Privacy Policy

Last updated: February 10, 2026

1. Data controller

The data controller is Damian Domżalski Software Services, ul. Morska 7a/72, 84-240 Reda, Poland. Tax ID (NIP): 5882472990. Contact: [email protected]

2. What data we collect

  • Photo — uploaded for AI analysis. Stored securely to display on your results card. You may request its deletion at any time. We never share or sell your photos.
  • Analysis results — the generated results card (scores, text). Stored in our database.
  • Session identifier — an anonymous UUID stored in a browser cookie. Not linked to your identity.
  • Payment data — processed by a third-party payment provider (Stripe). We never see your card number.
  • Email — only if you voluntarily provide it. Never required.
  • Compatibility results — generated when comparing two scans, derived from existing scan results.
  • Roast results — additional AI analysis stored alongside your scan.
  • Fortune data — lucky number, day, and color generated from your analysis.

3. Legal basis for processing

We process your data on the following legal bases (Art. 6 GDPR):

  • Performance of a contract (Art. 6(1)(b)) — photo analysis, generating and storing results, payment processing.
  • Consent (Art. 6(1)(a)) — analytics cookies (Google Analytics), providing your email address.
  • Legitimate interest (Art. 6(1)(f)) — ensuring service security, rate limiting, preventing abuse.

4. How we use data

  • Your photo is sent to external AI providers to generate your analysis and caricature, then stored securely to display on your results card.
  • Analysis results are stored so you can return to your results card.
  • Analysis results and photos are stored indefinitely. You may request their deletion at any time by contacting us.
  • Payment data is used solely to process your transaction and is retained as required by tax law.
  • We do not sell, trade, or share your personal data with third parties for marketing purposes.
  • We plan to implement automatic deletion of unclaimed scan data after 12 months of inactivity. Until then, you may request deletion at any time.

5. Cookies & analytics

We use essential technical cookies:

  • visitor_id — anonymous session identifier (30 days)
  • locale — preferred language (1 year)
  • _session — session cookie (required for functionality)

We use Google Analytics for traffic analysis, loaded only after your consent (cookie banner). We do not use advertising cookies.

6. Third parties

To provide our service, we use external providers from the following categories:

  • AI service providers — photo analysis and image generation.
  • Payment processor — transaction processing. We never see your card details.
  • Analytics provider — anonymous website traffic analysis (after consent).

Your data may be processed outside the EEA (USA). Our providers implement safeguards compliant with GDPR.

7. Automated processing

We use artificial intelligence algorithms to analyze photos and generate results. This processing is purely for entertainment — it does not produce legal effects or significantly affect you. It does not constitute profiling under Art. 22 GDPR.

8. Your rights

You have the right to:

  • Access your data
  • Rectify your data
  • Delete your data
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent at any time (without affecting the lawfulness of processing before withdrawal)

Contact: [email protected]

You also have the right to lodge a complaint with the supervisory authority — the President of the Polish Data Protection Office (UODO, uodo.gov.pl).

9. Your rights (California residents)

If you are a California resident, you have the following rights under the CCPA:

  • Right to Know — you may request information about the categories and specific pieces of personal data we have collected about you.
  • Right to Delete — you may request that we delete your personal data.
  • Right to Opt-Out — we do not sell your personal data.
  • Right to Non-Discrimination — you will not be treated differently for exercising your rights.

Contact: [email protected]

10. Voluntary nature of data

  • Providing a photo is necessary to use the analysis service — we cannot generate results without it.
  • Providing your email is voluntary and used only for credit recovery or sending results.
  • Payment data is necessary to process a purchase transaction.

11. Security

We use HTTPS encryption, secure cookies, and rate limiting.

We use cookies for traffic analytics (Google Analytics). You can accept or decline. Privacy policy