Privacy Policy

(Last updated: April 29, 2025)

1. Who We Are

Welcome to How Normal Am I? (hownormalami.net). We provide an in-browser AI face analysis experience that lets you explore how an algorithm might “rate” your facial features—purely for entertainment and educational purposes.

2. Guiding Principles

  1. Local-First Processing – All AI calculations run inside your browser via WebAssembly & TensorFlow.js.
  2. Zero Photo Uploads – Your image never leaves your device unless you explicitly choose to share a screenshot or opt-in to the anonymous statistics program.
  3. No Hidden Tracking – We do not use third-party cookies, fingerprinting, or ad pixels.

3. What Data We (Don’t) Collect

Data TypeCollected by Default?PurposeStored on Our Servers?
Camera Stream / Uploaded PhotoNo – processed locally onlyGenerate beauty scoreNever
Browser & Device Info (User-Agent)Yes (standard web logs)Prevent fraud & basic securityDeleted after 30 days
Optional Anonymous ScoreOpt-inAggregate “normality” statisticsYes – numeric value only, no image
Email (newsletter form)Opt-inSend product updatesStored securely with MailerLite

Important: If you refuse camera permission, the analysis tool will not run—no fallback uploads occur.

4. Cookies & Analytics

  • Strictly Necessary Cookies: a single first-party cookie (hnai_session) to remember your language preference.
  • No Google Analytics or similar: we use Plausible in self-hosted mode, configured without cookies or personally identifiable data.

5. Sharing & Disclosure

We do not sell, rent, or trade any personal data. Anonymous averages (e.g., mean beauty score by country) may appear in blog posts or academic papers, but they cannot be linked back to you.

6. Children’s Privacy

How Normal Am I? is not directed at children under 13. If you are a parent or guardian and believe your child has provided personal data, contact us at [email protected] and we will delete it immediately.

7. Security Measures

  • All pages are served over HTTPS.
  • Aggregate databases are encrypted at rest (AES-256).
  • Access to servers is restricted via SSH keys and 2-factor authentication.

8. Your Rights (GDPR / CCPA / PIPL)

You may:

  • Request any data we hold about you (should be none beyond the optional score/e-mail).
  • Ask us to correct or delete that data.
  • Withdraw consent at any time (unsubscribe link in every email).

Send requests to [email protected]; we reply within 30 days.

9. Changes to This Policy

We may update this Privacy Policy to reflect new features or legal requirements. Material changes will be announced on the homepage and, if you subscribed, via email. Continued use after the effective date constitutes acceptance.

10. Contact Us

Email: [email protected]