Privacy Policy

At Verifast ("we," "our," or "us"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our identity verification services.

1. Information We Collect

1.1 Personal Information

• Identity Information: Name, date of birth, government-issued identification numbers
• Contact Information: Email address, phone number, physical address
• Biometric Data: Facial images, liveness detection data
• Business Information: Company details, tax identification numbers
• Technical Information: IP address, device information, browser type

1.2 Verification Data

We collect information from various sources to verify identities, including:

• Telecom operator data for phone number verification
• Government databases for taxpayer and business verification
• Public records and authorized data sources

2. How We Use Your Information

• Provide identity verification services to our business customers
• Verify the authenticity of identification documents
• Perform biometric matching and liveness detection
• Prevent fraud and ensure platform security
• Comply with legal and regulatory requirements
• Improve our services and develop new features
• Communicate with you about our services

3. Legal Basis for Processing

We process personal information based on the following legal grounds:

• Contractual Necessity: To provide our verification services
• Legal Obligation: To comply with KYC/AML regulations
• Legitimate Interests: To prevent fraud and improve our services
• Consent: Where required by law, we obtain explicit consent

4. Data Sharing and Disclosure

We may share your information with:

• Business Customers: The organizations that request verification services
• Service Providers: Trusted partners who help us deliver our services
• Legal Authorities: When required by law or to protect our rights
• Data Sources: Authorized data providers for verification purposes

We do not sell personal information to third parties for marketing purposes.

5. Data Security

We implement robust security measures to protect your information:

• End-to-end encryption for data in transit and at rest
• Regular security assessments and penetration testing
• Access controls and authentication mechanisms
• Secure data centers with physical security measures
• Employee training on data protection and privacy

6. Data Retention

We retain personal information only as long as necessary for:

• Providing our verification services
• Complying with legal and regulatory requirements
• Resolving disputes and enforcing agreements
• Legitimate business purposes

Typical retention periods range from 5-7 years based on regulatory requirements.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of your personal information
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your personal information
• Restriction: Request limitation of processing
• Portability: Request transfer of your data
• Objection: Object to certain processing activities
• Withdraw Consent: Withdraw previously given consent

To exercise these rights, please contact us at privacy@verifast.com.

8. International Data Transfers

As an Africa-focused company, we primarily process data within the continent. When international transfers occur, we ensure adequate protection through:

• Standard Contractual Clauses
• Adequacy decisions where applicable
• Binding Corporate Rules
• Other approved transfer mechanisms

9. Cookies and Tracking

We use cookies and similar technologies to:

• Provide essential website functionality
• Analyze website usage and improve performance
• Remember your preferences and settings
• Enhance security and prevent fraud

You can control cookie settings through your browser preferences.

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending email notifications to registered users
• Updating the "Last updated" date at the top of this policy

Your continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us: