Privacy information PXL-Ident/Daego®
1. The Product
PXL Vision's Daego® product provides you with a means of digital identification at transaction partners that are independent from PXL, enabling the verification of an ID document based on its security features and the data contained on it, as well as in the context of a comparison of the photo contained on the ID document with a selfie video taken by the user. The verified result can then be used by transaction partners to verify identity at the time of a requested identity check.
Daego® can be used in two different ways: Within the Daego® Mobile App for installation on a smartphone and via the Daego® WebApp for use via an internet browser.
In the mobile app, identification is only necessary once and the app can be used for identification with several transaction partners because the identification data and the validation result are stored in the app. In case of the WebApp, an identity card comparison must be carried out for each transaction.
2. Secure Data Processing
The verification of identity documents is necessarily linked to the collection and processing of personal data from the scanned document and the video from the identification process. In the process, particularly sensitive personal data (biometric data of the user's face) is also collected and processed in order to carry out the comparison of the photos.
The processes used by PXL to process this data are subject to strict data protection regulations and are secured by correspondingly secure technical and organisational measures. PXL's servers are located exclusively in Switzerland; no data is transferred to third parties or to other countries (with the exception of the transfer to the transaction partners specifically named during identification).
3. Further processing for other purposes (development purposes) pursuant to Art. 13 para. 4 GDPR and your separate consent pursuant to Art. 9 para. 2 GDPR
The data collected and processed as part of the identification and verification process is basically only processed to provide identification in the respective individual case and is not used for other purposes or even transferred or sold to third parties.
However, the verification process is based on complex analysis algorithms that require constant improvement to enable a reliable analysis result. The processing of this data for this purpose, which differs from the pure identification service, is dependent on the explicit consent of the user concerned in accordance with data protection laws. PXL therefore requests this consent from the user before using the product. In the event of the user's consent, the data collected is then stored on separate servers, also located exclusively in Switzerland, and is then used to improve the algorithms and the PXL technology on which they are based. Strict technical and organisational protection measures also apply here, naturally. The employees entrusted with analysing the data are committed separately to strict compliance with data protection and confidentiality.
In order to ensure fair and transparent processing, we hereby inform you in accordance with Art. 13 (2) DSGVO about the processing of this data within the scope of this purpose:
- Storage duration and its criteria
In principle, the effective use of machine learning processes requires algorithms with a database that is as comprehensive as possible. Therefore, the retention of data is fundamentally necessary and sensible. Deletion takes place if you request deletion of your data or object to its use, which results in immediate deletion.
- Right to object at any time
You can request your revocation of the use of your data for the machine learning processes at any time via email@example.com. This does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.
- Right of recourse to a supervisory authority
You have the right to complain about the processing of data to a supervisory authority, for more information see IV.9.d below.
- Legally or contractually required
The collection and processing of your data in the context of machine learning is based exclusively on your voluntary consent.
- Automated decision making and profiling
The machine learning processes and the associated evaluation of the biometric data for the purpose of improving identity verification are not used for profiling purposes or via profiling. No evaluation of the personal characteristics of a person is made on the basis of the biometric and identification data from PXL, which would analyse or categorise you as a data subject in terms of personal characteristics, age, interests, health, economic situation, whereabouts of changes of location or behaviour and could therefore cause legal prejudice for you. The data collected and processed with your consent is used exclusively for the algorithmic matching of your face with the data held in the identification document and the extraction of the information relevant for identification for data matching from the document and verification of the authenticity of the document. In the course of an identity check via the app, an automatic decision on verification takes place in the event of a positive match, but this is initiated voluntarily by yourself when using the verification process for use with a transaction partner of your choice. It is in order to make this automatic decision as reliable as possible that the use of biometric data exclusively for this purpose within the framework of the machine learning processes is of particular importance. Your data is not processed for any other purpose and the automatic decision during verification is based exclusively on the algorithmic comparison of your biometric facial data without any other evaluation of the same.
PXL thanks you for your willingness to support the improvement of PXL technology with your consent. Of course, you can revoke your consent at any time by sending an e-mail to firstname.lastname@example.org. The data will then be deleted immediately.
4. Information obligations under data protection law
1. Responsible entity for processing data under data protection law
PXL Vision AG
8008 Zürich, Schweiz
2. Contact data of the DPO
3. Categories of processed data
a. We collect and process the following usage data when the mobile app is called up:
The identification number of your terminal device (UDID),
Type of terminal device,
Operating system of the terminal device
b. When the WebApp is called up, we collect and process the following usage data:
The identification number of your terminal device (UDID),
Type of terminal device,
Operating system of the terminal device
Session cookie (for load balancing)
c. When you initiate and perform a verification process, we collect and process the following personal data (identification data):
1. Master data: Identity card data
Surname, maiden name, forenames, doctoral degree, date of birth, place of birth, address, nationality, type of document, last day of validity, service and card specific identifier, country code, indication whether over or under a certain age, indication whether a place of residence corresponds to the place of residence queried, and order name, artist name, identity card number.
2. Image data
We collect both a photo of both sides of your ID document, your personal photo from the ID or (if applicable and available) from the NFC data of your ID document and the selfie video of your face.
3. Special categories of personal data
Biometric data such as face data.
d. If you contact the contact address specified in the Mobile App/Web App as part of a user enquiry:
1. User data:
Your name and address and, if applicable, e-mail address or telephone number that you provide as part of the user request.
2. If applicable, identification data given above
if this is necessary to process the user request.
In the event of malfunctions, the app connects to an error reporting tool in order to correct the errors and improve the user experience. Data from the end device (browser, operating system) may be transmitted in this process.
5. Purposes for which the personal data shall be processed and the legal basis for the processing
a. In the following cases, we collect and process data within the scope of a legitimate interest pursuant to Art. 6 (1) lit. f) DSGVO:
1. usage / metadata to improve the user experience of the App/WebApp.
2. usage data to fix bugs in the software or processes.
3. anonymisation of user data for statistical purposes
4. identification data and photo files for the purpose of error checking after a completed verification and transaction. Data is also stored in the event of unsuccessful verification in order to be able to deal with any subsequent errors or complaints.
b. In the following cases, we collect and process data within the scope of consent pursuant to Article 6 (1) a) or Article 9 (2) a) DSGVO
1. identification data and biometric data, such as the ID photo and selfie video to carry out the identification and verification process.
2. identification data and biometric data, such as the ID photo and selfie video, to improve identification procedures in the context of machine learning and artificial intelligence processes.
For more information on further processing for this purpose, please refer to the detailed explanation above in section III.
c. In the following cases, we collect and process data to provide the contractually agreed service in accordance with Art. 6 Para. 1 lit. b)
1. Collection, processing and transmission of identification data for comparison with the data record available at the transaction partner. If the verification is successful, the data is transmitted to the transaction partner via a secure connection.
2. collection, processing and transmission of the photos and the selfie video to carry out the comparison of the ID photo and the person recorded during use and to make this data available to the transaction partner for comparison with his or her own data to be confirmed by him or her. After completion of the identification and verification process, the data is made available to the transaction partner via a secure connection. This also takes place in the event that verification has not proved successful.
In addition, the machine learning and the use of the data necessary for its development are also necessary to fulfil the contractual obligations of PXL and for maintenance and quality assurance purposes.
6. Recipients or categories of recipients of the personal data
a. No transmission to third parties as part of the verification process
As part of the verification process, the data is not transmitted to third parties, but remains exclusively on PXL's servers in Switzerland until the identity verification has been successfully completed.
b. Transmission to transaction partners
After each successfully completed verification, you will be explicitly asked by the app or the web app for your consent as to whether the result of the verification as well as the transmission of the collected data for comparison and, if necessary, further storage and processing by the transaction partner may be transmitted to this transaction partner already known to you and explicitly and specifically named again within the scope of the verification process. After consent has been given, PXL transmits this data to the named transaction partner via a secure connection. From this point onwards, the transaction partner is exclusively responsible to you for further processing. Please inform yourself about their data protection regulations before giving your consent.
7. Place of data processing / transfer of personal data to a third country
PXL processes your personal data exclusively on servers in Switzerland that are protected with state-of-the-art technical and organisational measures and comply with the SOC 2 standard.
PXL Vision does not transfer your data to third countries unless you have expressly consented to this as part of a transaction, with the exception of the service providers contractually bound to PXL described in the next paragraph. If a transaction partner is located in a third country that is not part of the European Economic Area or does not comply with sufficiently recognised data protection regulations, it is up to you to decide whether you agree with the data protection information provided by the specific transaction partner and consent to the transfer by PXL.
Service providers who process personal data on our behalf outside the European Union (so-called third countries) will only be used if an "adequacy decision" of the European Commission (Art. 45 DS-GVO) exists for this third country, "appropriate safeguards" (Art. 46 DS-GVO) or "internal data protection regulations" (Art. 47 DS-GVO) are in place at the recipient, if necessary, along with additional safeguards. For further information, you can contact our data protection officer. Furthermore, your personal data will be processed in third countries if it is necessary for the fulfilment of the contract, you have consented or there is a legal obligation.
Employees of our company and service providers who support us in data processing within the framework of order processing (service providers for IT operations, customer service) have access to your personal data to the extent necessary to fulfil the purposes stated below. Any existing deviations are expressly described below. In individual cases, we are legally obliged to transmit personal data to authorities (e.g. requests for information from investigating authorities) or natural/legal persons (e.g. to assert claims under copyright law).
8. Duration for which the personal data are stored
a. Operative System
After completion of a transaction via the MobileApp or WebApp, the data is immediately deleted from the PXL operational system after retrieval by the transaction partner.
b. Storage in the Mobile App
The data collected within the scope of the mobile app is otherwise stored exclusively on the user's end device for as long as the user has installed the app or has not deleted it himself in the app. The data is not simultaneously retained by PXL, but is only available on the end device.
c. Storage for Machine Learning
With regard to data storage for machine learning purposes, please refer to Section III.
9. Automated decision making
If the identification and biometric data are successfully matched, an automatic decision is made about the identity of the user with the documents he or she has scanned. This decision is not based on personal characteristics of the user, such as age, gender, interests, knowledge, etc., but solely on the algorithmic comparison of the image files and the comparison of the identification data. Profiling does not take place.
10. Your rights
a. Existence of a right to rectification or erasure of personal data concerning them
With regard to the personal data you have consented to the use of for machine learning purposes, you have a right of objection and deletion at any time, which you can exercise by sending an email to email@example.com. This does not affect the lawfulness of the processing carried out on the basis of your consent up to the point of deletion. This does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.
If you notice an error in the collected data during the verification process via the app or the web app, you should cancel the verification process and inform us of this via the email address firstname.lastname@example.org.
After a successful transaction, the data will be deleted from PXL's operational systems and a correction is no longer possible. With regard to the data stored for auditing purposes in accordance with section IV.7.b (also in the event of an unsuccessful verification or the abortion of the verification process), please also contact the above-mentioned contact details.
After transmission to the transaction partner following your consent, please contact them directly regarding the correction of the data transmitted to them. PXL no longer has access to this data.
b. Existence of a right of access on the part of the controller to the personal data concerned
In accordance with Art. 15 GDPR, you can request information about the processing of your personal data from PXL at any time using the contact details provided in sections IV.1 and IV.2 above. Please understand that in this case we will take appropriate measures to ensure your identity as the correct recipient of the data information.
c. Right to object to processing and the right to data portability
You may object to the processing of your data at any time by contacting PXL using the contact details provided in sections IV.1 and IV.2 above. Once the transaction has taken place, there will be no further transfer to third parties.
d. Right of appeal to the supervisory authority
You also have the right to file a complaint to a supervisory authority (Art. 77 DS-GVO). You can contact the data protection supervisory authority for this purpose.
e. Data excerpt
You have a right to receive or transfer the personal data concerning you (Art. 20 DS-GVO). To do so, please contact us using the contact details above.
11. Secure Communication
For the transmission of confidential information, we recommend that you contact us by telephone, post or an encrypted contact form. If you contact us by e-mail, social media, messenger services (such as WhatsApp) or any other means, complete data security cannot be guaranteed.
Since changes in the law or changes in our internal company processes may make it necessary to adapt these data protection provisions, which we reserve the right to do accordingly, you can access the current version as well as older versions of the data protection information at pxl-vision/privacy.
© PXL-Vision AG, as of February 2022