Privacy Policy
FaceAccess is committed to protecting your privacy and handling your biometric and personal data with transparency, security, and respect.
⚠️ Biometric Data Notice
FaceAccess collects biometric identifiers including facial recognition data. This data is encrypted, stored securely, and used solely for identity verification. You may request deletion at any time through your account settings.
1. About FaceAccess
FaceAccess ("Company", "we", "our", or "us") operates the FaceAccess ecosystem including FaceAccess Home, FaceAccess Business, FaceAccess Mobile, web applications, and related services (collectively the "Services"). This Privacy Policy explains how we collect, use, store, and protect your information.
2. Information We Collect
Account Information
When you create an account, we may collect:
- First and last name
- Email address
- Phone number
- Account credentials (password stored as a salted hash)
- Organization name (Business users)
- Device information
Biometric Information
FaceAccess collects biometric identifiers and biometric information, including facial recognition data derived from camera imagery, when you enroll your face for authentication or access control. This biometric data is:
- Used solely for identity verification and access authorization within the FaceAccess platform
- Converted into a 128-dimensional encrypted mathematical template — not stored as a photo
- Never used for advertising, profiling, or sold to third parties
Usage Information
We may collect information related to how you interact with our Services including device type, browser type, IP address, login activity, and security logs to maintain platform integrity.
Camera Data
When using facial authentication features, your device camera temporarily captures image frames to detect and verify your identity. This data is processed in real time and converted into an encrypted biometric template. Raw video frames are not stored after processing is complete.
3. How We Use Your Information
We use collected information to:
- Provide facial authentication and access control services
- Verify identity during enrollment and login
- Maintain account security and prevent fraud
- Send SMS security notifications, authentication codes, and account alerts
- Improve system performance and user experience
- Comply with legal obligations
4. SMS Communications
If you provide a phone number, you may receive SMS messages for authentication codes, login alerts, security notifications, and account updates. Message frequency may vary. Message and data rates may apply. Reply STOP at any time to opt out. Reply HELP for support. SMS consent is not required to use the core platform, but some security features rely on SMS verification.
5. Storage and Protection of Biometric Data
Biometric data collected for facial authentication is:
- Encrypted using AES-256 or equivalent industry-standard encryption
- Stored securely on access-controlled infrastructure
- Used only for identity verification within the platform
- Subject to our Biometric Data Retention Policy
FaceAccess does not sell, lease, trade, or disclose biometric data to third parties except as required by law. Biometric templates may be deleted upon account deletion or when facial enrollment is removed.
6. Information Sharing
We do not sell personal data. Information may only be shared:
- With trusted infrastructure providers (e.g., Cloudflare) supporting our platform under strict data processing agreements
- When required by law, court order, or legal process
- To protect system security or prevent fraud
7. Data Security
We implement industry-standard security measures including encryption of sensitive data at rest and in transit, secure authentication systems, rate limiting, and monitoring for unauthorized access. See our Enterprise Security Compliance page for full details. No system can guarantee absolute security.
8. Your Rights
Depending on your jurisdiction, you may have rights to:
- Access your personal information
- Request correction of inaccurate data
- Request deletion of your data (including biometric data)
- Withdraw biometric consent at any time
- Receive a portable copy of your data
- Opt out of SMS communications
Requests may be submitted through your account dashboard Settings → Privacy, or by contacting support@faceaccess.com.
9. Data Retention
We retain data only as long as necessary to provide services, comply with legal obligations, and maintain security records. Biometric data may be removed when a user deletes their account, when facial enrollment is removed, or as required by applicable law. See our Biometric Data Retention Policy for jurisdiction-specific details.
10. Children's Privacy
FaceAccess is not intended for use by children under the age of 13. Minors between 13 and 18 may use the platform only with verifiable parental or guardian consent. We do not knowingly collect data from children under 13 without parental consent.
11. AI and Facial Recognition
FaceAccess uses algorithmic facial recognition technology for identity verification. For a full explanation of how our AI processes your biometric data, see our AI & Facial Recognition Disclosure.
12. Cookies and Tracking
We use session cookies solely for authentication and security purposes. We do not use third-party advertising cookies or behavioral tracking technologies.
13. International Users
FaceAccess services are operated in the United States. If you are located outside the US, please be aware that data may be transferred to and processed in the United States, where privacy laws may differ from those in your country.
14. Updates to This Policy
We may update this Privacy Policy periodically. Material changes will be communicated via email or prominent notice within the Services. Continued use of the Services after changes constitutes acceptance of the updated policy.
15. Contact
For privacy-related questions or data requests:
support@faceaccess.com