Facemoji
Partial disclosure · High confidence
Discloses strong rights and concrete retention numbers, but it sells personal information for advertising (with an opt-out) and collects biometric face scans with no governance regime.
What the policy says
Sells data with opt-out
The California notice states that Facemoji sells Internet/Network and Other Information to third parties subject to a Do Not Sell or Share My Information link. The sale is disclosed and an opt-out exists, so it scores as a sale with opt-out rather than an adverse no-opt-out reservation.
Concrete retention window
The policy retains information for as long as needed plus thirty days thereafter before deletion or anonymization, and translation text is stored encrypted for only seven days before deletion. Both give real day-count anchors instead of vague language.
Biometric collection without governance
The CCPA table marks eBiometric Information such as face, eye or other biometric scans as collected, and the policy describes developing facial recognition technology. There is no biometric-specific consent, notice, or retention regime to govern it.
Generic security and vague breach handling
Security rests on commercially reasonable physical, administrative, and technological safeguards with no named standard such as TLS or AES-256, and breach notice is promised in accordance with applicable laws with no stated timeframe.
Details
- Category
- Image & video
- Modalities
- image
- Processes biometrics
- Yes
- Policy last updated
- 2025-11-11
- Region scored
- Global / US-default
- Assessed
- 2026-06-20
Every grade scores what an app discloses about its data governance in its public privacy policy and terms, not its verified behaviour. A strong policy can hide weak practice, and a thin policy can hide good practice.