Privacy Policy

v. 1.21

Identomat Privacy Policy


Date: May 4, 2020

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You. Your consent to this Privacy Policy followed by Your submission of Your information represents Your agreement to that transfer of Your Personal Data to Identomat.

We use Your Personal Data to provide and improve the Service as well as to provide you with the opportunity to test the demo version of Identomat software. The use of personal data under the present Privacy Policy is in accordance with the applicable legislation and the principles set out therein.

By using the Website, You agree to the collection and use of the Personal Data in accordance with this Privacy Policy. This Privacy Policy represents integral part of the Terms and Conditions of the  Website and shall be read and understood in light of those Terms and Conditions.

For the purposes of this Privacy Policy:

  • Personal Data shall mean any information that relates to an identified or identifiable individual;
  • Biometric data shall mean a photo image or video recording of your face.

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information we request, includes:

  • First name and last name;
  • Identification information and other background verification data such as name, surname, personal identity code, date of birth, address, nationality, gender, passport or ID card copy (or any other document, that contains personal data and is accepted by the Identomat software), title, visually scanned or photographed image or video recording of your face or image that you provide through a mobile application or camera, video and audio recordings for identification where applicable;
  • Biometric data such as photo image or video recording of your face;
  • Contact Data, such as registered/actual place of residence, phone number, e–mail address.

We process the Personal Data that we collect from you for at least one of the following purposes:

  • we have to take necessary steps before the conclusion of the contract – You are our potential client, or an employee of a potential client or a client or potential client of our potential client. Therefore, in order to conclude the contract, you need to be aware of the capabilities of the Identomat software;
  • we have the legitimate interest to do so – as a business, we need to expand our services and to provide you with the best and most secure experience;
  • we need the personal data that you voluntarily submit to us to improve our Service – functions, process flow, processing times, visuals, or other technological processes are revised, improved and adapted based on the timing and quality of the Service that you receive, as well as feedback that you may choose to provide;
  • we need to comply with the applicable legislation and contractual arrangements between us – we gather, manage and delete your personal data in accordance with the Terms and Conditions, including this Privacy Policy and the applicable legislation as the Terms and Conditions are the contractual arrangement between the Identomat Inc and Yourself;
  • We need to process your biometric data in order to maintain and imrove the Service and thereby continue existance and operation as a company. Identomat is our main product. Currently, we face serious competition from many other companies, who provide distant identification services. If we do not process your Personal data, more specifically – biometric data, we will not be able to continue operation since we will not be able to improve Identomat.

We use the photo image or video recording provided by you to match those with the photo of your ID document. The Identomat may, from time to time rely on the automated processing of the information obtained, including the Personal Data, by means of automated decision making, which implies use of software code or algorithm, without requiring human intervention. The results of the comparison are used to improve the performance of the Identomat software. The information obtained from such comparison is not retained or used for any other purpose than those set out in the present Privacy Policy.

The Identomat will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your personal data. The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use all commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security. When we process your Personal Data indicated above, we take the following measures, to protect your Personal Data:

  • Identomat Inc is in the process of certification for compliance with the ISO/IEC 27001:2013 standard. The Organization has introduced physical, as well as technological and procedural mechanisms to ensure the security of information kept with the Company, including, but not limited to Your Personal Data), namely:
  • The management of the Company has a leading role in the implementation of the information security system, in addition, an overarching approach has been introduced – information security requirements are reflected in the company’s policies and processes.
  • The Company has been pursuing an information security policy, the purpose of which is to (a) ensure the confidentiality, protection and accessibility of sensitive information and to (b) establish a modern and adequate information security management system in the company.
  • The company is working consistently and continuously to identify and mitigate information security risks. The company introduced and has been implementing a risk management strategy; the relevant risks are described and the mechanisms for risk mitigation – defined. The obligation of updating the list of risks on a regular basis is envisaged;
  • The Company has defined and has been implementing information classification policies, which means that Your Personal Data is confidential and can only be accessed by a Company employee only in case of the permission issued by a duly authorized person and only if he or she needs access to it in order to fulfill his/her job;
  • The company has introduced a mechanism for identifying, reporting and responding to incidents;
  • Since the information processed through the “Identomat” is only in electronic format, the mechanism for recording (logging) actions related to personal data is implemented;
  • The employment contract and the company’s Internal Regulations define the concept of confidential information, which includes personal data. The obligation to maintain confidentiality of the Personal Data survives the termination of employment. The Company implements adequate administrative penalties, in case of breach of confidentiality;

In order to ensure the continuity and security of data processing through the “Identomat”, servers located in Frankfurt and Amsterdam are used to store data. It means that this information may be transferred to — and maintained on — computers located outside of Your country’s jurisdiction where the data protection laws may differ than those from Your jurisdiction. The following services have been selected:

  • Service provider of the server based in Frankfurt is the DigitalOcean LLC;
  • Service provider of the server based in Amsterdam is the Paperspace Co.

These jurisdictions have been selected with the objective of ensuring best possible protection of your data under the rules and regulations applicable in the EU. The transmission of your Personal Data as well as storage takes place in encrypted format, therefore, no third party can access the information.

Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit). Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Website that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data. When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data. We may also collect information that Your browser sends whenever You visit our Website or when You access the Service by or through a mobile device.

The Identomat may use Usage Data for the following purposes:

  • To improve the Website and any of the services accessible thereupon;
  • To provide and maintain our Services, including to monitor the usage of our Services;

More details can be found in Our Cookie Policy.

The contact information that we collect (email, telephone number) or other equivalent forms of electronic communication, such as a mobile application’s push notifications will be used to contact you for the purpose of sending you the link to the website providing demo version of the Identomat software.

The Identomat will not retain Your Personal Data for longer, then it is necessary for the purposes set out in this Privacy Policy, such period not exceeding 30 days. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

The Identomat will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a short period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.

We will not share or disclose your personal information with anyone, unless such sharing and/or disclosure is specifically required by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Insofar as it is compliant with the applicable laws, the Identomat may also disclose Your Personal Data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation;
  • Protect and defend the rights or property of the Identomat or its legitimate interests;
  • Prevent or investigate possible wrongdoing in connection with the Services;
  • Protect the personal safety of Users of the Service or the public;
  • Protect itself against legal liability;
  • Security of Your Personal Data.

Our Service does not address and We do not knowingly collect personally identifiable information from anyone under the age of 18. If We become aware that We have collected Personal Data from anyone under the age of 18 without verification of parental consent, We take steps to remove that information from Our servers without undue delay.

At any time, while Your Personal Data is being processed by us, You have the right to

  • request the details of such processing. We will provide You the requested info within 10 days;
  • request us to correct, renew, add, block, delete or destroy the Personal Data, if it is incomplete, incorrect, outdated, or it has been collected or processed in violation of requirements of the law; We will comply with Your request or reject it, as case may be, within 15 days (3 days – for block requests);

If you have any requests, questions about this Privacy Policy or information about possible violations of the present Privacy Policy or the applicable legislation, You can contact us by email: [email protected] or by means of on FacebooktwitterInstagram or YouTube. Your complaints and requests regarding the personal data will be processed within the timeline set out in and in accordance with the applicable legislation. In case You feel that we are processing your Personal Data in violation of the legislation, You may lodge a complaint with the Delaware Department of Justice Consumer Protection Unit.

Your consent, that is given by agreeing to the Terms and Conditions, including this Privacy Policy, is precondition for processing your Personal Data. You have right to withdraw such consent at any time, before or after using the Service. Following such withdrawal, your Personal Data will be destroyed/deleted without undue delay, but not later than 5 days, unless we have other legitimate ground for processing your Personal Data.

We may update our Privacy Policy from time to time as set out in the Terms and Conditions of the Website. You are advised to review this Privacy Policy periodically for any changes.