Data Privacy and GDPR Compliance at BioID
As a responsible biometric service provider, we are proud to be compliant with both stringent German and European data privacy protection requirements. Taking the protection of your data extremely seriously, we offer anonymous biometrics with high levels of assurance by means of liveness detection without the need for any personally identifiable information (PII).
Your biometric data belongs to you and only you!
For more details, please read more about our Privacy Policy.
Biometric Data & Privacy Protection
By design, our service architecture has been set up to ensure high security and privacy protection. When talking about biometric data, we go beyond GDPR by putting the users in full control of their biometric data and empowering them to give us consent before using the data for application-specific operations.
As a Biometrics as a Service provider, BioID secures your privacy by design using the following principles:
Data Privacy by Pseudonymization
- Biometric operations are anonymous without personally identifiable information
- On-demand biometric operation without context information
- Biometric template is pseudonymized, irreversible, and cannot be exported
Data Protection Compliance with EU GDPR
- Only data required to carry out biometric operation is requested
- Data submitted for operation is single-purpose and cannot be shared
- Data discarded after an operation or retained as per EU GDPR guideline
Data Protection at Location
- Service located at certified trusted data centers
- Jurisdiction-specific data centers where available
- Private or on premises deployment on demand
Data Privacy by User Consent
- Challenge-response enables secure & effective user consent
- User consent puts users in control of their data privacy
- Vis-à-vis GDPR user consent
In protecting your data, we implement a zero footprint biometric operation or on-demand compliant with GDPR guidelines.
Feel free to contact us for more information.
Our BioID Web Service is a Biometrics as a Service (BaaS) available via trusted and secure data centers worldwide.
Anti-spoofing is key in protecting data and privacy. To ensure the highest security, our service is always protected against spoofing attacks by means of liveness detection.
Liveness detection enables secure 24/7 self-service online transactions.
In terms of data privacy, our service puts users in control of their data. In terms of data protection, BioID is compliant with EU GDPR acting as a “Data Processor”.
For more information, please take a look at our Whitepaper below.