IDEMIA IDENTITY & SECURITY USA LLC 

Privacy Statement

This Privacy Statement applies to the Idemia Identity & Security USA LLC (“IDEMIA”) enrollment services and mobile, web-based and cloud-hosted commercial product applications (the “Services”) and governs the collection and use of data in connection with the Services. IDEMIA is committed to protecting the personally identifiable information (“PII”) and other non-PII data (“Data”) of its customers and end-users (collectively “Users”), as well as that of the credential and ID holders (“Individuals”) that is used in connection with the Services. It does not apply to any information an entity collects for its own use. Use of the Services constitutes agreement and consent to the practices described in this statement. 

The Services provide a way to enroll users and/or interact with third-party websites or applications (“Websites”). However, this policy does not cover any Websites of third parties. IDEMIA encourages Users to review the privacy statements of other Websites that the User interacts with when using the Services to understand how those Websites collect, use, and share personal information and other data. IDEMIA is not responsible for the privacy statements or other content on Websites outside of the Services or the practices of any third-parties with which a User interacts in using the Services. 

1. PII AND DATA COLLECTED 

IDEMIA Services may collect PII and Data of Users, which may include the following: 

  • Data about a User’s use of the Services, including crash logs and usage statistics.

IDEMIA Services may collect PII and Data of Individuals whose credentials are being verified, which may include the following: 

  • PII from the physical ID or mobile ID of such Individual including name, address, signatures, date of birth, and related information, as well as biometric information (e.g., images provided for purposes of credential issuance).

2. RETENTION AND USE OF PII AND DATA 

IDEMIA DOES NOT SELL USERS’ PII OR DATA TO THIRD PARTIES.

IDEMIA may use the information collected through the Services in the following way: 

2.1 Retention of PII  

PII necessary or useful in performing Services will not be retained after the identity credential verification is completed.

Data that does not contain PII or has been anonymized will be retained indefinitely to test and improve the Services and related products, 

2.2 Use of PII and Data 

IDEMIA may use Data and PII to: 

  • Perform Services;

  • Monitor and improve quality of Services;

  • Improve or develop functionality;

  • Comply with or enforce legal requirements and policies, including without limitation this Privacy Statement and IDEMIA’s Terms of Use.

3. SECURITY OF PII 

IDEMIA secures PII by encrypting PII data at rest and in transit. All PII is protected on computer servers in a controlled, secure environment protected from unauthorized access. When PII is transmitted, it is protected through the use of encryption, such as Transport Layer Security (TLS) or Secure Sockets Layer (SSL) protocols to protect against unintended recipients obtaining access to PII. 

4. HOW TO CONTACT US 

Questions or comments regarding this Privacy Statement should be directed to IDEMIA at privacy@IDEMIA.com. IDEMIA will use commercially reasonable efforts to promptly understand and address the issue. 

5. HOW TO OPT OUT 

Users may opt out of the collection of PII or Data by IDEMIA by canceling the Services and uninstalling the applications from all User devices. 

6. CHANGES TO THIS STATEMENT 

IDEMIA will occasionally update this Privacy Statement. The latest version of the Privacy Statement can be found at www.IDEMIA.com. Downloading or using the Services after any changes to this Privacy Statement constitutes consent to the revised Privacy Statement.