Privacy Policy

This Privacy Policy explains how FaceSwapMe (“we”, “us”, “our”) collects, uses, and protects personal data when you visit face-swap.me or request our services.

1. Who is responsible for your data

Data Controller: FaceSwapMe
Location: Europe (EEA)
Contact email: contact@face-swap.me

If you are located in the European Economic Area (EEA), this Privacy Policy is intended to comply with the General Data Protection Regulation (GDPR).

2. What data we collect

Depending on how you use the website and services, we may collect the following categories of data:

A) Data you provide directly

• Contact information (such as email address and message content)

• Service request details (service type, instructions, preferences)

• Uploaded media files (images, videos, audio samples, text/scripts)

• Consent and authorization confirmations submitted through forms or checkboxes

B) Data collected automatically

• Basic technical data (IP address, browser type, device information, timestamps)

• Website usage data (pages visited, interactions)

• Cookies or analytics data, where applicable (see Cookie Policy)

3. Why we process your data

We process personal data for the following purposes:

• To receive, review, and deliver requested services

• To verify consent, authorization, and acceptable use

• To communicate with you regarding your request, delivery, or support

• To manage payments and billing where applicable

• To maintain website security and prevent abuse or fraud

• To comply with legal and regulatory obligations

4. Legal bases for processing (GDPR)

Where GDPR applies, we rely on one or more of the following legal bases:

• Performance of a contract – to provide the services you request

• Legitimate interests – including security, fraud prevention, and service integrity

• Consent – where explicitly provided (e.g. consent confirmations, cookies)

• Legal obligation – compliance with accounting, tax, or legal requirements

5. Images, video, and audio data

Uploaded images, videos, and audio files may contain personal data and, in some cases, biometric characteristics. We process such media only for the purpose of fulfilling your specific request.

We do not:

• Sell uploaded media

• Share uploaded media for advertising

• Use uploaded media to train public or third-party AI models

Processing is limited to what is necessary to deliver the requested service.

6. Consent and authorization requirements

You must have the legal right, authorization, or explicit consent to submit and request processing of any media that includes another person’s likeness or voice.

We reserve the right to:

• Request additional confirmation

• Refuse or discontinue service

• Delete submitted content

where consent or authorization is unclear, incomplete, or appears unlawful or deceptive.

Further details are outlined in our Consent & Acceptable Use Policy.

7. How long we keep data (retention)

We apply a strict data minimization approach.

• Uploaded media (images, videos, audio):
  All uploaded media is deleted after project delivery and completion. Media files are not retained for reuse, training, or any other purpose.
  In limited cases, temporary copies may be retained briefly to ensure successful delivery, after which they are permanently deleted.

• Request records and communications:
  Basic request details and communications may be retained for a limited period for customer support, dispute handling, and audit purposes.

• Billing and payment records:
  Retained as required by applicable tax and accounting laws.

8. Data sharing and processors

We share personal data only with trusted service providers necessary to operate the website and deliver services, such as:

• Website hosting and infrastructure providers

• Email and communication providers

• Payment processors

• Security and spam-prevention services

These providers process data only under our instructions and only to the extent necessary to perform their services.

9. International data transfers

Where personal data is processed outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or equivalent legal mechanisms, where required.

10. Security measures

We implement reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or alteration.
No system is completely secure, but access is limited to what is necessary for service delivery.

11. Your data protection rights

If you are located in the EEA or UK, you may have the right to:

• Access your personal data

• Request correction of inaccurate data

• Request deletion of your data

• Restrict or object to processing

• Request data portability (where applicable)

• Withdraw consent at any time (where processing is based on consent)

To exercise your rights, contact: contact@face-swap.me

12. Complaints

If you believe your data protection rights have been violated, you may lodge a complaint with your local data protection authority.
In Spain, this is the Agencia Española de Protección de Datos (AEPD).

13. Children

This website and services are not intended for children.
Do not submit personal data or media involving minors unless you are the parent or legal guardian and can provide appropriate authorization where required by law.

14. Changes to this policy

We may update this Privacy Policy from time to time. Any changes will be reflected by updating the “Last updated” date at the top of this page.

Last updated: 25th January 2026