Last Updated June 17, 2022
Information We Collect via Our Hosted Identity Verification Services
From time to time our clients may direct you to use our Identity Verification Services via our Hosted Identity Verification Service. When they do, we’ll ask for an image or images of your identity document as well as a photo or video of your face and any other information you choose to provide.
In addition, we also automatically collect certain information from you when accessing our website. This includes:
We log information about your use of the website, including the type of browser you use, access times, pages viewed, your IP address and the page you visited before navigating to the website.
We collect information about the computer or mobile device you use to access our website, including your approximate location to a city level, hardware model, operating system and version, unique device identifiers and mobile network information.
Information Collected by Cookies and Other Tracking Technologies
We and our service providers use various technologies to collect information, including cookies and web beacons. Cookies are small data files stored on your hard drive or in device memory that help us improve our website and your experience, see which areas and features of our website are popular and count visits. Web beacons are electronic images that may be used on our website or emails and help deliver cookies, count visits and understand usage. For more information about cookies, and how to disable them, please see below.
Use of Information
We use the information we collect to:
Provide, maintain and improve the website;
Provide and deliver the Identity Verification Services;
Monitor and analyse trends, usage and activities in connection with the websites.
Sharing of Information
We share information with external parties that are performing tasks on our behalf (including our affiliates) and with other companies, organisations, and individuals outside Onfido where we have a legitimate legal reason for doing so (for example, in connection with any merger or acquisition).
Whenever legally possible, we seek to protect the information we share by imposing contractual privacy and security safeguards on the recipient of the information. This is particularly important in cases where the recipient is located in a country that has different or lesser privacy laws than those of the country where the information was originally collected. In some cases, however, it’s not possible for us to do so — for example, when we have a legal obligation to disclose information to a government authority and that government authority isn’t willing to enter into such contractual safeguards.
Onfido takes appropriate administrative, physical, technical and organisational measures designed to help protect information about users from loss, theft, misuse and unauthorised access, disclosure, alteration and destruction. For more information about information security at Onfido, please visit the Guide to Security at Onfido. If you think you have identified a security vulnerability or bug in our Identity Verification Services, please report it to the Onfido security team at firstname.lastname@example.org and as described in the Onfido Responsible Security Bug Disclosure Policy.
Strictly Necessary and Performance Cookies
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. They also allow us to count visits and traffic sources, to monitor use and ensure the Hosted Identity Verification Services are operating as expected. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
Our Hosted Identity Verification Services uses only necessary cookies. Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies, though this may impact the functionality of the Hosted Identity Verification Services.
If you wish to delete or deactivate your data, please email us at email@example.com, but note that we may retain certain information as required by law or for legitimate business purposes. We may also retain cached or archived copies of information about you for a limited period of time.
You may opt out of receiving promotional emails from Onfido by following the instructions in those emails or by emailing us at firstname.lastname@example.org. If you opt out, we may still send you non-promotional communications, such as those about your account or our ongoing business relations.