Privacy policy

Last version: June 7,  2021

To download and print this privacy policy, click here.

 

We care about the privacy of our customers and our users. We understand that you would like to perform Identity Verification Services without concerns about privacy and online safety. We totally agree, so we are happy to share our privacy policy.

Who is responsible for your data?

Verifai (legal name: Verifai B.V.) is responsible for all personal data which you share with us. You can find our contact details below:

Our correspondence address: Waagstraat 1 unit A, 9712 JX, Groningen, The Netherlands

Our postal address:  PO Box 17604, 1001 JM, Amsterdam, The Netherlands

Our registration number at the Dutch Chamber of Commerce: 61324612

Our VAT number:  NL854297686B01

If you have questions considering your privacy and online safety, you can always contact our Data Protection Officer via: privacy@verifai.com 

Which personal information do we store and why?

Verifai collects personal information in different ways. Which data we collect depends on the actions you perform on our webpage and applications: whether you  are only visiting our webpage, whether you are reaching us via our contact form or chat, or whether you have registered for a (trial) account. Privacy and online safety form the DNA of our company, so we store only a minimal amount of data as required to provide you with the best service to verify identity. We are happy to share how we process your personal data below.

Online recognition

If you visit our webpage, we only store your IP-address and some basic functional and tracking cookies. This information helps us to provide you with the best service if you visit our webpage.

Account Information

You can always register yourself at the Verifai Dashboard (https://dashboard.verifai.com/) or via de Verifai Standalone app (available in the Google Play store or Apple App store). If you sign up for Verifai, we ask your first name, last name, e-mail, company name and the type of industry you are working in. We need this information to contact you, and send you personalized information. After choosing for Verifai, you need to provide us with more information about your company, so that we are able  to send you an invoice following legal requirements, including Address, Postalcode, City, Country, Website, Phone number, VAT Number, Your Invoice reference, and billing contacts.

We may send you updates about Verifai products, including updates, bug fixes or new features by email or by phone. We need your email address for these purposes. We also use your email (or the billing email filled-in in the dashboard) to send you invoices and information about your account, orders, and implementations. After using our products, we could also ask you to provide your opinion or write a review about our products and services, mostly by email and sometimes by phone. Your feedback helps us to improve all of our products and services!

Payment

Payment will always be performed in a secured payment environment. Furthermore, linking the payment to your personal invoice is always performed in a secured environment. In order to process your payment, we ask you to provide some payment details, such as (if applicable) name of the cardholder, credit card number, expiry date, and CVC. During credit card transactions, your credit card number, bearer’s name and CVC-code will be sent through a secure payment environment to the payment processor.

Verifai SDKs (non-hosted or hosted by our customer)

Verifai offers customers a wide variety of products that don’t require any hosting by Verifai. These include

Verifai never stores any personal information on your device (in the case that you are directly using our services)  or your clients device (in case your clients are using our services) and Verifai does never send any personal information to their own servers. Verifai only processes statistical data. This data includes the number of scans you used, the date and time you used Verifai, the document types you scanned, the issuing country of the scanned document and number of successes and failures. We will also collect some basic details about your device, such as the type of the operating system (OS), OS version and the type of device used. We use this information to improve our services and for logging and monitoring purposes. Thereby, this information allows us to send you an invoice based on successfully performed scans.

Verifai app

 The Verifai standalone app for iOS and Android is fully customizable and runs locally on your device. Next to the information stated above, the Verifai app has several additional privacy-related features. You are in charge if you would like to save identity reports with personal data of your customers on-device, and/or share them via email or any other mobile service to your own systems. Regarding the on-device storage: you can choose whether or not the Verifai app automatically erases all retrieved (and encrypted) personal data after a selected period of time and logging out and afterwards logging in from the app. It is also possible to manually delete personal data for every performed verification. During the verification process, the Verifai app can process all data that is available on the MRZ or the NFC chip of a document, including name(s), surname, date of birth, date of expiry, date of issue, document number, sex, and country specific data (e.g. Personal Number)., the Verifai app process images such as a copy of the document, including photo of the bearer, and data retrieved from the chip. Which data is exactly processed, depends on the settings, the scanned document and the hardware of the device (for example if the device has NFC or not).

As Verifai user, you are responsible and in charge of the personal data you retrieve by using the Verifai app, the storage of these data and the transportation of the data.

To facilitate privacy-proof ID verification, all of our products offer the possibility to mask privacy-sensitive data by setting a privacy filter. It is our customer’s responsibility to correctly set the privacy filter, so that any data that is not required to be processed by the user is being masked. Verifai does not take responsibility regarding correctly setting privacy filters, inaccuracy in the privacy filters or missing privacy filters.

Hosted-by-Verifai solutions (hosted by Verifai)

If you choose for the Verifai SaaS solutions, including the Verifai Web SDK SaaS, all personal data which is captured during the Identity Verification procedure will be processed on the Verifai servers. Verifai uses only ISO 27001 certified servers. Thereby, you are required to sign our ‘Data Processing Agreement’, which is an agreement between the Controller (You) and the Processor (Verifai). You can only use the Verifai SaaS solutions after signing the ‘Data Processing Agreement’. Based on your preference and use-case, Verifai processes all data which can be retrieved from an identification document, including but not limited to: name(s), surname, date of birth, place of birth, issuing authority, issuing date, expiry date, personal number, document number, signature, bearers foto, copy of the document and other personal data which is displayed on a document. We process this data for you as part of a Data Processing Agreement signed between you (customer) and Verifai. This is the only purpose for which we will process the data. More details can be found in the data processing agreement (DPA).

Customer service

We will try to provide you with the best service we can when you contact us. To ensure the best service, we will store all chat and email conversations you have with our customer service. In some cases, we will record phone calls for training purposes. If the phone call will be recorded, we will tell you in front of the phone conversation. Sometimes, we ask you to share some specific personal or company information during a chat, email or phone conversation. We will ask these questions to verify whether you are the person you say you are. Furthermore, we will make some side notes about our contact in order to know what we discussed if you will contact us again at a later moment.

When you or your company provide us contact details, such as a business card or other forms of expressions, Verifai could contact you to discuss future business opportunities and keep you updated about new Verifai products, releases, updates and bug fixes. It is always possible to unsubscribe you from these mailings by sending an email to info@verifai.com.

How do we handle your personal information?

Sharing personal data

Your privacy and online safety is important to us. We only share personal information with third parties if it is necessary to provide you with the best service. We never sell your personal information to third parties.

To ensure proper use of your personal information, we signed processing agreements with all third parties. This processing agreement contains all appointments about who is responsible for which data. We signed a data processing agreement (DPA) with the following parties:

Most sub-processors are established in the European Union. The General Data Protection Regulation (GDPR) will apply to these sub-processors. However, in some cases we are using sub-processors in the United States of America (USA). These parties were registered under the European-American ‘Privacy Shield’. We have made agreements with these sub-processor about the processing of personal data. We have laid down these agreements in Standard Contractual Clauses (SCC).

Storage of personal data

We store your personal information no longer than necessary. Would you like to change your privacy settings? Please visit the Verifai Dashboard (https://dashboard.verifai.com/), app settings or contact our team: info@verifai.com 

Security

Verifai products run on ISO 27001 certified servers deployed and based in the Netherlands. We follow strict information security policies. Our website is using a secure connection (recognizable by 'https' in the address field). Thereby, we are using the SSLcertificates. We are using the best and up-to-date security software on the market, to ensure that personal data is stored fully secure at our servers. Thereby, all Verifai products are designed in accordance with the ‘Privacy by Design’ and ‘Privacy by Default’ principles.

We control and monitor all our employees to ensure we know who has seen personal data. In this case, we know exactly what happened with your personal data. Thereby, all employees of Verifai have a declaration of good behavior (VOG). In this case, we are sure that your personal data will be processed safely.

Your rights

If you are a customer of Verifai, you can always send us a request to review, rectify, transmit, or to erase your personal information from our administration. Send this request to privacy@verifai.com. In this case we will always ask you to verify whether you are the person you say you are. This is to ensure that your personal information does not fall in the wrong hands.

Removing your personal data

Of course it is possible to remove your data from our system, when you prefer to do so. Please note that this implies that you will no longer be a customer of Verifai and hence will not be able to use our services anymore. This is because in this case we will erase all your data from our system and we will therefore not know anymore whether you have ever ordered Verifai products.

Questions or remarks

If you have questions or remarks regarding privacy or security, you can always reach us via privacy@verifai.com or by contacting us using the contact information above. For any other questions or complaints considering our privacy policy you can reach the Dutch Authority for Protection of Personal Data or the National Ombudsman.