IDEMIA CIVIL IDENTITY NA LLC
Privacy Statement for Digital Commercial Products (Mobile ID and ID Verify)
This Privacy Statement applies to the IDEMIA Civil Identity NA LLC (“IDEMIA”) mobile, web- based and cloud-hosted commercial product applications (the “Services”) and governs the collection and use of data in connection with the Services. IDEMIA is committed to protecting the personally identifiable information (“PII”) and other non-PII data (“Data”) of its customers and end-users (collectively “Users”) that is collected and used in connection with the Services. Use of the Services constitutes agreement and consent to the practices described in this statement.
The Services provide a way to securely authenticate identification documents and verify user identity and/or interact with third-party websites (“Websites”). However, this Privacy Statement does not cover any Websites of third parties. IDEMIA encourages Users to review the privacy statements of other Websites that the User interacts with using the Services to understand how those Websites collect, use, and share personal information and other data. IDEMIA is not responsible for the privacy statements or other content on Websites outside of the Services or the practices of any third party which a User wishes to interact with in using the Services. IDEMIA partners with a third party to enable a User to confirm a specific device by sending a one-time passcode via SMS short code. Information collected from this process is limited to a specific phone number and will not be shared with third parties for marketing purposes.
1. PII and Data Collected
IDEMIA Services may collect PII (Personally Identifiable Information) and Data that may include the following:
IDEMIA will never sell, lease, or trade your biometric information with any other party without your request or consent.
2. Retention and Use of Pll and Data
IDEMIA may use the information collected through the Services in the following way:
2.1 Retention and Use of PII for the Services
Stateful Services deliver value through the long-term storage of User PII. An example of a stateful Service is the storage of biometric information to perform 1:1 and 1:N matching for User identification and verification. Stateless Services provide Users value without the need for long-term storage of PII. An example of a stateless product and/or service is the process of determining if a presented document is authentic (e.g., determining the authenticity of a US Driver’s License).
PII for Stateful Services will be retained until one of the following events occurs:
The User cancels the Services, in which case, PII will be retained for 30 (thirty) calendar days to support a potential re-activation of the Service. After the re-activation period expires, all PII related to the User will be purged from our system(s) during the next scheduled purge of PII.
PII for Stateless Services will be used as follows:
In general, PII for Stateless Services will be stored for a 30-calendar day period and purged on a monthly basis. PII older than 30 days will automatically be purged from the system during the next scheduled Data purge.
2.2 PII Processed for One-Time Authentication
While logging into the App, Users may enroll by sending a one-time passcode (“One-Time Authentication”) via SMS message. In doing so, IDEMIA collects your mobile phone number and the opt-in consent data you provided. This PII is used exclusively to enable the requested One-Time Authentication.
Any data shared with our cloud communications provider, Twilio, to enable One-Time Authentication is strictly for the operational purpose of delivering the text messages to your mobile carrier. Mobile phone numbers and opt-in consent data collected for text messaging will not be shared with any other third parties or sold or rented to third parties or affiliates for marketing or promotional purposes.
2.3 Retention and Use of Data
Data that does not contain PII or has been anonymized will be retained indefinitely to test and improve the Services and related products, including:
3. Security of PII
IDEMIA secures PII by encrypting PII data at rest and in transit. All PII is protected on computer servers in a controlled, secure environment that is protected from unauthorized access. When PII is transmitted, it is protected through the use of encryption, such as Transport Layer Security (TLS) or Secure Sockets Layer (SSL) protocols to protect against unintended recipients obtaining access to PII.
4. How to Contact Us
Questions or comments regarding this Privacy Statement should be directed to IDEMIA at info@us-idemia.com. IDEMIA will use commercially reasonable efforts to promptly understand and address the issue.
5. Opt-Out
Users may opt-out of the collection of PII or Data by IDEMIA by canceling the Services and uninstalling the applications from all User devices.
6. Changes to this Statement
IDEMIA will occasionally update this Privacy Statement. The latest version of the Privacy Statement can be found at Privacy Policy | IDEMIA. Downloading or use of the Services after any changes to this Privacy Statement constitutes consent to the revised Privacy Statement.
NA.IDEMIA.COM
© 2026 IDEMIA Public Security North America. All rights reserved.