VCheck Biometric Policy - Identity-as-a-Service

Biometric Policy - Identity-as-a-Service
Updated On: October 1, 2025

Welcome to Identity-as-a-Service, offered by IDmission, LLC. (“IDmission,” “we,” “our,” or “us”). This Biometric Policy describes IDmission’s policies with respect to our processing of biometric information on behalf of our clients (“Clients”) that use our authentication service to verify and vet the identities and credentials of individuals (collectively, the “Services”).

This Biometric Policy applies to all visitors, users, and others who access and/or use the Service (“Users”) and is intended to comply with laws that are applicable to the collection and use of biometric information, including the Illinois Biometric
Information Privacy Act (“BIPA”) and Texas Capture or Use of Biometric Identifier Act (“CUBI”) (collectively, the “Biometric Laws”).

By clicking “I consent” and accessing or using the Services, you signify that you have read, understood, and consent to be bound by this Biometric Policy (the “Biometric Policy”) and to the collection and use of your biometric information as set forth below.

Please read this Biometric Policy carefully to ensure that you understand each provision.

Biometric Information. IDmission collects facial biometric information (described below) through the Services only with your express consent. Users must consent to this Biometric Policy as part of their enrollment or registration in the Services. You are free to decline or revoke your consent at any time by emailing us at privacyteam@idmission.com. However, if you do so you will be unable to register and
use the Services.

Facial Biometrics. If you enroll in the Services, you agree to use our facial biometric Services in which IDmission will collect an image of your face that you provide through a mobile app and a photo or scan of your face as it appears on an identification document. IDmission will use facial recognition technology only for the purpose of verifying your identity as the person who appears on the identification document. Specifically, IDmission converts the image of your face and the image on your identification document into a unique numerical template, measurement, or face geometry, which constitutes “Biometric Information” under the Biometric Laws. This template is used solely for the purpose of identity verification and fraud prevention.

Disclosure of Biometric Information. IDmission may share the facial scans with the IDmission Client through which you used IDmission’s identity verification service. We do not sell, lease, trade or otherwise profit from biometric information. We may disclose your biometric information to our authorized service providers or other third parties only
if:

you or your authorized representative have provided express written consent to the disclosure;
the disclosure is required pursuant to a valid warrant, subpoena, or court order issued by a court of competent jurisdiction; or the disclosure is required by applicable law.

Data Retention and Deletion.
IDmission has developed this policy establishing a retention schedule and guidelines for the permanent destruction of Biometric Information and Biometric Identifiers.

IDmission will retain your Biometric Information only for as long as is necessary to
satisfy the initial purpose for which it was collected, which is for the verification of your identity for the Client. IDmission will permanently destroy your Biometric Information upon the earlier of:

For Clients that use our Services on a one-time basis, biometric information will be permanently deleted after twenty-four (24) hours of our collection from the User, as that will be the date that the purpose for collecting or obtaining the Biometric Information has been satisfied, or
The earlier of one (1) year of your last interaction with the Services or the Client for which the verification was performed. All destruction of Biometric Information will render the data permanently unreadable or undecipherable through the use of industry-standard security practices

Data Security and Storage
IDmission is committed to safeguarding the confidentiality and security of your Biometric Information. We will use a reasonable standard of care within our industry to store, transmit, and protect from disclosure any Biometric Information in our possession. IDmission will store, transmit, and protect your Biometric Information in a manner that is the same as, or more protective than, the manner in which we store, transmit, and protect other confidential and sensitive personal information.

Notification of Changes to this Policy. Technology and the Internet are rapidly changing. IDmission therefore is likely to make changes to the Services in the future and may need to revise this Biometric Policy to reflect those changes. When we revise the Policy, IDmission will post the new Policy on the IDmission website’s home page (www.idmission.com) and also on the IDentity Service website (https://identity.idmission.com), so you should review that page periodically. If we make a material change to the Policy, you will be provided with appropriate notice and we will obtain your additional consent where required by law. If we maintain your email address or phone number, we also may email you a copy or send notification of the revised Biometric Policy at your most recently provided email address or phone number. It is therefore important that you update your email address or phone number if it changes.

Questions or comments
If you have any questions or comments regarding our Biometric Policy, please email us at: privacyteam@idmission.com.