Table of Contents

Last Updated: February, 2024

To make this Privacy Policy easier to read, the FACEIO Facial Authentication & Enrollment Widget, Associated Applications, and JavaScript library (fio.js) are collectively referred to as “the Service”. Please read this Privacy Policy and our Terms of Use carefully because they govern your use of the Service.

The Service

  • FACEIO is a cross-browser, Cloud & On-Premise deployable, facial authentication framework, with a client-side JavaScript library (fio.js) that integrates seamlessly with any website or web application desiring to offer secure facial recognition experience to their users...
  • Account holders are required to create an application first on the FACEIO Console from which they can install the fio.js Facial Authentication JavaScript library on their websites, collect metrics report, manage facial index and so forth. we provide such Service through the use of a proprietary platform which combines Machine Learning, Facial Recognition Software, and Database Systems.
  • You are invited to take a look at our Getting Started Guide for an overview of the Service we provide.

What does this Privacy Policy cover?

  • This Privacy Policy describes our privacy practices concerning using the FACEIO Service. This privacy policy agreement applies to registered applications created by FACEIO account holders on console.faceio.net, as well as end users of our Facial Authentication & Enrollment Services and SYMISC SYSTEMS, SUARL.
  • we recommend that you review this Privacy Policy periodically, as it may be updated from time-to-time.
  • Please refer to our website & Cookie Policy for information on how we collect, use and disclose information from visitors of the FACEIO websites. You acknowledge and agree that your use of the website is subject to the website & Cookie Policy.
  • FACEIO does not provide services directly to individual end users. Individual end users who perform facial authentication and/or enrollment on a particular website or web application that is powered by fio.js, our facial authentication JavaScript library, should contact the application owner (website administrator/support for example) for information on how they handle your personal data. In this regard, we are a “data processor” or a “service provider” under applicable data protection laws. If you are an individual end user with questions about FACEIO’s underlying Facial Recognition Engine collection and use of biometric information or biometric identifiers through the Client Services SDKs, please refer to the Biometric Information Retention Policy section below.
  • We will use your information after your consent in accordance with this Privacy Policy.

Information Collected Automatically

  • Automatic Data Collection: we may collect certain information automatically when you use the websites. This information may include your registration date, Internet protocol (IP) address, user settings, MAC address, cookie identifiers, mobile carrier, details about your browser, operating system or device, location information (including inferred location based off of your IP address), Internet service provider, pages that you visit before, during and after using the Services, information about the links you click, information about how you interact with the websites, including the frequency and duration of your activities, and other information about how you use the websites. Information we collect may be associated with accounts and other devices.

HOW WE USE YOUR INFORMATION

FACEIO in fulfilling its customer contracts to provide the Services shall use your personal information for a variety of business purposes, including:

To Provide the Services or Information Requested, such as:

  • Fulfilling our contract with you.
  • Managing your information.
  • Extracting anonymized facial hashes when you enroll or authenticate on a given customer application (eg website that implement the FACEIO SDK).
  • Responding to questions, comments, and other requests.
  • Providing access to certain areas, functionalities, and features of our Services.
  • Answering requests for customer or technical support.

Administrative Purposes, such as:

  • Pursuing legitimate interests, such as direct marketing, research and development (including marketing research), network and information security, and fraud prevention;.
  • Pursuing legitimate interests, such as direct marketing, research and development (including marketing research), network and information security, and fraud prevention.
  • Measuring interest and engagement in our services.
  • Developing new products and services.
  • Authenticating and verifying your identity.
  • Carrying out audits.
  • Ensuring internal quality control and safety.
  • Communicating with you about your account, activities on our websites and Privacy Notice changes.
  • Preventing and prosecuting potentially prohibited or illegal activities.
  • Enforcing our agreements, and complying with our legal obligations.

Marketing Our Products and Services: we may use personal information to tailor and provide you with content and advertisements. we may provide you with these materials as permitted by applicable law. Some of the ways we market to you include email campaigns, custom audiences advertising, and “interest-based” or “personalized advertising” including cross-device tracking.

If you have any questions about our marketing practices or if you would like to opt out of the use of your personal information for marketing purposes, you may contact us at any time by emailing privacy@faceio.net.

Consent: we may use personal information for other purposes that are clearly disclosed to you at the time you provide personal information or with your consent.

Non-identified and Aggregated Information Use: we may use personal information and other data about you to create non_identified and/or aggregated information, such as non-identified demographic information, non-identified location information, information about the device from which you access our Services, or other analyses we create. Non-identified and/or aggregated information is not personal information, and we may use and disclose such information in a number of ways, including research, internal analysis, analytics, and any other legally permissible purposes.

DISCLOSING YOUR INFORMATION TO THIRD PARTIES

FACEIO does not share, sell, rent or loan Personal Information with independent third parties, but more importantly, it has no access nor it can decrypt your facial hashes that is only handled by the application's underlying Facial Recognition Engine. Nevertheless, we may access, preserve, and disclose any information we store in association with you (eg email address) to external parties if we, in good faith, believe doing so is required or appropriate to:

  • Comply with law enforcement or national security requests and legal process, such as a court order or subpoena.
  • Protect your, our, or others’ rights, property, or safety.
  • Enforce our policies or contracts.
  • Collect amounts owed to us.
  • Assist with an investigation or prosecution of suspected or actual illegal activity.

Under such circumstances where the law, a court order or other legal process prohibits notice prior to disclosure, none shall be provide.

we may share your personal information with the following categories of third parties:

Other Organizations at your Instruction: You may instruct FACEIO to share your personal information with third parties for their own, independent purposes. Once you share your personal information with these parties, it will be subject to the privacy policy and practices of the receiving party. These third parties are not controlled by FACEIO. we encourage our users to read the privacy policies of each third party with which they interact. we are not responsible for the privacy and security practices of such third parties. Disclosing your information to these third parties is at your own risk.

Service Providers: FACEIO employs third party service providers. Where Personal Information is shared with a service provider each third party is required under contract with FACEIO to secure all Personal Information with access permissions provided to only those employees who need it to complete a task on our behalf. The categories of service providers to whom we entrust personal information include service providers for:

  • The provision of information, products, and other services you have requested.
  • Marketing & Advertising.
  • Payment & Transaction Processing.
  • Customer service activities.
  • The provision of IT and related services.

Your GDPR Privacy Rights

FACEIO undertakes to respect the confidentiality of Your Personal Data and to guarantee You can exercise Your rights. You have the right under this Privacy Policy, and by law if You are within the EU, to:

  • Request access to Your Personal Data: The right to access, update or delete the information we have on You. Whenever made possible, you can access, update or request deletion of Your Personal Data directly within Your account settings section. If you are unable to perform these actions yourself, please contact Us to assist You. This also enables You to receive a copy of the Personal Data we hold about You.
  • Object to processing of Your Personal Data: This right exists where we are relying on a legitimate interest as the legal basis for Our processing and there is something about Your particular situation, which makes You want to object to our processing of Your Personal Data on this ground. You also have the right to object where we are processing Your Personal Data for direct marketing purposes.
  • Request correction of the Personal Data that we hold about you: You have the right to have any incomplete or inaccurate information we hold about You corrected.
  • Request erasure of Your Personal Data: You have the right to ask Us to delete or remove Personal Data when there is no good reason for Us to continue processing it.
  • Request the transfer of Your Personal Data: we will provide to You, or to a third-party You have chosen, Your Personal Data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which You initially provided consent for Us to use or where we used the information to perform a contract with You.
  • Withdraw Your consent: You have the right to withdraw Your consent on using your Personal Data. If You withdraw Your consent, we may not be able to provide You with access to certain specific functionalities of the Services.

Exercising of Your GDPR Data Protection Rights

You may exercise Your rights of access, rectification, cancellation and opposition by contacting Us. Please note that we may ask You to verify Your identity before responding to such requests. If You make a request, We will try our best to respond to You as soon as possible.

Your California Privacy Rights

  • As described above, to the extent that FACEIO collects personal information, it does so primarily as a service provider acting pursuant to contracts to provide the client Facial Authentication Services. If you provided your personal information to an application owner (A FACEIO customer like a website that implements fio.js, our facial authentication library), you should contact the particular client to whom you provided your personal information if you have questions about your rights under California law.
  • California law does permit California residents to request certain information regarding our disclosure of personal information to third parties for the third parties’ direct marketing purposes. FACEIO does not share personal information of California residents with third parties for their own direct marketing. For questions, please contact us by sending an e-mail to privacy@faceio.net.
  • If you are a California resident, California law does provide you with the following rights with respect to your personal information:
    • The right to know the categories or specific personal information we have collected, used, disclosed and sold about you. To submit a request to know, you may contact us at privacy@faceio.net. You also may designate an authorized agent to make a request for access on your behalf.
    • The right to request that we delete any personal information we have collected about you. To submit a request for deletion, you may contact us at privacy@faceio.net. You also may designate an authorized agent to make a request for deletion on your behalf.
  • When you exercise these rights and submit a request to us, we will verify your identity (or the identity and authorization of your agent) by asking you for your email address, telephone number, information about your company’s contract with FACEIO, etc. we also may use a third party verification provider to verify your identity.
  • Your exercise of these rights will have no adverse effect on the price and quality of our goods or services.
  • To this date, FACEIO has never sold any personal information about its clients or their employees or about the customers of our clients; nor does it have any plans to do so in the future.

Biometric Information Retention Policy

  • FACEIO itself (the service) including this website, the fio.js facial authentication library, the Embedded Widget, the Rest API, the Console) does not store or handle biometrics nor even know anything about them. It is the responsibility of the selected facial recognition engine by the application owner (eg website or web application you use) to choose a cloud storage region or opt for on-premises (local) deployment for storing facial hashes to comply with local regulation.
  • This Biometric Information Retention Policy is provided pursuant to the Illinois Biometric Information Privacy Act (“BIPA”) and other applicable laws that govern the collection of biometric data. It also describes the purpose for which your biometric data may be collected, an applicable retention schedule, and guidelines for permanently destroying your biometric data.
  • Purpose of Collection. FACEIO’s underlying Facial Recognition Engine access to or collection of your Personal Information in connection with the Client Services, if any, may include biometric identifiers and/or biometric information (collectively, “biometric data”). FACEIO does not interact directly with you with respect to collection of your biometric data. Through our clients (eg a website that implements fio.js, FACEIO’s facial authentication library SDK) and at their specific direction, FACEIO application's Facial Recognition Engine may access, process, and store your biometric data after your explicit consent for the purpose of future facial authentication when you enroll on a given application, and/or long-term proof of inspection of your provided form of identification, on behalf of and as instructed by our clients. FACEIO has nos access, nor it will not sell, lease, trade, or otherwise profit from your biometric hashes.
  • Retention of Biometric Data. BIPA provides that biometric data must be destroyed at the earliest of three years of the last interaction with you or when collection purpose has been met. Application's underlying Facial Recognition Engine are therefore required to destroy your biometric data, if any, within the time required by law. Specifically, Application's underlying Facial Recognition Engine will permanently destroy your biometric data, if any such data is in its possession, (1) when the initial purpose for collecting or obtaining such data has been satisfied, (2) when a client deletes its application's facial index or (3) within 3 years of our last interaction with a given FACEIO client (eg a website that implements fio.js, FACEIO’s facial authentication library SDK), whichever occurs first. In many but not all cases, and subject to the direction of our clients.

INTERNATIONAL DATA TRANSFERS

All information processed by us may be transferred, processed, and stored anywhere in the world, including but not limited to the United States or other countries, which may have data protection laws that are different from the laws where you live. we endeavor to safeguard your information consistent with the requirements of applicable laws. Further details can be provided upon request.

YOUR CHOICES

  • General: You may have the right to opt out of certain uses of your personal information.
  • Email Communications: If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails regarding products or Services you have requested. we may also send you certain non-promotional communications regarding us and our Services, and you will not be able to opt out of those communications (i.e. Communications regarding updates to our Terms of Service or this Privacy Notice).
  • Mobile Devices: we may send you push notifications through our mobile application. You may at any time opt-out from receiving these types of communications by changing the settings on your mobile device. With your consent, we may also collect precise location information if you use our mobile applications. You may opt-out of this collection by changing the settings on your mobile device.

INDIVIDUAL RIGHTS IN PERSONAL INFORMATION

For purposes of the California Consumer Privacy Act, we do not “sell” your personal information. In accordance with applicable law, you may have the right to:

  • Request confirmation of whether we are processing your personal information.
  • Obtain a copy of your personal information.
  • Receive an electronic copy of your personal information that you have provided to us, or ask us to send that information to another company (the “right of data portability”).
  • Object to our processing of your personal information.
  • Restrict our uses of your personal information.
  • Seek correction or amendment of inaccurate, untrue, incomplete, or improperly processed personal information.
  • Request erasure of personal information held about you by us, subject to certain exceptions prescribed by law. If you would like to exercise any of these rights, please contact us as set forth below.

we will process such requests in accordance with applicable laws. To protect your privacy, we will take steps to verify your identity before fulfilling your request.

If you are a California resident, you have the right not to receive discriminatory treatment by FACEIO for the exercise of your rights conferred by the California Consumer Privacy Act.

DATA RETENTION

we store the personal information we receive as described in this Privacy Notice for as long as necessary to fulfill the purpose(s) for which it was collected, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws. we will delete your data within one year of your last interaction with the websites & Services.

SECURITY OF YOUR INFORMATION

we take steps to ensure that your information is treated securely and in accordance with this Privacy Notice. Unfortunately, no system is 100% secure, and we cannot ensure or warrant the security of any information you provide to us. To the fullest extent permitted by applicable laws, we do not accept liability for unauthorized disclosure.

By using the websites, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the websites. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on the Services, by mail or by sending an email to you.

CHILDREN’S INFORMATION

The Services are not directed to children under 13 (or other age as required by local law), and we do not knowingly collect personal information from children. If you learn that your child has provided us with personal information without your consent, you may contact us as set forth below. If we learn that we have collected any personal information in violation of applicable law, we will promptly take steps to delete such information and terminate the child’s account.

CHANGES TO OUR PRIVACY NOTICE

we may revise this Privacy Notice from time to time in our sole discretion. If there are any material changes to this Privacy Notice, we will notify you as required by applicable law. You understand and agree that you will be deemed to have accepted the updated Privacy Notice if you continue to use the Services after the new Privacy Notice takes effect.

Contact Information

Use the following medium to reach the FACEIO Support or Legal team if you have any questions related to the field of interest:

Feedback

we welcome feedback, comments and suggestions for improvements to the Service. You can submit Feedback by opening a new support ticket on the FACEIO Console or publicly via the Community Forum. You grant to us a non-exclusive, transferable, worldwide, perpetual, irrevocable, fully-paid, royalty-free license, with the right to sub-license, under any and all intellectual property rights that you own or control to use, copy, modify, create derivative works based upon and otherwise exploit the Feedback for any purpose.