identity360.global - Enterprise Biometric Identity Solutions

Introduction

identity360.global ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard biometric and personal information when you use our enterprise identity verification platform and services.

We adhere to the highest standards of data protection, including GDPR, CCPA, eIDAS, and industry-specific regulations. Our privacy-by-design approach ensures biometric data is processed securely with minimal retention and maximum transparency.

1. Information We Collect

1.1 Biometric Data

We process biometric information including facial images, fingerprints, palm prints, and iris scans exclusively for identity verification purposes. Biometric templates are created using one-way cryptographic hashing and cannot be reverse-engineered to recreate original images.

1.2 Identity Documents

We process government-issued identity documents (passports, driver's licenses, national IDs) to extract information such as name, date of birth, document number, and photograph for verification purposes.

1.3 Technical Data

We collect device information, IP addresses, browser types, operating systems, and interaction logs to ensure platform security, detect fraud, and improve service performance.

2. How We Use Your Information

Identity verification and authentication services
Fraud prevention and security monitoring
Compliance with KYC, AML, and regulatory requirements
Service improvement and platform optimization
Legal obligations and law enforcement cooperation

We never use biometric data for advertising, profiling, or purposes unrelated to identity verification without explicit consent.

3. Data Security & Storage

All biometric data is encrypted both in transit (TLS 1.3) and at rest (AES-256). We employ:

End-to-end encryption for data transmission
On-device biometric processing where possible
Minimal data retention (templates deleted after verification unless required by law)
ISO 27001 certified data centers with physical and logical access controls
Regular third-party security audits and penetration testing

4. Data Retention

Biometric templates are retained only as long as necessary for the purpose collected:

One-time verification: Templates deleted immediately after successful verification
Account-based services: Retained for account lifecycle or as required by regulatory obligations
Audit logs: Maintained for compliance periods (typically 5-7 years depending on jurisdiction)

You may request deletion of your biometric data at any time, subject to legal retention requirements.

5. Your Rights

Depending on your jurisdiction, you may have rights including:

Right to access your personal and biometric data
Right to rectification of inaccurate information
Right to deletion (right to be forgotten)
Right to data portability
Right to withdraw consent for data processing
Right to object to automated decision-making
Right to lodge complaints with supervisory authorities

To exercise these rights, contact our Data Protection Officer at privacy@identity360.global.

6. International Transfers

We operate globally and may transfer data across borders. All transfers comply with applicable data protection laws using mechanisms such as Standard Contractual Clauses (SCCs), adequacy decisions, or data localization as required by regional regulations.

7. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Significant changes will be communicated via email or prominent notice on our platform 30 days before taking effect.

8. Contact Information

For privacy-related inquiries or to exercise your rights:

Data Protection Officer: privacy@identity360.global
EU Representative: eu-representative@identity360.global
General Inquiries: legal@identity360.global

Privacy Policy

1.1 Biometric Data

1.2 Identity Documents

1.3 Technical Data

Questions About Our Privacy Practices?