Privacy Policy of AZYO’s Services

In this Privacy Policy, we explain how and on what basis we collect, store, and process the personal data of our users. At AZYO, we are meant to conduct identity-related checks for our clients. This implies that they are the controllers with respect to the data we collect about our users. Whereas we are the data processors and process the data received on the directions provided by our clients. Therefore, we suggest you contact the client (the data controller) or review their privacy policy as well in order to get a clearer picture regarding the collection and usage of your personal data.

Being an automated identity verification solution, it deals with all types of personal information about the users of their clients. The basic personal information that is common for most of the users includes full name, emails, image of an identity document and likewise in respect to an identified or identifiable individual. AZYO being the “data processors” only processes the personal data on behalf of their clients, “data controllers”.

 

Data Controllers are the ones who initiate or require the personal information of certain individuals to be processed before allowing them to gain access to the services they provide. It can be a “natural or a legal person” which is liable for deciding the reasons and methods for handling the personal data of individuals are the data controllers. They alone or jointly decide the degree of control the data subjects get to have on their information. Plus, they are the ones solely responsible for ensuring data protection compliances for being the data controllers. In simple words, data controllers are the managers of the personal data and therefore decide on its processing as well. 

As market leader in automated identity verification, AZYO’s top priority is to respect its users’ privacy. ID verification together with the secured handling of the sensitive information, AZYO provides it all. 

At AZYO, our main mission is to help our clients with ensuring a smooth and efficient access to all the services. We are committed to providing a fully secured experience. AZYO is responsible for collecting, storing disclosing user’s information only as per the directives given by the third party i.e. the clients (data controller) that are in complete accordance with the applicable data protection rules and regulations. AZYO plays the role of a service provider (data processor), not the controller of data. Furthermore, there are scenarios when AZYO might use the data other than the ways described below only to meet the needs and requirements of the data controller and not for any personal use. Therefore, it is important to have a complete awareness of the privacy terms and conditions of not only AZYO’s policy but also the third parties who oversee the data aka the “client data controller”. It should be of a top priority of reviewing the privacy policies and condition of the company that the customers are dealing with to get a clear picture on how their personal data will be used. 

The Information we collect & the procedure of the collection of such personal information at AZYO

AZYO is required to collect different forms of personal information of their client’s users to deliver phenomenal services to them. For this purpose, AZYO collects different personal details of the users that certainly differ with every client’s needs and requirements. This is because AZYO is only a data processor and only acts on behalf of the clients (data controllers). AZYO performs identity verification services of the users on behalf of its clients. Personal information is which is related to an identified or identifiable individual like name, email address, an image of a legal identity document and more will be processed as directed by the data controller. Requirement of personal information varies with almost every single client according to their exact needs of what they are trying to check with their respective users. 

Personal Information- AZYO is required to collect a wide and broad range of personal information to verify the users availing the client’s services. The information collected varies with the client in question (Client data controller). For instance, a user’s name, address, image of a government issued identity card, social security number, credit card details, passport number, driving license and likewise are a few examples of the personal information that the clients require AZYO to check with its users. AZYO is an advanced solution in the identity verification space and therefore it not only requires the users to click an image of their face but to also undergo a facial analysis process, along with their identity documents to complete the verification process thoroughly i.e., leaving no question of identity frauds. 

 

Facial Identity, OCR & Liveness Detection- AZYO will analyze the face in real time that users will provide during the facial recognition process. AZYO leverages facial recognition technology just to confirm user’s identity with the picture that appears on the identity document to avoid any bad actors from gaining access to the services. AZYO is entitled to store the facial identity only for the duration of time as mentioned by the client. AZYO completely believes in supporting the privacy of the users. AZYO will not store any client specific information once relationship with client seizes with AZYO.

 

 

AZYO performs all the identity verification procedures on behalf and as required by the clients, only to ensure a complete verification process. It requires an image of identity document and a selfie image of the user. AZYO then pulls out the information from the document provided by the user to understand the genuineness of the user.

AZYO helps in preventing bad guys from impersonating and keeps them away from gaining access to resources. After successfully passing the identity checks, AZYO’s client will feel comfortable that the user is genuine. AZYO may also check if the user is verified before (by comparing the facial identity with the databases). This not only helps in the verification of the users but also prevents them from using multiple identities thereby protecting both our clients and its users.

 

The Client- AZYO collects personal information only to fulfil the services for its clients. Organizations require identity related checks of its users before letting them be a part of their business processes. Hence, AZYO performs all the identity related checks on behalf of its clients. Post verifying a user, AZYO shares the received information with the respective clients.

 

The User- The individuals who will get verified by AZYO platform are referred to as the users. AZYO gathers the information from the clients or from the users. The data i.e. the personal information collected can be of different forms, viz. facial identity, a clear video of the user, image of various identity documents as directed by the clients. This advanced form of identity verification prevents bad guys from exploiting the services of the clients. AZYO helps the clients in understanding whether the user is a legitimate owner of the identity document or not. 

 

The Third Parties- We may receive information the users from our clients in the form of personal or anonymized or both. This data/information can include a user ID that uniquely recognizes a user in the third party’s databases. AZYO can also collect some additional user information from the data providers for certain specific checks as per the direction of the clients. Data providers for instance are the third parties, like consumer reporting companies, government bodies and fraud prevention services. Plus, whenever a user uploads an image that has no relevance with a user identity, AZYO can delete such information as per the data retention privacy. 

 

 

How AZYO uses all the above information

 

This section of the policy shows how AZYO seeks to use the information collected during the whole identity verification process. 

AZYO uses the information collected only as per the direction provided by the clients.

 

AZYO uses collected information on behalf of the clients in full accordance with the privacy policy of the client (data controller). Therefore, it is recommended to review the privacy policy of the client (whose services users wants to gain access to). 

 

AZYO uses both well trained agents and/or software to process the collected personal data. Use of artificial intelligence and machine learning makes it possible to automate the process of verifying identities at large scale with good accuracy. While automatically processing the information, AZYO examines the legitimacy of the identity document by extracting and analyzing all the personal and graphical data from the document like the texts, facial identity, layouts and more. To prevent bad guys from generating multiple identities and exploiting the system, AZYO uses stored image data to verify the user identity and checks if there is already a verified record associated with it. For verifying a user, AZYO compares the selfie and the video with the photo extracted from the identity document to ensure if the user is the true owner of that document or not. By using facial biometrics and the liveness detection, AZYO prevents fraudsters from committing identity theft.

 

 

 

How AZYO Shares Information with Other Entities 

 

AZYO shares user’s information with the following –

 

Client Data Controller– AZYO shares all the information collected with the clients on whose behalf verification services are being conducted.

 

Data Providers (third parties)– AZYO also shares the information with the data providers from whom we collect additional information to engage in analysis, research, and reporting. 

 

Legal Reason- AZYO may share the personal information with different external parties like individuals, companies, and organizations outside of AZYO and may be with the governmental bodies. This is done if we have legal reason for doing so. Following are a few scenarios when we share such information with various external parties – To meet with the various laws, respective courts and legal rules and processes; To protect from various illegal activities like fraudulent attacks, breach of our terms and conditions by investigating, and taking action; To protect against legal claims; To protect from the threats arising against the property, individual or any third party; To check in case of lost, compromised, stolen, fraudulent or any suspicious activity; To ensure safe journey of legal identities online with active machine learning.

 

For all such reasons, AZYO tend to share the information with external parties. To provide a reasonable amount of privacy to our users we tend to protect the user’s information shared outside by drafting contractual privacy and security protection with whom we are sharing such information. This is done to comply with the data protection rules, especially when the information is shared with another country altogether i.e., different from where the information was collected, as the data protection rules, and privacy varies with every government.

 

Californian Residents- CCPA, California Consumer Privacy Act is a state statute that was passed with the intention of enhancing the right to privacy and data protection in respect to the residents of California. In short, it requires every business to comply with the laid rules and regulations as per the CCPA diligently. Where AZYO is considered, it is a data processor and only acts on behalf of the clients, the data controllers. Therefore, if users have any concerns or questions in respect to the data processing of their personal information, it should be directed to the clients only, as they are the data controllers and hence accountable for user’s personal information. Besides, AZYO does not sell your data (user’s information acquired) in the context of the terms “sell” and “personal information” clearly mentioned in the CCPA. Plus, AZYO will not keep, utilize, or reveal any of users’ personal data to third parties that have the terms mentioned “selling” in the process of providing its services to our clients. 

 

 

Information Security

 

At AZYO, the main objective is to provide the best identity verification services using full automation technologies and ensuring top security of the data acquired. Therefore, AZYO uses various security layers to protect user’s information from any manipulation, alteration, loss, or theft from bad guys. It leverages appropriate physical, technical, managerial, organizational, and other reasonable safeguards only to ensure proper and effective data storage of users personal and critical information. In fact, AZYO leverages blockchain- one of the most secure data protection technologies. There is no single security/safeguard plan that is full proof in all aspects. Hence, AZYO can certainly not take absolute responsibility in case of data security. Most importantly, at AZYO we especially cannot take the full responsibility of data protection when users personal information is in the possession of third parties. 

 

Data Storage

 

AZYO is a data processor which only acts on behalf and on the directives provided by the clients (data controllers). We at AZYO, conduct identity verifications of the users for our respective clients for their own variety of multiple reasons. Therefore, we totally rely on our clients when the case of data storage is concerned. It is according to them on how we act on the matter of retaining the personal information acquired, that is, the duration is decided and instructed to us by the clients itself. AZYO deletes the information gained as and when directed by our clients. Even when granting access to users’ personal information is considered, it is on the hands of clients and we act as per the directives given by them. Thus, to get answers regarding what personal information AZYO has about users, or if any requests regarding updates, changes are to be made, on such accounts please contact the client data controller. Plus, if you have any requests on the matter of deleting some information, in that case too it is recommended to contact the clients directly. You may also reach out to us at support@azyo.io

 

AZYO can retain your information other than directed by the clients or only when we have a valid legal reason for doing the same.

 

Your Rights on Your Shared Information 

 

As stated above in the data storage section, any request that you may have in respect to your shared information with us, it must be materialized directly with the clients who have your identity related checks. You may also contact us at support@azyo.io if you want to get your information deleted, updated, or changed in any sort of way. However, we will only act according to the directives and instructions that come our way from the data controllers, i.e., the clients. This criterion must be followed with no compromise as we act on behalf of our clients. 

 

 

Requests from Government & Law Enforcement Bodies

 

AZYO does not share or discloses any personal information of the users to the requests made by the governments or other lawful authorities. In such cases AZYO entertains these requests only if directed by the clients or if there is a legitimate legal reason for doing so. 

 

 

Children’s Privacy

 

AZYO will never collect/save any sort of personal data or information when it is in full knowledge that the child is of age below 13. Plus, for individuals of age ranging between 13-18, we highly recommend users to share their personal information over the internet only under the guidance of their parents/guardians.

 

 

Information Protection Notice for Customers and Website Visitors

 

This policy provides you information on the rights you have on your personal information as a user/visitor of the site. Also, it tells you about sharing such information collected on the site with third parties and legal authorities.

 

 

 Processing of your personal information as a contact person at one of AZYO’s customers.

The following points will throw light on how and for what AZYO will process your personal information in the event where you are the contact person at one of AZYO’s potential customers-

 

  • To enlighten you about AZYO’s services.
  • To have the option to speak with you, AZYO’s potential customer.
  • To provide you with our services, product plus support.
  • To maintain customer relationships.
  • To conduct various surveys.
  • To follow legal obligations, specifically under U.S laws.
  • To follow the prerequisites of the Payment Card Industry Data Security Standard (PCI DSS).

For the above-mentioned grounds, AZYO will process the following type of your personal information-

 

  • Name
  • Email Address
  • Contact Number
  • Information about AZYO’s communication with you
  • Data provided by you during your communication with AZYO
  • Agreement content
  • Job Role
  • Name & address of the related Company

Following are the ways on how AZYO intends to gather information mentioned in the section above-

 

  • When you provide us with your personal data, ex- sending an email.
  • Providing your personal data over a phone call with AZYO.
  • Through AZYO’s customer portal.
  • Through your employer during its business relation with us.

Remember! This provision where AZYO asks you to share your personal data depends on your personal will, i.e., it is voluntary. However, not sharing your information will lead to no communication with AZYO. Plus, your employer will be unable to utilize the full scope of AZYO’s product and services.

 

Processing of your personal information as a Visitor/User of the site

 

Personal & Pseudonymized Data – AZYO gathers both personal and pseudonymized information of the site users and visitors. Personal information is any information that is associated with an identified or an identifiable individual, like name, email address etc. Basically, it is enough information to associate with someone without the need of extra data. Whereas the term pseudonymized data means AZYO cannot use such data to associate with someone without the help of additional information.

 

Personal Information- Visiting the site does not require you to submit any personal data about yourself. There is no compulsion whatsoever when it comes to providing your personal data on our website. However, in the case when you do not provide us with the information, then you will be denied making use of the functionality of our site in its full scope. For instance, if you want to use the feature of “Request Information “on our website, you will be asked to give certain personal data like- your full name, email, job role, etc. In simple words, you will fail to utilize the site features in its full scope if you do not provide such information.

 

We may even integrate the information obtained through our website with information that we personally collect or acquire from the third parties. For instance, the information you provide us on a phone call, or through an email. All such information obtained is treated as personal information and ensures its privacy in accordance with this policy.  

 

 

Web Technologies

The following information is automatically recorded when you browse through our website-

  • IP address with the domain name
  • All the web pages you visit to
  • Time you spent on web page
  • The documents you downloaded
  • All links where you navigated on the site
  • Your location in a general way (City, State)
  • Cookie information

We may utilize certain web logs and applications that will help in the process of acquiring the above information.

 

Cookies

 

The small files which are stored on your computer when you visit web pages are termed as cookies. Cookies are helpful in storing information like the user’s activity on the site, his preferences, and similar information. It can be useful in finding out the following type of information-

  • Your purpose of site visit
  • The web pages you visited
  • The files/documents you downloaded

AZYO uses the following two types of cookies:

 

  • Session Cookies-These are the cookies that are utilized primarily to better the navigation processes. Such cookies provide temporary bits of information and die as soon as the browser is closed or after the completion of the session.
  • Persistent Cookies- These cookies are more permanent when it comes to the storage of information collected as compared to session cookies. This is because it is not stored in the browser’s memory but the user’s device itself. Persistent cookies store information like-sign in credentials, preferences etc. These cookies remain in existence even after you close your device. The same gets deleted only after its expiration period. 

Cookies can be avoided as per your will. You can set your browser to deny all cookies, plus specify when a cookie is being used. Though, deleting/blocking cookies may prevent you from utilizing certain features of the site. 

 

 

The Usage of Information Collected on Our Site

 

AZYO may use the personal information recorded from the site for a variety of purposes like-

  • To answer to your respective queries and questions regarding our services, site or even partners
  • To keep you updated about our services that you are likely to be interested in, by sending you information, maybe in the form of newsletters
  • To manage the terms of any agreements you have with us
  • To deliver your requests regarding our services
  • To keep you posted by notifications, important updates, account confirmations and others that may be significant to you
  • To deliver you with an enhanced user experience
  • To fulfil the legal/ regulatory requirements

AZYO may use the pseudonymized information recorded from the site for a variety of purposes like-

 

  • To improve the overall site by analyzing information like- number of visits, recognizing the visitors
  • Improving the user’s experience by analyzing how they use the functions on the site
  • For enabling additional web analytics, again to improve/enhance user- experience
  • For conducting research to improve the site. 

We can also link the pseudonymized information collected with personal information by using certain cookies and web beacons.

 

 

Sharing of personal and pseudonymized information gathered with third parties

 

Third Parties- To both manage and enhance our site, we may take necessary help from certain service providers/ business partners. Such service providers may use your personal/pseudonymized information that we collect to achieve the things mentioned in the section “The Usage of Information Collected on Our Site”.

To provide you with an example, we may take help from third party service providers to manage and strengthen our relationships with our clients and users who use our services, to help us with target email communications, to execute the services requested by you and to fulfil the terms of agreement, if any.

 

Third Party Plugins- The site even incorporates certain third-party plug-ins to increase its functionality. Such plug-ins can also store certain information like your IP address as well the web pages you make a visit to regardless of the fact you click on them or not. However, the privacy policy in this case is managed by the organization providing them.

 

Legal Requirements- We may even share/use the personal and pseudonymized information obtained if we find it to be necessary; To meet with the various laws, respective courts and legal rules and processes; To protect from various illegal activities like fraudulent attacks, breach of our terms and conditions; To protect against legal claims; To protect from the threats arising against the property, individual or any third party.

 

Except for circumstances from bankruptcy or orders by court, the usage, sharing or disclosure of your transferred personal information will only be subject to this policy. It can also be subject to new privacy policy- when you are provided with a notice for the same.

 

Aggregated Information– There is also a possibility where AZYO may share anonymized and aggregated information regarding the site users occasionally. For instance, in the form of issuing certain patterns on the usage of its site.

 

Transfer of Your Personal Information

 

Apart from sharing the information with the parties mentioned right above, AZYO may send the personal data obtained to the following-

  • To the Public Authorities
  • To the IT service companies that AZYO utilizes
  • To the organizations which are a part of AZYO’s corporate family
  • To the auditors for making audit reports
  • To the contractors and business partners

There is no guarantee that the parties/ recipients of your personal data mentioned above be in the same country as you. Therefore, it is natural that the degree of information security varies with every other country. Nonetheless, AZYO only makes any transfers of your personal information where the level of data protection degree is declared adequate by none other than the EU Commission or where AZYO takes certain measures to certify the appropriate level of data protection.

 

Legal Basis of the Processing

 

To attain the above-mentioned purposes, AZYO processes the personal data collected based on AZYO’s valid reason which remains in accordance with the Article6(1)(f) of the General Data Protection Regulation (GDPR).  AZYO may also ask you for your assent to process your personal data. After receiving your assent, we will process the data in accordance with Article 6(1)(a) of GDPR. You are also allowed to withdraw your assent as and when you desire. 

 

In the event where you choose to get marketing mails from us, we likewise may utilize the personal information that we collect to send you special correspondences, including messages and postal mails about our product.

 

Retention Periods

 

 This section will explain on how long AZYO stores your information collected:

  • As long as we have business relationship with you 
  • For a period of three months after your last visit to the site
  • For as long as it is necessary to store your data to respond and fulfil your requests

Post this, the data will be stored for as long as to fulfil any legal requirements or for protection against time-barred legal claims. 

 

 

Your rights in relation with your personal data

Following are the rights that you have in relation with your personal information under applicable laws:

 

  • To find out if and what kind of personal data does AZYO stores in relation with you
  • To ask for the copies of the information stored
  • To ask for the alteration of your personal data which is inaccurate or is processed on a non-compliance basis
  • To ask AZYO for restricting the processing of your personal data
  • To know about the third parties with whom your personal information is shared

 

Changes to the policy

 

Innovations in technology happen every other day. Therefore, it is even likely for AZYO to enhance/ change its services in the future. Meaning, it is also a possibility that changes might be needed to this policy as well. The changes made, if any, will be published on our website, i.e., the revised version of the policy will be posted on the Privacy Policy page of AZYO. We might also email you the same in the case where we maintain your email address. So, we recommend you make a periodic check on the Privacy Page to remain updated.

 

 

Contact

Feel free to leave us a message at support@azyo.io, if you have any questions or concerns regarding this policy.