Legal

Privacy Policy

Last updated: 2026-05-16

Quick Summary

EyoonAI never stores face images or video. Analysis happens in the end customer's browser, and we may retain aggregated geometry results and recommendations when session saving is enabled.

01

Introduction

This policy explains how EyoonAI (operated by Eyoon) collects, uses, and protects your data when you use our services. By accessing or using the platform, you agree to the practices described in this document.

02

Data We Collect

Account data (merchants): When creating a merchant account, we collect: full name, email address, and encrypted password (PBKDF2-SHA256). We never store passwords in plain text.

Catalog data: Frame details uploaded by merchants (name, price, dimensions, images).

Session data (end customers): We store quiz preferences (style, color, shape), aggregated geometric analysis results (ratios, not images), and recommended frames. We never store any facial images.

Usage data: Session count, timestamps, device type — for service improvement only.

03

What We Never Collect

  • Face images or video footage
  • Raw 468 landmark coordinates
  • Facial recognition or identity data
  • Biometric data of any kind

All face processing happens exclusively inside the end user's browser and is automatically discarded when the session closes.

04

How We Use Data

  • Powering and improving the frame recommendation service
  • Providing the merchant dashboard and analytics
  • Processing payments and invoices (via external payment provider)
  • Sending service updates and account notifications
  • Improving geometric matching algorithms
05

Third-Party Data Sharing

We do not sell or rent your data. We may share limited data with:

  • Cloud service providers (hosting and infrastructure)
  • Secure payment processors
  • Legal authorities when legally required
06

Data Retention

Merchant account data: retained for the duration of subscription + 90 days after cancellation.

End-customer sessions: retained for 90 days, then automatically deleted.

Catalog data: deleted upon merchant account cancellation at their request.

07

Your Rights

  • Access: Request a copy of your data
  • Rectification: Correct your personal data
  • Erasure: Request deletion of your account and data
  • Objection: Object to processing of your data
  • Portability: Receive your data in a machine-readable format

To exercise any of these rights, contact us at: [email protected]

08

Security

We use HTTPS encryption for all communications, PBKDF2-SHA256 for password hashing, and session tokens stored as HMAC-SHA256. We conduct regular security reviews.

09

Legal Compliance

We comply with the EU General Data Protection Regulation (GDPR) and applicable regional data protection laws. For compliance inquiries: [email protected]

10

Contact

For any privacy-related questions: