OFO Labs
Back to EyeGrade

Privacy Policy

EyeGrade

Privacy Policy for EyeGrade

Last Updated: March 1, 2026

1. Data Controller

The data controller responsible for processing personal data under GDPR and German BDSG is:

Faruk Orman 24105 Kiel, Germany Email: ofolabs@gmail.com

No Data Protection Officer is required as fewer than 20 persons engage in automated data processing.

2. Overview of Data Processing

Legitimate interest (Art. 6(1)(f)): We process technical data — specifically your IP address, present in hosting server logs and CDN requests — for website hosting, CDN delivery, and security.

Session-only data (camera frames processed in real time and immediately discarded, distance measurements, calibration data) never leaves your device's memory, is never stored or transmitted, and does not constitute personal data under GDPR. It is used solely for vision screening functionality.

EyeGrade is designed with privacy by default. No accounts, no registration, no analytics, no cookies, no localStorage, no sessionStorage, and no persistent browser storage of any kind. All processing happens entirely on your device. Data exists only in memory during your session and is lost when you close or reload the page.

3. Detailed Processing Activities

3.1 Camera Usage

EyeGrade requests access to your device's camera solely for the purpose of measuring the distance between your face and the screen using AI-based face landmark detection (see Section 5).

  • No images or video are recorded, stored, or transmitted.
  • Camera frames are processed in real time on your device using client-side AI and immediately discarded from memory.
  • The camera is used exclusively for iris position estimation to calculate screen distance.
  • Camera access is optional — a manual distance mode is available if you deny camera permission.

3.2 Session-Only Data

All data generated during a vision screening session exists only in memory:

  • Distance measurements: Calculated from camera frames, held in JavaScript memory, discarded on page unload
  • Calibration data: Screen calibration parameters held in memory only, lost on page reload
  • Test results and acuity scores: Passed via URL route parameters during the session, not persisted anywhere

No cookies, no localStorage, no sessionStorage, and no persistent browser storage of any kind is used. This has been verified against the application source code.

3.3 Hosting & CDN

The web application is served as static files via Netlify. Standard web hosting involves your browser sending HTTP requests that include your IP address. Netlify may log IP addresses and request metadata as part of normal CDN and hosting operations.

4. Third-Party Service Providers

Netlify (Netlify, Inc., USA) provides web hosting, CDN, and static asset delivery. Your IP address and request metadata are present in server logs.

MediaPipe Face Landmarker (Google LLC, USA) provides the AI face landmark detection model (v0.10.22, loaded from storage.googleapis.com). Your IP address is exposed during model file download.

JSDelivr (Prospect One, Poland, EU) provides MediaPipe WASM runtime CDN delivery. Your IP address is exposed during runtime file download.

No Data Processing Agreements (Art. 28 GDPR) are required for CDN asset downloads as only incidental IP address exposure occurs through standard HTTP requests. No personal data is transmitted to Google or JSDelivr — model files are downloaded to your browser and all inference runs locally.

5. AI Processing & Transparency (EU AI Act)

Per Regulation (EU) 2024/1689, Art. 50:

Face Landmark Detection uses Google's MediaPipe Face Landmarker (v0.10.22) to detect facial landmarks for iris position estimation and screen distance calculation. All processing occurs client-side in your browser. The model takes real-time camera frames as input and outputs 478 face landmark coordinates, which are used for distance calculation and immediately discarded.

Important Disclosures:

  • The AI model runs entirely in your browser. No camera data, face images, or landmark data is sent to Google or any external server.
  • The model file is downloaded once from Google's CDN (storage.googleapis.com) when you start the camera mode. Only your IP address is exposed during this download.
  • Face landmarks are used solely for iris position estimation to calculate the distance between you and your screen. No face recognition, identification, or biometric profiling occurs.
  • The AI output (distance measurement) is a utility function and does not constitute automated decision-making under Art. 22 GDPR.

6. International Data Transfers

Netlify (USA): We rely on Standard Contractual Clauses (SCCs) per Art. 46(2)(c) GDPR as adopted by Commission Implementing Decision (EU) 2021/914.

Google (USA — CDN model download only): Google is certified under the EU-US Data Privacy Framework (DPF) per the European Commission adequacy decision (Commission Implementing Decision (EU) 2023/1795) per Art. 45 GDPR. Only IP address is exposed during model file download.

JSDelivr (Poland — EU): Based in the European Union. No international transfer occurs.

Contact ofolabs@gmail.com for specific transfer safeguard details.

7. Cookies & Local Storage

Per § 25 German TTDSG and Art. 5(3) ePrivacy Directive:

EyeGrade uses no cookies, no localStorage, no sessionStorage, and no persistent browser storage of any kind. All data exists only in JavaScript memory during the active session and is lost when the page is closed or reloaded.

There is nothing to disclose under § 25 TTDSG as no information is stored on or accessed from the user's terminal equipment.

8. Provision of Personal Data

No personal data is required to use EyeGrade. The application functions fully without any account, registration, or personal information. The only data exposure (IP address via hosting and CDN requests) is a technical necessity of internet communication, not a voluntary provision.

9. Data Subject Rights

Under GDPR and BDSG, you have:

  • Right of access (Art. 15 GDPR, § 34 BDSG) — we do not store personal data; IP addresses are logged only by hosting providers per their retention policies
  • Right to rectification (Art. 16 GDPR) — not applicable as no personal data is stored by us
  • Right to erasure (Art. 17 GDPR, § 35 BDSG) — no persistent data exists to erase; all session data is automatically discarded
  • Right to restriction (Art. 18 GDPR) — not applicable as no personal data processing occurs by us
  • Right to data portability (Art. 20 GDPR) — not applicable as no personal data is stored by us
  • Right to object (Art. 21 GDPR, § 36 BDSG) — you may object to IP address logging by Netlify by not visiting the site; no other processing occurs
  • Right to withdraw consent (Art. 7(3) GDPR) — not applicable as no consent-based processing occurs

Contact ofolabs@gmail.com to exercise rights. Response within one month per Art. 12(3) GDPR.

10. Automated Decision-Making

No automated decision-making or profiling producing legal effects or significantly affecting you occurs per Art. 22 GDPR. The AI-based distance measurement is a utility function that estimates the physical distance between you and your screen. It does not produce decisions with legal or similarly significant effects.

11. Right to Lodge a Complaint

Lodge complaints with data protection supervisory authorities per Art. 77 GDPR. Competent authority for Kiel, Schleswig-Holstein:

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein (ULD) Holstenstraße 98, 24103 Kiel, Germany Website: https://www.datenschutzzentrum.de

You may also contact supervisory authorities in your EU member state of habitual residence, work, or alleged infringement location.

12. Data Retention

  • Session data (camera frames, distance measurements, calibration, test results): Exists only in memory during the active session. Automatically discarded when the page is closed or reloaded. No retention period applies.
  • Server-side data: We do not operate application servers. Netlify hosting logs may retain IP addresses per their retention policy.
  • AI model files: Cached by your browser per standard HTTP caching. You can clear this via your browser settings.

13. Medical Disclaimer

EyeGrade is not a medical device and is not intended to replace a professional eye examination. It has not been approved or certified by any medical regulatory authority (e.g., FDA, CE marking). Results are rough estimates only and should not be used for medical diagnosis, treatment decisions, or monitoring of eye conditions. Always consult a qualified eye care professional for comprehensive vision assessment and medical advice.

14. Children's Privacy

EyeGrade does not collect personal data from any user, including children. Per Art. 8 GDPR and § 25 TTDSG, no special protections are triggered as no personal data collection occurs. Use by minors should be supervised by an adult, particularly regarding camera access.

15. Security Measures

Appropriate technical and organizational measures per Art. 32 GDPR:

  • Privacy by design: no data collection, no accounts, no server-side processing of user data
  • All processing occurs client-side in the user's browser
  • HTTPS/TLS encryption for all network requests (hosting, CDN, model downloads)
  • No persistent storage — zero attack surface for stored data breaches
  • Camera access requires explicit browser permission and can be denied

16. Changes to This Policy

Privacy policy may update reflecting practice or legal changes. "Last updated" date indicates most recent revision. Changes are effective when posted. We encourage periodic review.

17. Contact

For privacy inquiries or exercising data subject rights:

Faruk Orman 24105 Kiel, Germany Email: ofolabs@gmail.com