SECUREVISGE
Trust in every click

Privacy Policy

At SecureVisage, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our employee verification platform.

1. Information We Collect

We collect various types of information to provide and improve our facial recognition verification services:

Personal Information

  • Name, email address, and company affiliation
  • Business contact information and verification details
  • Account credentials and authentication data
  • Communication preferences and support history

Biometric & Verification Data

  • Facial images submitted for verification
  • Biometric templates and verification results
  • Verification logs and audit trails
  • Device and location information

Important: All biometric data is processed securely and deleted within 24 hours of verification completion. We do not store permanent copies of facial images.

2. How We Use Your Information

Your information is used exclusively for legitimate business purposes:

  • To verify employee identities and prevent fraud or impersonation
  • To provide customer support and communicate about your account
  • To improve our facial recognition algorithms and service quality
  • To ensure platform security and prevent abuse
  • To comply with legal obligations and regulatory requirements

3. Data Storage & Security

Security Measures

  • End-to-end encryption for all data in transit and at rest
  • Multi-factor authentication and access controls
  • Regular security audits and penetration testing
  • Compliance with SOC 2 Type II and ISO 27001 standards

Data Retention Policy

  • Biometric data: Deleted within 24 hours of verification
  • Verification logs: Retained for 7 years for compliance
  • Account data: Retained while account is active
  • Analytics data: Anonymized and retained for 2 years

4. Data Processing & Legal Basis

We process your data based on the following legal grounds:

Contract Performance

  • Providing verification services you requested
  • Managing your account and subscriptions
  • Processing payments and billing

Legitimate Interest

  • Improving our services and algorithms
  • Preventing fraud and ensuring security
  • Communicating important updates

Consent: For biometric data processing, we require explicit consent from both the company and the individual being verified.

5. Third-Party Services & Data Sharing

We work with trusted third-party services to provide our verification platform:

  • Cloud Infrastructure: AWS for secure data storage and processing
  • Payment Processing: Razorpay for secure payment handling
  • Analytics: Google Analytics for service improvement (anonymized data only)
  • Customer Support: Zendesk for ticket management

No Sale of Data: We never sell, rent, or trade your personal information to third parties for marketing purposes.

6. Your Privacy Rights

Under GDPR and other privacy regulations, you have the following rights:

Access & Control

  • Access your personal data and verification history
  • Correct inaccurate or incomplete information
  • Request deletion of your data (subject to legal requirements)
  • Export your data in a portable format

Communication Preferences

  • Opt out of non-essential communications
  • Control marketing and promotional emails
  • Manage notification preferences
  • Withdraw consent for data processing

7. International Data Transfers

Your data may be processed in countries outside your residence:

Data Transfer Safeguards

  • Standard Contractual Clauses (SCCs) for EU data transfers
  • Adequacy decisions for approved countries
  • Binding corporate rules for multinational organizations
  • Regular assessment of transfer risks and compliance

8. Children's Privacy

Age Restriction: Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected such information, please contact us immediately.

9. Data Breach Response

In the unlikely event of a data breach, we have comprehensive response procedures:

  • Immediate containment and investigation of the incident
  • Notification to affected users within 72 hours (GDPR requirement)
  • Coordination with relevant authorities and data protection officers
  • Implementation of additional security measures to prevent recurrence
  • Transparent communication about the incident and remediation steps

10. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements:

  • Significant changes will be communicated via email 30 days in advance
  • Minor updates will be posted on this page with updated "Last updated" date
  • Continued use of our services constitutes acceptance of updated policies
  • You may request a copy of previous policy versions

11. Contact Information

For privacy-related questions, requests, or concerns, please contact us:

Data Protection Officer: dpo@securevisage.com

Privacy Support: privacy@securevisage.com

General Support: support@securevisage.com

Response Time: Within 48 hours during business days

Business Hours: Monday - Friday, 9:00 AM - 6:00 PM IST

Regulatory Compliance

SecureVisage complies with GDPR, CCPA, and other applicable privacy regulations. We regularly review and update our practices to maintain compliance with evolving legal requirements.

Last updated: 9/27/2025