Version 1.0 2023-01-19
KnowingMe ID allows you to scan a Passport or a National ID card using NFC. Additionally a face verification and liveness check is carried out using a selfie picture and the photo from the document to make sure you are the legitimate owner of the Identity document. Within 24 hours after being onboarded, all of your personal information is deleted on any server. Your identity credentials are then stored on your mobile device, controlled only by you.
To verify the validity of the chip in the document, the Service will temporarily have access to all of the information in the chip. After validation is done on the phone, the information is sent to KnowingMe's technical partner Svipe where it is validated again and proofs of correctness are created and stored. Svipe is issuing certificates containing all the read information that are sent back to the KnowingMe application and being stored in the secure enclave (or equivalent) of the phone.
The following information might be processed (pending of data available in your document):
Data that is read from the chip in the biometric ID-document:
Data read from the chip in the biometric document when available:
Data collected by the app to verify liveness and to guard against fraud:
Additional data if provided by the user:
For the continuous improvement of the service, we need to collect the usage information. This usage information does not contain personal information. Moreover, Neither KnowingMe nor Svipe cannot directly or indirectly relate the usage information to a specific person. Usage information will only be used for improving the quality of the app and not for other purposes. The service will only retain the information for as long as is necessary to fulfill the specified purpose.
KnowingMe will process your personal data in order to carry out the service of ID-verification and authentication towards contracted Relying Parties. Any data being shared is done so with your explicit consent clearly showing the name and logo of the relying party as well as their reason for collecting this data.
You can withdraw a provided consent done during onboarding towards KnowingMe at any time by providing written notification to firstname.lastname@example.org or simply deleting the app. To withdraw consents done in the KnowingMe app towards Relying Parties you need to contact them directly.
During the time period that personal data is stored in our logs (maximum of 24 hours) it is encrypted with strong cryptographic keys using asymmetric encryption.
The Personal data is stored on the user app in the secure enclave (or equivalent) of the phone.
Personal data is, when temporarily stored, held in servers within the European Union, and handled according to the EU GDPR regulations and guidelines.
At any time, you may request your personal data to be removed from KnowingMe by contacting us at email@example.com
KnowingMe is sharing personal data only with third parties as part of their Service. KnowingMe will not share personal data with any other third party.
KnowingMe might share your non-personalised data with authorities for legal purposes.
This privacy statement may change from time to time. If the changes are significant or reduce the rights of users, then KnowingMe ID will provide a prominent notice.