EyeKeyboard · Privacy Policy

Effective Date: November 17, 2025

1. Overview

This Privacy Policy explains how EyeKeyboard (“we”, “our”, or “us”) handles personal information when you use the EyeKeyboard mobile application (the “App”). By using the App, you consent to the practices described here.

2. Information We Collect

2.1 Device and Usage Data

We may collect basic diagnostic information (such as crash logs, feature usage counts, and anonymized performance metrics) to improve the App. This data does not include any textual content you input.

2.2 Facial and Biometric Data (TrueDepth API Usage)

The App uses Apple's TrueDepth API through ARKit framework to enable eye-controlled text input. This is the core functionality that allows users with motor disabilities to type using only their eye movements.

What Data We Collect:

• Facial landmark positions: 3D coordinates of facial features (eyes, nose, mouth) to determine face orientation
• Gaze direction vectors: Direction vectors indicating where your eyes are looking
• Eye position coordinates: 3D position of left and right eyes in camera space
• Blink detection data: Boolean values indicating whether eyes are open or closed
• Face depth data: Depth information from the TrueDepth camera to accurately track facial position

What We Do NOT Collect:

• Face images or photographs
• Face mesh textures
• Persistent biometric identifiers
• Any personally identifiable facial characteristics

How We Use This Data:

All facial data collected through the TrueDepth API is used exclusively for the following accessibility purposes:

• Cursor positioning: Gaze direction vectors calculate on-screen cursor position
• Selection mechanism: Blink detection enables hands-free "clicking"
• Grid navigation: Eye position data enables navigation through the keyboard
• Dwell-time input: Sustained gaze on a target triggers text input

Data Processing and Storage:

All TrueDepth data processing is ephemeral and happens in real-time on your device:

• Face tracking data is processed frame-by-frame in memory only
• Data is used immediately to calculate cursor position and detect blinks
• Data is discarded immediately after each frame is processed
• No facial data is written to disk, UserDefaults, Keychain, or any persistent storage
• No facial images or depth maps are saved
• Camera frames never leave your device

Third-Party Sharing:

We do NOT share any TrueDepth data with third parties. No facial data is transmitted to external servers, analytics services, advertising networks, or used for any purpose other than providing the eye-tracking functionality described above.

User Control:

You maintain complete control over camera access. You may revoke camera permission at any time through iOS Settings, which will immediately stop all TrueDepth data collection. The App cannot function without camera access, as eye tracking is the core feature.

2.3 Text Input

Your typed or dictated text remains on your device unless you choose to export, copy, email, or otherwise share it. We do not transmit or store your input on our servers.

3. How We Use Information

• To operate core features, including gaze-based navigation and blink-based selection.
• To personalize sensitivity or voice settings that you choose to save.
• To provide in-app purchases, onboarding, and permission workflows.
• To comply with legal obligations and enforce our Terms of Use.

4. Data Storage and Security

Configuration values (e.g., sensitivity sliders, voice gender, purchase status) are stored via Apple’s secure storage APIs (UserDefaults or Keychain). Biometric data, camera frames, and real-time eye-tracking signals never leave your device and are not persisted after each interaction. We implement reasonable safeguards to protect all stored settings, but no method can guarantee total security.

5. Third-Party Services

The App relies on Apple frameworks such as ARKit (including TrueDepth API access), AVFoundation, and StoreKit. The TrueDepth API is accessed exclusively through Apple's ARKit framework and all facial data processing occurs on-device. These frameworks may collect diagnostic data per Apple's own privacy policies, which are outside of our control. We do not share any TrueDepth data with third-party services, analytics providers, or advertising networks. In-app purchases are processed by Apple, and any payment information is managed solely by Apple.

6. Children’s Privacy

The App is not directed to children under 13, and we do not knowingly collect personal data from children. If you believe a child has provided us with information, please contact us so we can delete it.

7. Data Retention

We retain only the minimal configuration data necessary to provide a consistent experience. You may reset onboarding, purchases, or sensitivity values at any time within the App, which clears the associated local storage.

Important: No facial or biometric data collected through the TrueDepth API is retained. All TrueDepth data (facial landmarks, gaze vectors, eye positions, blink states, depth information) is processed in real-time and immediately discarded. No camera frames, facial images, or biometric identifiers are stored on your device or transmitted to any servers.

8. Your Choices

• You may revoke camera permission at any time in iOS Settings.
• You may disable or uninstall the App to stop all data collection and processing.
• You may reset onboarding or purchase states through in-app controls.

9. International Users

If you access the App outside of your home country, you consent to the processing and storage of your information within that jurisdiction’s applicable laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted within the App or on our website, and the “Effective Date” will be updated accordingly. Continued use of the App after changes take effect constitutes acceptance of the updated Policy.

11. Contact

If you have questions about this Privacy Policy, please email soloxiao@outlook.com.