Data Privacy and GDPR Compliance at BioID

Data privacy biometrics with GDPR compliance

As a responsible biometric service provider, we are proud to be compliant with both stringent German and European data privacy protection requirements. Taking the protection of your data extremely seriously, we offer anonymous biometrics with high levels of assurance by means of liveness detection without the need for any personally identifiable information (PII).

Your biometric data belongs to you and only you!

For more details, please read more about our Privacy Policy.

Data privacy biometrics with GDPR compliance

Biometric Data & Privacy Protection

By design, our service architecture has been set up to ensure high security and privacy protection. When talking about biometric data, we go beyond GDPR by putting the users in full control of their biometric data and empowering them to give us consent before using the data for application-specific operations.

As a Biometrics as a Service provider, BioID secures your privacy by design using the following principles:

Data privacy on biometric operations through anonymity

Data Privacy by Pseudonymization

  • Biometric operations are anonymous without personally identifiable information
  • On-demand biometric operation without context information
  • Biometric template is pseudonymized, irreversible, and cannot be exported
Data privacy and protection on biometric operation with GDPR complliance

Data Protection Compliance with EU GDPR

  • Only data required to carry out biometric operation is requested
  • Data submitted for operation is single-purpose and cannot be shared
  • Data discarded after an operation or retained as per EU GDPR guideline
Data privacy on biometrics through secure data centers

Data Protection at Location

  • Service located at certified trusted data centers
  • Jurisdiction-specific data centers where available
  • Private or on premises deployment on demand
Data privacy in biometrics through user consent

Data Privacy by User Consent

  • Challenge-response enables secure & effective user consent
  • User consent puts users in control of their data privacy
  • Vis-à-vis GDPR user consent

 In protecting your data, we implement a zero footprint biometric operation or on-demand compliant with GDPR guidelines.

Feel free to contact us for more information.

Our BioID Web Service is a Biometrics as a Service (BaaS) available via trusted and secure data centers worldwide.

secure data centers worldwide

Anti-spoofing is key in protecting data and privacy. To ensure the highest security, our service is always protected against spoofing attacks by means of liveness detection.

Liveness detection enables secure 24/7 self-service online transactions.

In terms of data privacy, our service puts users in control of their data. In terms of data protection, BioID is compliant with EU GDPR acting as a “Data Processor”.

For more information, please take a look at our Whitepaper below.