Facepager Privacy Policy

Facepager helps you with using application programming interfaces (APIs) for scientific research purposes. We value user privacy and transparency in data processing. This Privacy Policy explains what data we process, the purposes for which we process it, and how users can request data deletion.

The application does not collect any data about you by itself. All requests are under your full control. No data is transferred between you and the developers of Facepager with the exception of an anonymized user token (see below). However, when you interact with an API data is transferred between the API server and your computer, i.e. between the platform provider and you. You are responsible for complying with legal laws and the terms of services of the specific provider. Furthermore, we presume that you are committed to the ethical standards of science. See the ethics reports of the Association of Internet Researchers and the ICC/ESOMAR code of conduct for further guidance.

What personal data is being processed by Facepager?

Facepager processes publicly available data retrieved from APIs, depending on your queries and the permissions granted to your API credentials. Facepager does not store, share, or transmit any of this data to third parties. All retrieved data is stored locally on your device and remains under your control.

Only the following two categories of personal data are processed:

• When you log in to one of the APIs that Facepager supports, your user ID on the platform (for example your Facebook ID) is encrypted and stored in anonymized form in our user list. No personal data can be derived from the anonymized user ID, not your name, not your mail adress, not your password. That means, after encrypting and anonymising the user ID, it is no personal data anymore.
• When you log in to one of the APIs that Facepager supports, an access token is generated by the API provider (for example by Facebook). This access token is stored locally in the user interface and can be used as long as you don't close the app.

What are the purposes of personal data processed by Facepager?

Facepager enables users to retrieve publicly available data from third-party APIs for research, analysis, or other permitted uses. The personal data processed by Facepager serves the following purposes:

• The encrypted and anonymized user ID is necessary to block users from using an API over Facepager, if an API provider demands this.
• The access token that is stored in the user interface is necessary to authorize requests to an API. By this, you use Facepager to request an API in your name.

Data deletion requests

For API credentials stored within the application, users can delete their access tokens directly from the user interface by clearing the respective input field.

Facepager does not store any personal data on its own servers. The user ID stored in the user list is fully anonymized, no personal data can be derived from this data. That means, by definition, this is no personal data falling under data deletion requests. If you have any questions regarding data deletion or need assistance, you can contact us at:

Jun. Prof. Dr. Jakob Jünger, Institute of Communication Science, Bispinghof 9-14, 48143 Münster, Germany, jakob.juenger@uni-muenster.de

Authorization data

Some APIs require authorization. A common procedure for authorization is called OAuth. This authorization procedure makes sure, that the developers of the application never need your username or password. Facepager supports you with this step. For example, when you click the login button for Facebook, you can get an access token. With this access token you authorize the application to interact with Facebook in your name. The access token is stored on your computer until you delete it from the user interface. It is only used for requests you explicitly start yourself.

In the course of open authorization no data is collected or stored by the developers of Facepager with the exception of an anonymized user token (see below). But the API provider may log your requests and provide us with aggregated usage statistics. These usage statistics consist of the number of logins and requests from different countries in several time intervals. That's all.

User list

To comply with the terms of the API providers, Facepager needs to track a list of users if you use the preregistered apps. We try to extremly minimize the transfered data. After you login to Facebook, YouTube or Twitter your ID is salted, encrypted and the resulting anonymized token is transfered to our user list. The user list is hosted on Amazon Web Services (Frankfurt data center, Germany). In practice, no user data can be derived from your token but we are able to block accounts from using Facepager with the preregistered app if the providers demand this - which hopefully never will be necessary.

Download statistics

When you download Facepager from GitHub, the terms of services and the pricacy policy of GitHub apply. Furthermore, at each start of Facepager preset files are downloaded from the GitHub repository. Please notice, that GitHub collects and provides aggregated download statistics.