Privacy Policy

Lexora is a research tool developed at the Faculty of Computing and Data Science. For questions about data handling, contact us via the project's GitHub repository.

We process limited gaze coordinate data under the legal basis of legitimate research interest (GDPR Article 6(1)(f)). This processing is necessary for conducting non-invasive dyslexia screening research. When you create an account, we also process the authentication data needed to sign you in and associate test attempts with the correct user.

When using webcam-based tracking, Lexora requests access to your device's camera. The video feed is processed entirely in your browserusing Google's MediaPipe FaceLandmarker (loaded as a WebAssembly module). Critical details:

• No video frames are transmitted to any server
• No video is recorded, stored, or cached
• No screenshots or images of the user are captured
• Only abstract iris position coordinates (numerical x, y values) are extracted
• Camera access ends immediately when you leave the test page

During a screening session, Lexora collects only the following:

• Gaze coordinates— normalized x, y values (0 to 1) representing where on the screen the user was looking, sampled at the device's refresh rate
• Timestamps — millisecond-precision timing for each gaze sample
• Screen dimensions — width and height of the display (for coordinate normalization)
• Test metadata — test mode, calibration mode, participant age, optional session label, and the ML outcome returned for the attempt
• Account identifiers — the signed-in user account needed to associate saved attempts with the correct session owner

Webcam video is not stored. The persisted research record is limited to gaze-derived data, test metadata, and the authenticated account required to manage saved attempts.

Lexora stores submitted attempts for authenticated users to support research workflows and follow-up review:

• Webcam video remains in browser memory and is not stored persistently
• Data is sent to the ML classification endpoint for real-time analysis
• The full ML response is saved in Azure Blob Storage under a derived JSON file
• Raw gaze JSON is saved only when the user explicitly opted in to raw-data storage during registration
• Attempt metadata and blob URLs are written to the application database for authenticated users

When using a Tobii eye tracker, gaze data is streamed from the local Tobii desktop service (localhost:28980) directly to the web application via WebSocket. This communication is entirely local — no data leaves your computer during tracking. The Tobii service runs as a local process and does not communicate with external servers.

Lexora uses the following third-party resources:

• MediaPipe FaceLandmarker— Google's face mesh model, loaded as a WebAssembly module from CDN. The model runs locally in your browser; no data is sent to Google.
• Lexora ML Service — Our classification endpoint receives only abstract gaze coordinates and derived features needed for risk assessment. The resulting ML response is stored alongside the attempt record for research follow-up.
• Azure Blob Storage — Persisted raw and derived JSON artifacts for saved attempts are stored in a single container using per-attempt paths.

• No video recordings, camera snapshots, or face images
• No phone numbers or unrelated profile data
• No browsing history or advertising identifiers
• No cookies for tracking or advertising purposes
• No analytics scripts, ad trackers, or third-party tracking
• No health records or medical data

Lexora is designed as a dyslexia screening tool that may be used with children. We take children's privacy especially seriously:

• Camera feed is processed locally and video is never stored
• Saved attempts store only the participant age, optional label, test metadata, and gaze-derived data needed for research workflows
• We recommend that a parent, guardian, or educator supervises any session involving a child
• Raw gaze JSON is stored only when the account owner explicitly opted in during registration

Under applicable data protection regulations (including GDPR), you have the right to:

• Access — request what account-linked attempt data we hold
• Erasure — request deletion of persisted attempts and linked artifacts
• Objection — you can stop the test at any time by closing the browser
• Portability — gaze data can be exported during the session if needed

Because Lexora stores authenticated attempt records for research workflows, these rights are handled through the project team rather than by automatic session expiry alone.

This tool is intended for research and screening purposes only and does not constitute a medical diagnosis. If you participate in a formal research study using Lexora, separate informed consent and data handling procedures will apply as governed by the relevant research ethics board.

We may update this privacy policy from time to time. Changes will be reflected on this page with an updated "Last updated" date. Continued use of Lexora after changes constitutes acceptance of the revised policy.

If you have questions about how Lexora handles your data, please reach out via the project's GitHub repository.