Privacy and AI: How Your Face Data is Kept Safe

Sharing your photo with an AI service can feel like a genuine privacy risk — and in many cases, it is. Here's a complete, transparent explanation of how the Animal Face Test handles your image, and why our architecture makes privacy a technical guarantee rather than a promise.

Why Facial Privacy Matters

Facial images are among the most sensitive categories of personal data. A face is biometrically unique — it can be used to identify you, track your movements, and be matched across databases without your knowledge. This is why how AI services handle facial images deserves serious scrutiny.

In recent years, multiple high-profile cases have emerged of AI applications collecting facial data from users and using it for purposes far beyond the original service — training commercial facial recognition systems, selling data to third parties, or retaining images indefinitely. These practices have led to regulatory action in multiple jurisdictions and significant erosion of user trust.

The Standard (Problematic) Approach

Most AI services that analyze photos work by uploading your image to a server, processing it in the cloud, and returning results. This approach has several privacy implications:

Your image is transmitted over the internet and received by a third-party server
The service operator can see your photo, store it, and use it in ways their terms of service permit
Data breaches can expose user images to malicious actors
Images may be retained for indefinite periods for model training or other purposes
Compliance with data regulations varies by company and jurisdiction

Our Approach: On-Device Processing

The Animal Face Test is built on a fundamentally different architecture. Using TensorFlow.js — Google's browser-based machine learning library — the AI model runs entirely within your browser. Here's what this means in practice:

No Server Upload

When you upload a photo, it is loaded directly into your browser's memory as a JavaScript object. It is never transmitted over the internet. Our servers never receive, process, or store your image in any form. This isn't a promise — it's a technical fact of how the system is architected.

Local Processing

The AI model itself is downloaded to your browser when you load the page (as a static file, like any other website resource). When you upload your photo, the model runs locally using your device's CPU or GPU through the browser's WebGL interface. All computation happens on your device.

Automatic Disposal

When you close or refresh the page, the image data stored in your browser's memory is automatically released. Nothing persists beyond your session. There is no local storage of your photo — it exists only in active memory during the analysis.

Technical Summary: Image → Your browser memory → Local AI analysis → Results displayed → Memory cleared. At no point does any external party receive or have access to your image.

What Data We Do Collect

We believe in complete transparency about data practices. Here's what we do collect:

Analytics data: Standard, anonymized page view and interaction data via Google Analytics (no personal identification, no photo data).
Performance data: Aggregated, anonymized usage metrics to help us improve the service.
Contact form submissions: If you voluntarily submit the contact form, we receive the information you enter (name, email, message).

We do not collect facial images, biometric data, or any data derived from facial analysis. We have no mechanism to do so, by design.

Why We Built It This Way

On-device AI is technically more complex to implement than server-side processing. We chose it deliberately because we believe that services involving biometric data have an ethical obligation to minimize data collection and maximize user control. The on-device architecture isn't a selling point — it's a fundamental design value.

It also produces a better user experience in several ways: results appear faster (no network round-trip), the service works without a reliable internet connection after initial load, and there's no risk of server-side latency or downtime affecting analysis speed.

Regulatory Context

Biometric data — including facial images and data derived from facial analysis — is classified as sensitive personal data under GDPR (Europe), CCPA (California), BIPA (Illinois), and many other privacy frameworks. By processing this data entirely on-device and never collecting it, the Animal Face Test sidesteps most of the regulatory complexity around biometric data while also doing the right thing for users.

How to Verify This Yourself

You don't have to take our word for it. You can verify the on-device processing architecture yourself:

Open your browser's developer tools (F12 in most browsers)
Navigate to the Network tab
Upload a photo and run the analysis
Observe that no network request containing your image data is made to any server

This kind of independent verification is something we actively encourage. Transparent, verifiable privacy practices are what build genuine trust.

Try the Privacy-First Face Test

Experience AI facial analysis that never sees your photo. 100% local, 100% private.

Take the Free Test →