Privacy Policy
Effective: 6 May 2026 Last updated: 6 May 2026
Türkçe sürüm · Terms of Service · KVKK Aydınlatma Metni (TR)
The authoritative version of this document is the Turkish version. This English version is provided for convenience only. In case of conflict between the Turkish and the English text, the Turkish version prevails.
At a glance
- Your face photo never leaves your device. All image processing happens inside your browser. The photo is not uploaded to our servers, transmitted to any third party, or stored in any persistent form.
- No accounts, no sign-up, no passwords, no email collection. We do not ask for any personal identifier and we do not store any.
- When your browser opens the site, our hosting provider (Cloudflare) sees standard server logs (IP address, browser type, time, requested path) for a short period. These logs may pass through servers outside Türkiye.
- A face photo is special-category personal data (biometric data) under KVKK Art. 6. Even though processing happens entirely on your device, KVKK requires us to obtain your explicit consent (“açık rıza”) for that processing before it begins.
This summary is for ease of reading. The legally binding text is the detailed version below.
1. Scope
This Privacy Policy (“Policy”) explains, when you use the Faller web application (the “Service”), what personal data is processed, for what purpose, on what legal basis, for how long it is retained, which third-party processors are involved, where they are located, and what rights you have.
For the shorter, statutorily structured Turkish-language version (KVKK transparency notices are a Turkish-language legal instrument), see the KVKK Aydınlatma Metni. The two documents are consistent; the Aydınlatma Metni is structured per KVKK Article 10, while this Policy is more explanatory.
2. Data controller
Under the Turkish Personal Data Protection Law No. 6698 (“KVKK”), the data controller is, in the capacity of an individual:
- Name: Aram Danesh
- Status: Individual (Turkish: gerçek kişi). No sole proprietorship or limited company has been incorporated; should the controller’s status change, this Policy will be updated.
- Place of residence: Ankara, Türkiye
- Contact email: privacy@yuzfali.com
- Address for formal applications: see § 10 below.
3. Personal data we process
3.1 Your face photo (special-category personal data — biometric data)
| What | The face-photo file you select from your own device using the “FOTOĞRAF SEÇ” button (or paste from the clipboard). |
| Purpose | To generate, in your browser only, a deterministic editorial Turkish report (fizyonomi raporu) that interprets the geometry of your facial features. |
| How processed | The browser converts the file into a temporary in-memory object URL via URL.createObjectURL. The object is handed to a computer-vision library (MediaPipe Tasks Vision, loaded as Wasm from our own domain) and to an on-device face-parsing model (BiSeNet ResNet18, ONNX Runtime Web), both of which run entirely inside the same browser tab. The libraries extract numerical outputs (478 facial landmark coordinates, 52 expression scores between 0 and 1, and a small number of segmentation masks). These outputs are then passed through a deterministic pure function that builds the report. |
| Where it goes | Nowhere. The photo is never transmitted to our servers, to Cloudflare, to MediaPipe, to ONNX Runtime, or to any third party. There is no upload step, no fetch() of the image, no analytics beacon containing the image. The browser keeps the object in memory only. |
| Legal basis | Explicit consent (“açık rıza”) under KVKK Art. 6/2. Biometric data is special-category personal data; explicit consent is the lawful basis for its processing. Consent is collected via the in-product consent gate that surfaces before the analysis pipeline runs (see § 4). Without affirmative consent, the analysis does not start. |
| Retention | Zero persistent retention. The object exists in browser memory only while the tab is open and is released when you reset the analysis or close the tab. The object URL is revoked (URL.revokeObjectURL) when the user starts a new analysis. We do not persist the photo in any way. |
3.2 Facial landmarks, blendshape scores, and segmentation masks
| What | Numerical outputs of the on-device computer-vision models: 478 (x, y, z) landmark coordinates, 52 expression “blendshape” scores in the range 0..1, four binary mask arrays from the multiclass selfie segmenter, and ten binary mask arrays from the BiSeNet face-parsing model. |
| Purpose | Input to the in-browser pure functions that build the report. |
| How processed | Held in JavaScript variables for the duration of one analysis. Used only as input to the report-building pure function. |
| Where it goes | Nowhere. Stays on the device. |
| Legal basis | Same as the underlying photo: KVKK Art. 6/2 explicit consent. The numerical derivatives of the photo retain its biometric-data character. |
| Retention | While the browser tab is open. |
3.3 The generated report
| What | A single-page Turkish editorial report rendered in the DOM of your browser, made of text and a stylised line portrait. |
| Purpose | The product itself. To be read by you. |
| How processed | Displayed only in your browser. You may download it as a PNG via the “PNG İNDİR” button; the library that produces the PNG (html-to-image) renders it in-browser to a base64 data URI and triggers a same-origin download. Nothing is sent to any server. |
| Retention | Visible while the browser tab is open; discarded when the tab closes. If you downloaded the PNG, that copy lives on your device under your control. |
3.4 Server / access logs (Cloudflare)
| What | When your browser opens the Service, the request is served via Cloudflare, which records standard HTTP request metadata: your IP address, User-Agent, the requested path, HTTP referrer (if any), timestamp, response size, and a short-lived __cf_bm cookie for Cloudflare bot management. |
| Purpose | Cloudflare uses these logs to filter malicious traffic, protect against vulnerabilities, balance load, and serve the Service. The controller, through the Cloudflare dashboard, can see aggregate traffic statistics. The controller does not separately copy or persistently store your IP address. |
| Legal basis | KVKK Art. 5/2-(c) — directly related to the establishment or performance of a contract (serving the Service); and KVKK Art. 5/2-(f) — the legitimate interests of the data controller (mitigating malicious traffic), provided that this does not harm your fundamental rights and freedoms. |
| Retention | Per Cloudflare’s own retention policy (typically a few days to a few months, depending on product). The controller does not maintain an independent system that retains these logs long-term. |
3.5 Email correspondence (only if you write to us)
| What | The email address and message content you send to the contact address listed in § 2 / § 8, only if you choose to write. |
| Purpose | To respond to your enquiry, complaint, or KVKK Art. 11 application. |
| Legal basis | KVKK Art. 5/2-(c) (necessary for performance of the implicit contract created by your enquiry); for KVKK Art. 11 applications, KVKK Art. 5/2-(a) (expressly provided in law). |
| Retention | The reasonable period required by the purpose of the correspondence; in any event no longer than five (5) years (with reference to the limitation period under the Turkish Code of Obligations). |
3.6 Advertising — Google AdSense
The Service integrates Google AdSense for the purpose of displaying contextual or personalized advertisements. AdSense is active as of the “Effective” date of this Policy.
| Provider | Google Ireland Limited (operating AdSense, with onward processing by Google LLC and other Google group entities) |
| Country of operation | Servers and onward processing in the United States and other jurisdictions outside Türkiye. |
| Data processed | IP address, User-Agent, viewport and device fingerprint signals, cookies (such as __gads, __gpi, IDE, NID), interaction events with ad slots, the URL path being viewed. AdSense is not given access to your face photo or to any of the on-device computer-vision outputs, and there is no code path that could transmit them. |
| Purpose | Serving and measuring advertisements. |
| Legal basis | KVKK Art. 5/1 — explicit consent. Consent is collected through Google’s official consent management platform (Funding Choices CMP), which loads on first visit. If you reject advertising cookies, AdSense will not set personalized advertising cookies (non-personalized ads may be shown instead, or no ads). |
| Cross-border transfer | Yes, transfer to the United States. The transfer basis is the appropriate-safeguards route under KVKK Art. 9 (post-2024 amendments effective 1 September 2024) — specifically, a Standard Contract executed with Google and notified to the Personal Data Protection Authority within the statutory five-business-day window, supplemented by the explicit consent collected through the Funding Choices CMP. |
| Status | Live. |
3.7 Analytics
The Service does not, as of the “Last updated” date of this Policy, integrate Google Analytics, Mixpanel, Amplitude, Segment, Plausible, Fathom, Cloudflare Web Analytics, or any other dedicated analytics product. There is no client-side analytics script in the codebase. If this changes, this Policy will be updated and the cookie banner will offer a separate consent option for analytics.
3.8 Crash and error tracking
The Service does not integrate Sentry, Bugsnag, Datadog RUM, or any other crash/error tracking provider. There is no client-side error-reporting beacon in the codebase.
4. Consent for biometric data processing
KVKK Art. 6 requires explicit consent (açık rıza) for processing special-category personal data. Faller obtains this consent in the product through a dedicated consent gate that surfaces before the on-device analysis pipeline runs. The gate displays:
- a plain-Turkish summary of what is being processed (your face photo as biometric data),
- the architectural fact that the photo never leaves your device,
- the requirement, regardless of architecture, that you give explicit consent under KVKK Art. 6,
- a single explicit consent checkbox that must be ticked,
- a confirm button that is disabled until the checkbox is ticked,
- a cancel control that returns you to the upload screen with the photo cleared from memory,
- a notice that uploading photos of persons under 18, or of another person without their prior consent, is prohibited.
You may withdraw your consent at any time by ceasing to use the Service or by closing the tab. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal. Because the controller does not retain your photo, withdrawal of consent has no server-side effect to enact — there is nothing on our side to delete.
The fact of consent is recorded only in your browser’s session memory; it is not transmitted to or persisted on any server, because doing so would itself be a transfer of personal data and would defeat the architectural posture.
5. Third-party processors and their country of operation
| Provider | Role | Data they process | Country of operation | Status |
|---|---|---|---|---|
| Cloudflare, Inc. | Hosting + CDN + DDoS protection | HTTP request metadata (IP address, User-Agent, time, path, referrer), __cf_bm cookie | United States (incorporation), with data processed across Cloudflare’s global edge network including nodes outside Türkiye. | Live. Cloudflare Privacy Policy, Cloudflare DPA. |
| Google Ireland Ltd. / Google LLC (AdSense) | Advertising serving + measurement + consent management (Funding Choices CMP) | IP, User-Agent, device fingerprint signals, ad-interaction events, AdSense cookies, page URL | United States and other Google-owned jurisdictions outside Türkiye. | Live. Google AdSense Privacy & Terms, Google Privacy Policy. |
The Service’s web fonts (the @fontsource/playfair-display and @fontsource/dm-sans packages) and its MediaPipe and ONNX Runtime Wasm + model assets are served from our own domain. No Google Fonts CDN, MediaPipe CDN, ONNX CDN, or other third-party CDN is contacted at runtime.
6. International (cross-border) transfers
Under KVKK Art. 9 (as amended by Law No. 7499, in force from 1 June 2024, with a transition period to 1 September 2024), cross-border transfers must rely, in the following hierarchy, on (i) an adequacy decision by the Personal Data Protection Authority, (ii) appropriate safeguards (Standard Contract, Binding Corporate Rules, or written undertaking), or (iii) exceptional grounds, of which explicit consent is one but no longer the routine basis.
Faller’s transfer posture:
- Your face photo, landmarks, blendshape scores, and segmentation masks are never transferred abroad, because they never leave your device. There is no cross-border transfer to assess for these data.
- The HTTP request metadata generated when your browser opens the Service passes through Cloudflare’s global edge network. Cloudflare Inc. is incorporated in the United States, and may process data on edge servers located in various jurisdictions. Under KVKK, this constitutes a cross-border transfer.
- Legal basis for the Cloudflare transfer: As of the “Last updated” date of this Policy, no adequacy decision is in place for the United States. The transfer is performed under the appropriate-safeguards route of KVKK Art. 9 — specifically, the Standard Contract published by the Personal Data Protection Authority, executed with Cloudflare via the Cloudflare Data Processing Addendum (DPA), with the controller responsible for filing the statutory notification with the Authority within five business days of execution.
- Legal basis for the Google AdSense transfer: Same Standard Contract route under KVKK Art. 9, plus your explicit consent collected through Google’s Funding Choices CMP before personalized advertising cookies are set. AdSense is live as of the Effective date of this Policy; the AdSense loader script is present on the home page and on legal pages so the CMP can render and consent can be collected.
7. Cookies and similar technologies
Faller, as a first-party origin, does not deliberately set or read any cookie, localStorage, sessionStorage, or IndexedDB entry. The temporary memory object that the browser allocates via URL.createObjectURL for your face photo is not a cookie; it does not transmit anything to the network and is released by the browser when the tab is closed.
| Cookie / item | Set by | Purpose | Lifetime |
|---|---|---|---|
__cf_bm | Cloudflare | Distinguishes bot traffic from human traffic; security only, not advertising | ~30 minutes |
cf_clearance | Cloudflare | Temporary post-challenge pass; only set if a Cloudflare challenge has been triggered for your IP | ~30 days, only if triggered |
__gads, __gpi, IDE, NID and similar | Google AdSense | Ad serving, frequency capping, measurement; personalization only with consent | Per Google’s cookie policy; set only after affirmative consent through the Funding Choices CMP |
| Funding Choices CMP local-storage key | Remembers your consent choice (consent management) | Per Google’s CMP policy |
A consent banner provided by Google’s Funding Choices CMP is shown on first visit to inform you of advertising cookies, allow you to reject personalized advertising, and (per Google’s CMP) re-open from inside the page so you can change your choice at any time.
8. Retention
| Data category | Retention |
|---|---|
| Face photo | While the browser tab is open. Released as soon as you start a new analysis or close the tab. Zero server-side retention. |
| Landmarks, blendshape scores, segmentation masks | While the browser tab is open. |
| Generated report (DOM) | While the browser tab is open. If you exported the PNG, that copy is on your device under your control. |
| Cloudflare request logs | Per Cloudflare’s own retention policy. |
__cf_bm cookie | ~30 minutes. |
| Email correspondence | The reasonable period required by the purpose; up to 5 years. |
9. Your rights
Under KVKK Art. 11 (and other applicable law), as a data subject you have the right to:
- learn whether your personal data is being processed,
- request information about the processing if it is taking place,
- learn the purpose of the processing and whether your data is used in line with that purpose,
- know the third parties (in Türkiye or abroad) to whom your data has been transferred,
- request correction of inaccurate or incomplete data,
- request, under the conditions set out in KVKK Art. 7, deletion or destruction of your data,
- require that any correction or deletion is communicated to third parties to whom data was transferred,
- object to outcomes that may arise to your detriment from the analysis of your data exclusively by automated means,
- claim compensation for damages suffered as a result of unlawful processing.
In addition, you may at any time object to processing by withdrawing your consent and ceasing to use the Service. Because the controller does not retain identifying data about you, an “access” or “delete” request will, in most cases, have no record on our side to act on; even so, your request will be processed for any correspondence we are holding under § 3.5.
10. How to exercise your rights
To exercise the rights listed in § 9, write to privacy@yuzfali.com with the following information so that your application can be processed under the Communiqué on the Procedures and Principles for Application to the Data Controller:
- your full name,
- your Turkish ID number (or, for foreign nationals, passport number and nationality),
- your address (for formal correspondence),
- if available, an email, telephone, or fax number for return contact,
- a clear and unambiguous statement of your request,
- any documents that support your request.
Your application will be answered, free of charge unless an additional cost is incurred, within thirty (30) days of receipt, in line with KVKK Art. 13/2. If the response is unsatisfactory or no response is given within thirty days, you have the right to lodge a complaint with the Personal Data Protection Authority (KVK Kurumu) under KVKK Art. 14.
11. Security
- Faller is a static web application; no backend database, no user session, no password, no auth.
- All traffic is served over HTTPS (TLS).
- Because the face photo and its derivatives never leave your browser, the architectural surface for a data breach involving biometric data is kept close to zero.
- The controller takes reasonable security measures while running the Service, but it is not possible to guarantee that internet communication is fully secure.
12. Children
Faller is not intended for persons under 18. Uploading a photo of a person under 18 is prohibited. If you discover or notify us that data of a person under 18 is being processed, we will stop the processing as soon as possible.
13. Changes to this Policy
We may update this Policy from time to time. The updated text takes effect from the moment it is published, with the “Last updated” date shown at the top. We will make reasonable efforts to highlight material changes inside the Service.
14. Contact
- Email: privacy@yuzfali.com
- Data controller: Aram Danesh, individual (gerçek kişi)
To file a formal KVKK request, follow the application route in § 10 above and the KVKK Aydınlatma Metni.