IDEMIA IDENTITY & SECURITY USA LLC.
CONSENT TO COLLECT BIOMETRIC AND SENSITIVE PERSONAL INFORMATION
IDEMIA Identity & Security USA LLC (“IDEMIA”) understands the importance of, and is committed to, protecting and securing the Biometric Information and Sensitive Personal Information of users. This Notice and Consent for the collection of Biometric Information and related Personal Information and Sensitive Personal Information (“Biometric Information Privacy Policy”) is to inform users (“Users” or “you”) about IDEMIA’s practices regarding the collection, processing, and use of biometric and personal data via environments owned and/or managed by IDEMIA (collectively, the “Services”). Please carefully review the details below prior to consenting to our collection and use of your information. By providing your consent you acknowledge that you have been provided with, and agree to be bound by, the IDEMIA Terms of Use and IDEMIA Digital Commercial Products Privacy Policy and the practices described in this statement.
This policy does not cover any websites or services of third parties, included embedded services such as state systems of record and/or law enforcement agencies’ databases. IDEMIA is not responsible for the privacy statements or other content on websites outside of the Services or the practices of any third parties with which a User interacts or which processes a User’s data in using the Services.
1. WHAT IS PERSONAL INFORMATION AND SENSITIVE PERSONAL INFORMATON?
In order to verify your identity and perform the Services, IDEMIA must collect your Personal Information, including certain Sensitive Personal Information. Some examples of Personal Information the IDEMIA may collect include:
Name
Website
Postal address
Email address
Phone number
Company
Data about the User’s use of the Services, including crash logs and usage statistics.
Data about the User’s device and its interaction with the Services.
Some examples of Sensitive Personal Information that may be collected include:
· Personal identification numbers, including social security, driver's license, passport, or state ID card numbers.
· Geolocation information at the time of verification.
IDEMIA will never sell, rent, or trade any of this information. For more information about the information collected by IDEMIA, as well as additional details about how this information may be processed, please see our Privacy Policy.
2. WHAT IS BIOMETRIC INFORMATION?
Biometric Information is a form of Personal Information related to biometric characteristics which may be used to identify you. Common examples include:
· Fingerprints
· Voiceprints
· Scans of a hand
· Facial geometry recognition
· Iris or retina recognition
As used in this policy, Biometric Information includes any "biometric identifiers" or "biometric information" as defined under applicable law.
3. RETENTION AND USE OF BIOMETRIC INFORMATION AND SENSITIVE PERSONAL INFORMATION
IDEMIA may retain and use the information collected through the Services in the following ways:
3.1 Retention of Biometric Information and Sensitive Personal Information:
IDEMIA keeps the data collected via the Services for the time necessary for the purposes set out in this policy in accordance with the contractual obligations and legal and regulatory requirements applicable to retention and limitation periods. IDEMIA normally deletes this information within 30 days, and only retains it longer when provided with explicit written permission from the customer.
For Users who are residents of Illinois, in accordance with Illinois state law, unless covered by an exception thereto, IDEMIA will retain Biometric Information only until the earlier of either: (a) The initial purpose for collecting or obtaining such Biometric Information has been satisfied; or (b) three (3) years following your last interaction with the Services.
3.2 Use of Biometric Information:
IDEMIA may use Biometric Information only as follows:
To verify your identity when you are using the Services;
To authenticate the use of your account and the Services for a transaction;
To prevent fraudulent uses of IDEMIA’s Services or the creation of multiple accounts;
To comply with legal obligations or comply with a request from law enforcement or government entities where not prohibited by law; and
As otherwise approved in writing by Customer.
IDEMIA reserves the right to:
disclose and/or transfer Biometric Information to a third party where permitted by law if it has reason to believe that disclosing is necessary to enforce our Terms of Use, to comply with legal obligations, or to cooperate with law enforcement agencies concerning conduct or activity that we reasonably believe may violate federal, state, or local law when required by a subpoena, warrant, or other court ordered legal action, and to prevent harm, loss or injury to others.
disclose and/or transfer PII or data to a third party in the event of a purchase, sale, lease, merger, or any other type of acquisition, disposal, transfer, conveyance or financing of all or any portion of IDEMIA, or of any of the business of IDEMIA, in order for Users to continue to receive the same products and services from the third party.
share information with affiliated entities, professional advisors, such as accountants and lawyers, who assist us in carrying out our business activities, and who shall be advised of their obligation to protect the personal data disclosed by IDEMIA and to comply with law and the general privacy principles described in this Statement.
share personal data with third parties engaged to assist IDEMIA in providing services to Users or to carry out one or more of the purposes described above. These service providers are prohibited from using your personal data for any purpose other than to provide this assistance and are contractually required to protect the personal data disclosed by IDEMIA and to comply with law and the general privacy principles described in this Statement.
IDEMIA will not sell, rent, or trade your Biometric Information. Your Biometric Information will only be used to verify your identity or as required for the prevention of fraud.
4. CAN I REQUEST TO HAVE MY BIOMETRIC INFORMATION DELETED?
Yes, you may direct IDEMIA to delete your Biometric Information. After successfully verifying your identity, you may request that your Biometric Information be deleted by submitting an email to privacy@us.IDEMIA.com or at General Counsel at 11951 Freedom Drive, Suite 1800, Reston, VA 20190.
IDEMIA will use commercially reasonable efforts to promptly understand and address the issue. IDEMIA reserves the right to retain this information as needed to comply with our legal obligations, including warrants, subpoenas or other court orders, or to help prevent fraud.
Pursuant to the California Consumer Privacy Act of 2018 (CCPA) and California Privacy Rights Act of 2020 (CPRA), residents of California are entitled to additional rights and disclosures regarding their Personal information, including Biometric Information. Please see our Notice to California Residents for additional details regarding these disclosures and how to exercise your rights.
5. CAN I REFUSE TO PROVIDE BIOMETRIC INFORMATION?
Users may refuse to consent to the collection of Biometric Information. However, if you refuse to consent to the collection and processing of your Biometric Information then you may not be able to access certain Services.
6. SECURITY OF BIOMETRIC INFORMATION AND OTHER DATA
IDEMIA ensures that data is processed in accordance with industry-standard security and confidentiality measures. To this end, IDEMIA has implemented appropriate technical and organizational measures against the loss, misuse, unauthorized access, alteration, and deletion of data. Please note that no data transmission or storage can be guaranteed to be 100% secure. To safeguard Biometric Information and Sensitive Personal Information, we implement security measures such as encryption, firewalls, and intrusion detection and prevention systems and our data storage systems are only accessible by a limited number of authorized persons.
7. CHANGES TO THIS STATEMENT
This Biometric Information Privacy Policy may be periodically updated to reflect new features or changes in our practices or our Services or in response to changes in applicable law. The latest version of the Biometric Information Privacy Policy and Privacy Statement can be found at www.na.idemia.com.
8. HOW TO CONTACT US
Questions or comments regarding this Biometric Information Privacy Policy should be directed to IDEMIA at privacy@us.IDEMIA.com. IDEMIA will use commercially reasonable efforts to promptly understand and address the issue.