Privacy Policy

VisiSocial is a personality analytics platform that analyzes your Facebook data to provide insights into your personality traits using the scientifically validated Big Five personality model. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

By connecting your Facebook account to VisiSocial, you explicitly authorize us to access and analyze specific data as outlined in this policy. We are committed to transparency and giving you full control over your data.

Information from Facebook

When you connect your Facebook account, we request the following permissions and collect:

• Basic profile information (name, email, profile picture, gender, birthday, age range)
• Location and hometown information
• Facebook posts and status updates you've published
• Pages you've liked and their categories
• Photos from your albums (we process up to 25 images)
• Languages you've listed on your profile
• Favorite teams and athletes (if available)

Data We Generate

Through analysis of your Facebook data, we generate and store:

• Text extracted from your photos using Tesseract OCR technology
• Personality scores based on the Big Five model (Openness, Conscientiousness, Extroversion, Agreeableness, Neuroticism)
• Sentiment analysis scores from your text content
• Word frequency analysis and common terms
• Interest categories derived from your likes and activities
• AI-generated personality descriptions created via OpenAI's API
• Engagement metrics and activity statistics

Technical Information

We automatically collect certain technical information:

• IP address and browser information
• Device type and operating system
• Access times and session duration
• Pages visited and features used
• Error logs and performance metrics

We use the collected information for the following specific purposes:

Personality Analysis

• Analyze your social media text using natural language processing (NLP) libraries
• Calculate personality trait scores based on the myPersonality dataset and Big Five model
• Extract and analyze text from photos using Tesseract.js OCR
• Generate personalized descriptions using OpenAI's GPT models
• Compare your patterns against validated psychological models

Platform Services

• Create and maintain your user account
• Display your personality dashboard with interactive visualizations
• Generate insights and recommendations based on your data
• Provide data export functionality (JSON, CSV, PDF formats)
• Track analysis progress and task completion

Technical Operations

• Authenticate your sessions using cookies and tokens
• Cache analysis results to improve performance
• Monitor system performance and error rates
• Maintain security through rate limiting and authentication checks
• Store data in MongoDB with encryption at rest

Third-Party Services

We share your data with the following service providers who help us operate VisiSocial:

• OpenAI: For generating AI-powered personality descriptions and insights using their GPT models
• MongoDB Atlas: For secure cloud database storage with encryption
• Facebook: Only for authentication via OAuth; we don't send your analyzed data back to Facebook
• Cloud Infrastructure Providers: For hosting and content delivery

We DO NOT:

• Sell your personal information to any third parties
• Share your personality analysis results with advertisers
• Use your data to train machine learning models that benefit others
• Provide your data to data brokers or aggregators
• Share your information for marketing purposes without explicit consent

Legal Requirements

We may disclose your information if required by law, court order, or governmental request, or to:

• Comply with legal obligations
• Protect our rights, property, or safety
• Prevent fraud or security threats
• Enforce our Terms of Service

You have the following rights regarding your personal data:

Access and Export

• View Your Data: Access all your stored data through your profile dashboard
• Export as JSON: Download your complete data in JSON format via /api/export/json
• Export as CSV: Get your basic profile data as CSV via /api/export/csv
• Export as PDF: Generate a comprehensive personality report as PDF
• Export as ZIP: Download all your data including analysis results in a single archive

Control and Modification

• Refresh Analysis: Re-run personality analysis with updated Facebook data anytime
• Update Settings: Modify your preferences, display name, and privacy settings
• Revoke Permissions: Disconnect Facebook integration and revoke data access
• Manage Sessions: View and terminate active sessions from the settings page

Deletion Rights

• Delete Account: Permanently delete your account and all associated data from Settings > Profile > Delete Account
• Clear Analysis Data: Remove only analysis results while keeping your account via /api/analysis/clear
• Immediate Effect: Deletion requests are processed immediately and cannot be undone

We implement multiple layers of security to protect your information:

Technical Safeguards

• Encryption: AES-256 encryption for data at rest in MongoDB, TLS 1.3 for data in transit
• Authentication: Secure Facebook OAuth 2.0 flow with token expiration
• Session Management: HTTP-only cookies, secure flags, session timeout after 24 hours
• API Security: Rate limiting (100 requests/hour standard, 10/hour analysis endpoints)
• Input Validation: DOMPurify sanitization to prevent XSS attacks
• Access Control: Role-based permissions and user-specific data isolation

Operational Security

• Regular security audits and vulnerability scanning
• Automatic token revocation on suspicious activity
• Server-side validation for all data operations
• Monitoring and logging of security events
• Backup systems with encryption

We use cookies and similar technologies for authentication and functionality:

Essential Cookies

• access_token: Stores your authentication token (30 days expiry)
• session_id: Maintains your login session
• loading_state_id: Tracks analysis task progress

Optional Cookies

• theme: Remembers your display preferences
• Analytics: If enabled, tracks usage patterns to improve the platform

See our Cookie Policy for detailed information about cookie management.

VisiSocial is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at [email protected], and we will delete such information.

For users between 13-18, we recommend parental guidance and supervision when using our services.

We retain your data for the following periods:

• Active Accounts: Data retained as long as your account is active
• Inactive Accounts: Accounts inactive for 2+ years may be deleted after notice
• Deleted Accounts: All personal data permanently deleted within 30 days
• Revoked Tokens: Expired authentication tokens deleted after 7 days
• Cached Data: Analysis cache expires after 1-7 days depending on type
• Logs: Security and error logs retained for 90 days
• Backups: Encrypted backups retained for 30 days for disaster recovery

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from your jurisdiction.

We ensure appropriate safeguards are in place:

• Standard Contractual Clauses for EU data transfers
• Encryption during international transmission
• Compliance with GDPR for European users
• Privacy Shield principles where applicable

We may update this Privacy Policy from time to time. When we make material changes:

• We'll update the "Last Updated" date at the top of this page
• We'll notify you via email at your registered address
• We'll display a notification on the platform
• For significant changes, we may require you to acknowledge the new policy

Your continued use of VisiSocial after changes constitutes acceptance of the updated Privacy Policy. If you don't agree with changes, you should discontinue use and delete your account.

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data: