Privacy Policy

01 // Data Collection Transparency

FaceTrue is built on the principle of 'Data Minimization'. We only collect specific information necessary to provide our services and ensure full transparency of the collection process.

• Account Identifiers: The Web3 wallet address or email used during login. This is the sole basis for identifying user permissions (Retention: Account lifetime).
• Search Images: Images uploaded by users for auditing purposes. These are used strictly for vector matching and never for any other purpose (Retention: 14 days).
• Anonymous Analytics: Non-personally identifiable usage data collected via Google Analytics to optimize product experience (Retention: Standard analytics cycle).

02 // Identity Audit Vectorization & Encryption

Our extraction process follows top-tier encryption standards, ensuring that raw data remains irrecoverable even if servers were compromised.

• AES-256 Encryption: All images and audit results in transit are protected by industry-grade encryption to prevent man-in-the-middle attacks.
• One-Way Hashing: Face vectors are calculated using irreversible algorithms. It is mathematically impossible to reconstruct the original image from vector features.
• Zero-Retention Analysis: All biometric extractions are performed in isolated RAM environments without creating persistent temporary copies.

03 // Audit Data Retention & Physical Purge

We enforce a strict and verifiable 'Minimum Retention' policy to protect your digital footprint from misuse.

• Audit Records: Search result reports and uploaded original images are retained on encrypted servers for 14 days for user review or download.
• Operational Logs: Timestamps of searches, account IDs, and billing info are kept for 365 days to meet financial and compliance audit requirements.
• Instant Zeroing: Upon manual deletion via the console, records are immediately marked. The system performs a physical overwrite every 24 hours to prevent data recovery.

04 // Third-Party Disclosure & Jurisdictional Sovereignty

FaceTrue maintains 100% independence from global data brokers and government agencies, committed to protecting user portrait sovereignty.

• No Commercialization: We do not, and will never, sell user behavior records or audit data to any third parties.
• Independent Infrastructure: We utilize private server clusters in privacy-friendly jurisdictions to avoid overreach from cross-border data laws.
• Confidentiality Obligations: Core team members with administrative access are bound by strict NDAs prohibiting the disclosure of any system activity.

05 // User Sovereignty & Security Assistance

We provide technical tools to help users further enhance their personal privacy while using our auditing platform.

• Anonymous Access: We recommend Web3 wallet login for full anonymity without requiring real names or sensitive registration info.
• Temporal De-correlation: Option to delay report generation to defend against statistical analysis targeting search patterns.
• VPN Friendly: Our network architecture is deeply optimized for tunneled access, ensuring stable transmission over private channels.

06 // Communication Privacy

All communications between FaceTrue support team and users are handled via encrypted channels.

• End-to-End Encryption: Support tickets and service records are encrypted at the database level.
• Decentralized Comms: We utilize secure, high-privacy messaging protocols for all sensitive service updates.
• Automatic Expiry: All communication logs are subject to a 90-day automatic expiration and erasure protocol.

07 // Infrastructure Hardening

Our server architecture is designed to withstand unauthorized penetration and data extraction attempts.

• Hardware Security Modules (HSM): Critical keys are stored in tamper-evident hardware.
• Zero-Trust Architecture: Internal access to audit nodes requires multi-layer cryptographic verification.
• Network Segmentation: Frontend systems are physically separated from back-end biometric processing clusters.

08 // Privacy Audit Protocols

FaceTrue conducts regular internal and third-party-verified privacy audits.

• Continuous Monitoring: Real-time auditing of system logs to detect any unauthorized data access patterns.
• Code Transparency: Critical privacy-related algorithms are subject to internal peer review to ensure no hidden data backdoors exist.
• Audit Integrity: Audit results are used to refine the FaceTrue Privacy Protocol and address emerging digital threats.

09 // Evolutionary Privacy Updates

As the digital landscape evolves, so does our privacy protocol.

• Proactive Updates: We adjust our security standards ahead of emerging AI-driven data extraction techniques.
• Historical Context: Significant protocol updates are archived to maintain a standard of transparency for all users.
• Community Feedback: We review bug bounty submissions and technical feedback from the security community to fortify our privacy protections.

10 // Contact Information

For any questions regarding this policy, please contact us at: contact@facetrue.app