Last updated: March 2026

Privacy Policy

At FaceSign, we take your privacy seriously. This policy describes how we collect, use, and protect your personal information when you use our identity verification services.

Information We Collect

When you use FaceSign's services, we may collect the following categories of information:

  • Identity data: Facial biometric data, voice patterns, and behavioral signals collected during verification sessions.
  • Device data: Device type, operating system, browser information, IP address, and geolocation.
  • Session data: Verification timestamps, session duration, interaction patterns, and verification outcomes.
  • Account data: Information provided by our enterprise customers to facilitate verification (e.g., name, email, account identifiers).

How We Use Information

We use collected information for the following purposes:

  • Providing identity verification services as contracted by our enterprise customers.
  • Detecting and preventing fraud, including deepfakes, synthetic identities, and coercion.
  • Improving the accuracy and reliability of our verification technology.
  • Complying with legal obligations and regulatory requirements.
  • Generating anonymized, aggregate analytics for service improvement.

We do not sell your personal information to third parties. We do not use your biometric data for advertising purposes.

Biometric Data

FaceSign processes biometric data (facial geometry, voice patterns) solely for the purpose of identity verification. This data is:

  • Encrypted in transit and at rest using industry-standard AES-256 encryption.
  • Processed in compliance with applicable biometric privacy laws (BIPA, GDPR, CCPA).
  • Retained only for the duration required by our data retention policy or applicable law.
  • Never shared with third parties except as required by the contracting enterprise or law.

Data Retention

Verification session recordings and biometric data are retained for the period specified in our enterprise customer agreements, typically not exceeding 90 days unless longer retention is required by law or regulation. You may request earlier deletion subject to applicable legal requirements.

Data Security

We implement industry-standard security measures to protect your data, including:

  • End-to-end encryption for all verification sessions.
  • AES-256 encryption at rest for stored data.
  • Regular third-party security audits and penetration testing.
  • SOC 2 Type II certified infrastructure.
  • Strict access controls and audit logging.

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate personal data.
  • Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to certain processing of your personal data.

To exercise these rights, please contact us using the information below.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at:

  • Email: privacy@facesign.ai
  • Address: FaceSign, Inc.