This document explains what data FaceMirror collects, how it is processed, stored, and shared. The document complies with the principles of the EU General Data Protection Regulation (GDPR).
FaceMirror service operator. Contact email: contact@facemirror.online.
The service requires access to microphone and camera for up to 7 minutes during the test. The audio stream is sent to a speech recognition service and is not stored. The video stream is processed locally in your browser to extract facial expression parameters; video frames are never transmitted to the server.
Audio is converted to text by an external service. The resulting text is stored and used for behavioral pattern analysis and comparison with future sessions.
Numerical indicators are extracted from audio and video — speech rhythm, pauses, facial features, vocabulary characteristics. Stored and used to generate the report.
If you complete the questionnaire, your responses are stored and used together with behavioral metrics to calculate agreement between self-report and observed behavior.
Optional fields: age range, native language, previous-session FM code. Optional and does not block test completion.
Used for delivery of personal report and for letters in response to your requests (data access).
IP address, browser type, session timestamp are automatically recorded for diagnostics. Not associated with email unless necessary.
Audio recording after conversion to text. Video imagery is never transmitted to the server.
Speech transcription text, numerical metrics, questionnaire responses, demographic data (if provided), email, generated report.
Data is retained until you submit a deletion request. You have the right to request deletion at any time.
External service providers are used. Data shared with each is minimal and limited to the processing purpose.
Audio is transferred to Whisper API for conversion to text. Per OpenAI's public policy, API data is not used for model training and is deleted after processing.
Transcribed text and numerical metrics are transferred to Claude API. Per Anthropic's policy, API data is not retained and not used for model training.
Email and report content are transferred to Brevo for letter delivery.
Data is stored in a managed Supabase database. Access is protected by Row Level Security: read and write are possible only via the FaceMirror server-side application.
At any time you may:
Email requests are processed within 30 calendar days. Before processing, a confirmation email is sent to verify the address.
The service is not intended for individuals under 18. If you are a legal representative of a minor under 18 whose data was uploaded without your consent — contact the operator, data will be deleted.
The service is not intended for personal identification, medical diagnosis, psychological assessment, or decisions affecting user rights.
Material changes are published on this page with a new effective date. Continued use of the service after publication of changes constitutes acceptance of the new version.
Email for all questions: contact@facemirror.online
← Back to home