IDscan App Privacy Policy

Privacy Policy

IDscan Biometrics Limited (“IDscan”) respects the privacy of our users.  This privacy policy describes our privacy practices concerning information collected in connection with the IDscan Mobile App (“Application”) created by IDscan to enable identity document authentication by mobile devices.

This privacy policy is effective from 07 November 2014.

1.         Brief Description of the Application

The Application is a software tool for assessing the authenticity of an identity document using an image of the identity document captured by the camera of a user’s mobile device.  With this information, the Application also performs a Know Your Customer (KYC) and Anti-Money Laundering (AML) check on the holder of the identity document.  Using the Application, users may pay to receive a comprehensive and detailed report of the results of the identity document authentication and background checking operations of the Application.

2.          Definitions

Data Controller             the natural person, legal person, public administration or any other body,association or organization with the right also with another Data Controller, to make decisions regarding the purposes and the methods of processing of Personal Data and the means used;

Data Subject                the natural person to whom the Personal Data refers and to whom the identity document under consideration relates;

KYC/AML Data             Personal Data relating to the Data Subject, the said Personal Data being in the possession of and obtained by the Application from third parties and used for the purpose of performing a KYC or AML check on the Data Subject;

Personal Data              any data regarding a natural person, a legal person, an institution or an association which is or can be identified, from the data alone or in combination with other information in the possession of the Data Controller; and

User                             the individual using this Application which must coincide with or be authorized by the Data Subject, to whom the Personal Data refer.


3.         What Data is Collected in Connection with the Application

(a)        Personal Data about the User (“User Personal Data”);

(b)        data identifying the User’s mobile device; and

(c)        Personal Data about the Data Subject (“Data Subject Personal Data”).


(a).       User Personal Data

User Personal Data is collected by

(i)         the Application; and

(ii)        the platform through which the Application is delivered.


(i)         Application

The Application collects the following User Personal Data:

User’s name (and/or Company Name)

User’s email address;

User’s mobile phone number

The Application may also collect further User Personal Data (including without limitation physical address, date of birth etc.) as necessary from time to time.  Privacy in this User Personal Data is governed by the present privacy policy.

(ii)        Platform for Delivery of the Application

The Application is delivered through the Store.  Thus, user Personal Data is collected by the Store as appropriate.  However, IDscan does not receive, process or in any way have control over the User Personal Data collected by the Store.  Thus, privacy in the User Personal Data collected by the Store is governed by the Store Privacy Policy, rather than this privacy policy.

(b)        User’s Mobile Device

Information may be collected automatically by the Application (or third party services employed in the Application), which may include the international mobile equipment identifier of the User’s mobile device.  However, the Application does not collect precise information about the location of the User’s mobile device.

(c)        Data Subject Personal Data

IDscan collects Data Subject Personal Data (including without limitation, name, date of birth, nationality, address [if available]) from the identity document under consideration and from a number of other third party publicly accessible sources (including without limitation the Electoral Register, the Bankruptcy and Insolvency Register, HM Treasury PEP List, etc.)

4.         What we do with the data we gather

User Personal Data collected by the Application:

IDscan requires information about the Application’s users to better understand their needs and to provide users with a better service.  More specifically the Application collects User Personal Data for the purpose of:

(a)        internal record-keeping

(b)        to inform ongoing efforts to improve IDscan’s products and services

User Personal Data collected by the Platform:

User Personal Data Collected by the Store is used to support payment (as an “in-App purchase”) for the reports generated by the Application.

Data Identifying the User’s mobile phone

This information may be collected for the purpose of managing licenses for the Application

Data Subject Personal Data

IDscan collects Data Subject Personal Data for the purposes of

(a)        assessing the authenticity of the Data Subject’s identity document; and

(b)        performing KYC and AML background checking of the Data Subject.

In performing the KYC and AML checks, IDscan receives personal and non-personal data regarding the Data Subject from third party publicly accessible sources (as described above).  IDscan collates this data into a report, together with the findings of its assessment of the authenticity of the Data Subject’s identity document.  The processing of the Data Subject’s Personal Data to generate such reports is carried out using computers and/or IT enabled tools, following organizational procedures and models strictly related to the purposes indicated.

The User may store the report generated by the Application, in the User’s mobile device for later perusal.  IDscan does not possess or maintain a centralized repository of the generated reports.  The reports are stored on each mobile phone from which the identity document authentication and KYC/AML checking request originated.  In other words, if a User requests an assessment of the authenticity of another person’s ID and a background check on that person, the report detailing the outcomes of these evaluations will be stored on the User’s phone only.  Once the report is issued to the User’s mobile phone, the User assumes responsibility for the report and the personal data contained therein, thereby relieving IDscan of any and all subsequent responsibility for the same.

5.         Links to other websites

The Application may contain links to other websites of interest.  However, once the User has used these links to leave the Application, IDscan has no control over these other website.  Therefore, IDscan cannot be responsible for the protection and privacy of any information provided by the User or the Data Subject to these other sites whilst visiting such sites.  In particular, privacy in data provided by the User or the Data Subject to any such sites is not governed by this privacy statement.

6.         Security

We are committed to ensuring that your information is secure.  In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

7.         Corrections to Personal Data

Once issued, the reports generated by the Application are not in the possession or control of IDscan.  Furthermore, the KYC/AML Data included in the reports is obtained from third party sources, which possess, maintain and control the relevant KYC/AML Data.  Similarly, IDscan does not maintain centralised records of the identities of Users and/or Data Subjects.  Accordingly, IDscan is not a Data Controller for issued reports, as it has no means of amending, correcting, supplementing or deleting an issued report or the content thereof.  Data Subjects who desire any such alterations to reports pertaining thereto or the contents of any such reports should contact the relevant third party sources of the KYC/AML Data and/or the Users who possess the relevant reports.

8.         Changes to this Privacy Policy

IDscan reserves the right to make changes to this policy at any time by giving notice to its Users on this page.  It is strongly recommended to check this page often, referring to the date of last modification listed at the bottom.

9.         Information about this Privacy Policy

This privacy policy relates solely to this Application.

This privacy statement has been prepared in fulfilment of the obligations under Art 10 of EC Directive n 95/46/EC and under the provisions of Directive 2002/58/EC.

10.       Questions about This privacy Policy

If you have any questions about this privacy policy, you can contact us through any of the available methods listed on our Contact page.