Version 1.0 2020-09-14
What Personal Information is Processed and Stored?
Svipe ID allows you to scan a Passport or a National ID card using NFC.
To verify the validity of the chip and the document, the application on the phone will temporarily have access to all of the information in the chip. After validated locally on the phone, this information is sent to the Svipe backend where it is validated again and proofs of correctness are created and stored in our backend. These proofs do not contain the information, neither in clear nor encrypted form, so after verification we do not have access to the information. The following information is processed:
- Full Name
- Date of Birth
- Portrait Image
- Personal Number (if available in the document)
- Document number
- Document Type
- Date of Expiry
What Non-Personal Information is Collected and Why?
For the continuous improvement of the app and the service, we need to collect the usage information. This usage information does not contain personal information. Moreover, Svipe cannot directly or indirectly relate the usage information to a specific person. Usage information will only be used for improving the quality of the app and not for other purposes. Svipe will only retain the information for as long as is necessary to fulfill the specified purpose.
Svipe collects the following usage information:
Phone details, including phone type, iOS version, and memory size. We do not collect information that is unique for a certain phone.
What type of identity document was scanned and read: was the scan successful, was the chip read successfully, what country issued the identity document, the document signing certificate as stored on the chip, and the date of expiry. We collect the date of expiry since this allows us to determine the version of the scanned identity document.
Usability information: how long the different steps take if a user managed to go through all steps and usage frequency.
Personal Data Controller and Data Protection Officer
Svipe is the data controller for Svipe’s processing of your personal data and is responsible for ensuring that the processing takes place in accordance with applicable legislation.
Svipe has appointed Mr. Stefan Farestam as the Data Privacy Officer (“Data Privacy Officer”). The Data Privacy Officer also has the duty of monitoring that Svipe processes personal data in accordance with applicable legislation. Contact information for the Data Protection Officer is firstname.lastname@example.org, +46 70 849 6838
How We Process Your Personal Data
Svipe will process your personal data in order to improve our solution for digital IDs. This processing will include the improvement of our facial verification technology where we compare the image in the ID document with your selfie.
You can withdraw the provided consent at any time by providing written notification to Svipe at email@example.com.
How is the Personal Data Secured?
At any time, you may request your personal data to be removed from our servers by contacting us at firstname.lastname@example.org
Sharing of Personal Data
Svipe will not share your personal data with any third party unless you request us to do so during login to a service at which point you explicitly approve and reshare the data with us that you want to share with the third party.
Changes in this Privacy Statement
This privacy statement may change from time to time. If the changes are significant or reduce the rights of users, then Svipe will provide a prominent notice.