Privacy Policy

Paspo ID is an authentication and identity authorization service that allows users to securely sign in to third-party applications, websites, and services.

Paspo ID does not sell, rent, or share personal data for advertising or unrelated commercial purposes.

Depending on the service and authentication method used, Paspo ID may collect and process:

• Name
• Email address
• Phone number
• Authentication identifiers
• Account and profile information
• Device and session information
• Technical logs necessary for security and operation
• Face data and depth information where identity verification or biometric authentication features are used

We collect only the information necessary to provide authentication and authorization services.

Your information is used solely for:

• User authentication
• Identity verification
• Secure authorization in third-party services
• Fraud prevention and security monitoring
• Maintaining and improving service reliability

Paspo ID does not use personal information for advertising, profiling, or marketing resale.

Personal data is not transferred to third parties except when required to complete user authorization in a third-party application, website, or service requested by the user.

Paspo ID does not sell personal information.

When Paspo ID is used to authenticate a user for a third-party service, only the authentication or authorization result may be communicated to that service. Facial images, facial geometry, facial landmarks, depth information, biometric templates, or other face data are not transferred, disclosed, or shared with third-party services.

User data is stored exclusively within the country of the subscriber/user.

We implement reasonable administrative, technical, and organizational measures to protect personal information from unauthorized access, disclosure, alteration, or destruction.

Paspo ID may use Apple's TrueDepth camera system solely for identity verification, authentication, fraud prevention, and account security purposes.

Data Collected

When a user explicitly initiates an identity verification or authentication process, the application may access facial images and depth information generated by the TrueDepth camera. This information may include facial geometry, facial landmarks, and depth measurements required to verify that a real person is present and to authenticate the user.

Collection of face data occurs only when a user explicitly initiates an identity verification or authentication process that requires facial verification.

Purpose of Processing

Face data is collected exclusively for:

• Identity verification
• User authentication
• Authentication and verification of a user's identity when the user chooses to access a third-party application, website, or service through Paspo ID
• Fraud prevention
• Detection of spoofing attempts
• Account security and protection against unauthorized access

When Paspo ID is used to authenticate a user for a third-party service, Paspo ID may confirm the authentication result to that service. However, facial images, facial geometry, facial landmarks, depth information, biometric templates, or any other face data are not transferred, disclosed, or made available to the third-party service.

The application does not send face coordinates, facial landmarks, face mesh, facial geometry, biometric templates, depth maps, or raw TrueDepth data to Paspo ID servers. These TrueDepth signals are processed locally on the user's device during the verification session and are not stored after the verification process is completed.

Face data is not used for advertising, marketing, profiling, analytics, or user tracking.

Sharing of Face Data

Paspo ID does not sell, disclose, transfer, or share facial images, facial geometry, facial landmarks, depth information, biometric templates, or any other face data with third parties.

When Paspo ID is used to authenticate a user for a third-party application, website, or service, only the authentication result, verification status, authorization outcome, or related security assertion may be communicated to the requesting service.

No facial images, facial geometry, facial landmarks, depth information, biometric templates, or other face data are ever provided to third-party applications, websites, or services.

Face data may only be processed within Paspo ID for the purposes described in this Privacy Policy or where disclosure is required by applicable law.

Storage and Retention

Paspo ID does not retain facial geometry, facial landmarks, biometric templates, depth information, face mesh data, or other raw TrueDepth data after completion of the verification process.

Face photos and associated biometric verification records may be retained as part of identity verification records used to provide authentication, identity verification, fraud prevention, and account security services.

Any face-related information retained as part of identity verification records is stored only for as long as necessary to provide authentication services, comply with legal obligations, resolve disputes, and enforce agreements.

Where required by applicable law or local regulations, retained data is stored only within the user's country or region.

User Consent

Face data is collected only with the user's explicit action and consent during the identity verification or authentication process.

Security

Paspo ID applies industry-standard technical and organizational measures designed to protect personal information and face-related data from unauthorized access, disclosure, alteration, misuse, or destruction.

Deletion of Face Data

Users may request deletion of their account and associated personal data through the application settings or by visiting:

Upon account deletion, any retained face-related information associated with the account will be deleted or anonymized in accordance with applicable legal and regulatory requirements.

Users may delete their Paspo ID account at any time:

• From the profile section inside the Paspo ID application
• Via the account deletion page: https://paspo.id/delete-account-details

Account deletion may result in removal of associated authentication data and loss of access to connected services that rely on Paspo ID authentication.

We retain personal data only for as long as necessary to provide authentication services, comply with legal obligations, resolve disputes, and enforce agreements.

Certain technical logs and security records may be retained for a limited period where required for security or regulatory purposes.

Paspo ID uses industry-standard security practices intended to protect user information and authentication processes.

However, no electronic transmission or storage system can be guaranteed to be 100% secure.

Paspo ID is not intended for use by children under the age permitted by applicable local law without parental or guardian consent.

We may update this Privacy Policy from time to time.

Updated versions will be published within the application or on associated websites with a revised effective date.