Yes, Verifai is fully GDPR-compliant. During the development we constantly kept the GDPR-regulations in our mind. Here’s how:
Transparency: the customer knows that his/her data is being used and processed, gave permission to do so and knows his/her rights. Users of Verifai are asked for permission and made aware of what information gets processed or not. At any time, a customer can refuse the service by not scanning his/her ID. Also, our software uses live blocking templates: sensitive personal information that isn’t needed for a certain service (e.g. photos and personal identification numbers) is never being recorded.
Goal restriction: personal data is only collected for authorized and lawful purposes and may not be used for any other purposes. Verifai never uses, extracts or stores personal data for own use. Therefore, any extracted personal information on scanned ID-documents is solely being used for the intended purposes. Although our software uses machine learning, the data used to improve our software never includes any personal information.
Data restrictions: only necessary personal information gets collected. Thanks to real-time blocking of sensitive data such as photos and personal documents, both the customer and the client are ensured that only relevant data is collected. Our software can easily be adapted to a client’s needs. We offer a tailor-made blocking solution so you can choose which sensitive information should be extracted (because it’s needed) and which information should be blocked. Want to see how it works? Check this video.
Correctness of data: personal information should be correct and should stay correct. By using our ID scanner you are able to bypass human error from manually entering personal information. Therefore, the margin of error is significantly reduced. Verifai itself is capable of realising 100% correct data for each document that is recognised. In the unlikely event that Verifai is incapable of recognising a document, it won’t enter incorrect data, but no data at all. This reduces the risk of entering incorrect data.
Storage restrictions: personal information (stored for the intended goal) should never be stored longer than necessary. Verifai never stores any personal data on the device or on a server. Scanned personal information is transferred to our client’s system, who can determine by themselves how long they need the data, to be compliant with GDPR regulations.
Integrity and trust: Personal information should be protected against unauthorized access, loss, theft and destruction. Verifai is designed to ensure maximum safety and security of personal information. Since we do not store any personal data on our servers, unauthorized access, loss, theft and destruction from our own servers is not applicable. We support only TLS 1.2 to ensure a completely secure connection.