos are processed purely as image files and are not used for any facial recognition or biometric functionality.

2. Why is face data used?

Face-containing images are used only to generate cartoon-style transformations as explicitly requested by the user. This is the sole purpose.
We do not use face data for:

• Identity verification
  
  

• User profiling or analytics
  
  

• Machine learning training
  
  

• Advertising
  
  

• Behavior tracking or targeting
  
  

3. Is face data retained?

No, face data is not retained.
Images are transmitted securely and processed in real time. Once processing is complete, both the original image and any intermediate data are immediately and permanently deleted from all systems — both our app and the third-party processor.

4. Why don't we store face data?

We do not retain face data because:

• It is not required for functionality beyond immediate processing
  
  

• It minimizes privacy risk and data liability
  
  

• It aligns with privacy-first principles and Apple’s data minimization requirements
  
  

5. How long does face data exist?

Face data exists in memory for no more than 30 seconds, strictly during processing.
This brief duration is required to:

• Transmit the image to the processing engine
  
  

• Generate the cartoon result
  
  

• Return the result to the user
  
  

Once the cartoon result is returned, the original image is instantly and irreversibly deleted from RAM. No disk storage or caching occurs.

6. Which third parties process face data?

We use a trusted third-party image processing API to generate the cartoon images.
This API:

• Is accessed only via encrypted HTTPS (TLS 1.2+)
  
  

• Receives no personal data other than the uploaded image
  
  

• Does not store, analyze, reuse, or log face data
  
  

• Does not involve sub-processors or additional data sharing
  
  

7. Why is face data shared with the third party?

Face data is transmitted to the third-party API exclusively to fulfill the cartoon generation request initiated by the user. No other purpose exists or is permitted. No face data is transmitted until the user manually uploads an image.

8. Do third parties store face data?

No. The third-party processor does not store any face data.

• All image data is processed in volatile memory (RAM)
  
  

• The image is automatically deleted after use
  
  

• Nothing is written to logs, disk, or persistent storage
  
  

• The provider does not use the image to train, test, or improve their models
  
  

This has been confirmed via the provider’s documentation and contract.

9. Does the app use facial recognition or biometrics?

No.
Toonify does not use:

• Facial recognition
  
  

• Face-matching technology
  
  

• Biometric data extraction
  
  

• Faceprints or identity detection
  
  

No biometric data is collected or inferred from uploaded images under any circumstances.

10. Do we share or sell face data?

Absolutely not.

• We do not share face data with any third parties beyond the trusted API provider used strictly for image generation
  
  

• We do not sell, rent, or monetize face data in any way
  
  

• We do not allow advertising SDKs or analytics tools to access user images
  
  

Uploaded images are used once and then destroyed.

11. Legal Basis and User Consent

• The cartoon feature is optional and initiated only after user action
  
  

• Photo access is requested via the system prompt
  
  

• No photo is uploaded without user consent
  
  

• Users may deny or revoke access at any time via device settings
  
  

12. Security Measures

We implement the following protections:

• All photos are sent via HTTPS encrypted transmission
  
  

• No local caching or saving to disk occurs
  
  

• We use in-memory processing only
  
  

• Third-party providers comply with GDPR, CCPA, and Apple policies
  
  

• No identifying metadata or personal information is sent with the image
  
  

13. Compliance

Toonify’s face data handling is fully compliant with:

• Apple’s App Store Review Guidelines (5.1.1 and 5.1.2)
  
  

• General Data Protection Regulation (GDPR)
  
  

• California Consumer Privacy Act (CCPA)
  
  

• Other applicable international and regional privacy laws
  
  

We continuously review our data practices to ensure user privacy and platform compliance.