Privacy Policy
Template for review by qualified counsel before launch. It reflects our intended data practices; it is not legal advice.
What we process
When you use the tool, your photo is analysed in your browser to measure your face (landmarks are never uploaded on their own). To crop and validate the image, the photo is sent to our server. We measure and crop it — we never edit, retouch, or replace its content.
Facial images are sensitive data
A facial image can be treated as biometric or sensitive personal data under laws such as the EU/UK GDPR and certain US state laws (for example Illinois BIPA, Texas CUBI, and Washington's biometric law). We handle your photo accordingly and process it only to deliver the service you requested.
Retention — short and automatic
Uploaded and generated images, and the minimal order record, are automatically deleted within 24 hours. We do not keep a history and there is no account.
We never train on your photo
We do not use your photo to train, fine-tune, or improve any model, and we do not sell or share it. There is no separate opt-in because we simply do not do this.
Payments
Payment is handled by Stripe on their hosted checkout page. Your card details go to Stripe, not to us; we never see or store them.
Analytics
We use cookieless, privacy-first analytics. We record only anonymous usage events (for example, that a compliance check ran and whether it passed). These events never contain your photo, your face measurements, or any personal information, and we do not set advertising cookies.
Children
Parents and guardians may use the tool to produce a child's photo. The same short retention and no-training practices apply. We do not knowingly collect personal information from a child directly.
Contact
Questions about your data: support@compliantpassportphoto.com.
This is an independent service. It is not affiliated with, endorsed by, or connected to the U.S. Department of State or any government agency.