BIOMETRIC PRIVACY NOTICE | EFFECTIVE MARCH 08, 2023

Biometric Privacy Notice

WHAT IS THE PUTPOSE OF BIOMETRIC PRIVACY NOTICE?

This biometric privacy notice explains how Satschel, Inc. (“Satschel”) collects, uses, shares, retains, and destroys your Biometric Data when you use our services. “Biometric Data” includes: (i) “Biometric Identifiers,” which are data generated by measurements of your biological characteristics, such as your retina or iris scan, fingerprint, voiceprint, or a scan of your hand or face geometry; and (ii) “Biometric Information”, which is information based on a Biometric Identifier that can be used to identify you.

Please review this notice carefully. By agreeing to our collection of your Biometric Data, you consent to the collection, use, sharing, and retention of your Biometric Data as described in this notice.

WHAT TYPE OF BIOMETRIC DATA DO WE COLLECT?

  1. Face geometry

  2. Fingerprints

HOW DO WE COLLECT BIOMETRIC DATA?

  1. To validate your identity and help prevent fraud, we use artificial intelligence and machine learning to evaluate the authenticity of your identity document and assess whether the image on the identity document and the image of yourself match, as well as liveness detection (whether you are physically present when you take the image of yourself).

  2. Depending on the device you use to access our services, we may also collect your fingerprint for authentication purposes.

HOW DO WE USE AND SHARE BIOMETRIC DATA?

  1. We use your Biometric Data to help securely verify your identity.

  2. If one of our customers directed you to our services, we share the results of your identity verification with that customer, but we do not share your Biometric Identifiers with our customers.

  3. We may store a copy of your Biometric Data in an encrypted format with our cloud infrastructure providers to enable our services, but these providers do not have access to that Biometric Data.

  4. We may also share your Biometric Data where otherwise authorized by you, or where required by law or court order.

HOW LONG DO WE RETAIN YOUR BIOMETRIC DATA?

  1. If you interact with one of our services directly, we retain your Biometric Data for so long as we are legally obligated to do so or until the first of the following occurs:

    1. The initial purpose for obtaining your Biometric Data has been satisfied, such as any retention necessary to fulfill our “know your customer” or anti-money laundering (KYC/AML) obligations;

    2. The services we provide to you are terminated; or

    3. Within three years of your last interaction with us.

  2. If one of our customers directed you to our services, we retain your Biometric Data for as long as instructed by our customer.

WHAT HAPPENS TO YOUR BIOMETRIC DATA AT THE END OF THE RETENTION PERIOD?

  1. We permanently erase or anonymize your Biometric Data at the end of the retention period described above such that it cannot be recovered or reconstructed.

ADDITIONAL PRIVACY DISCLOSURES AND YOUR RIGHTS

If you interact with one of our services directly, please review our Privacy Policy available at [Privacy Policy] for more information about how we collect, use, and share your personal information, as well as your rights and choices concerning our data practices.

If a Satschel customer has referred you to this biometric privacy notice and you would like more information about how our customer collects, uses, and shares your personal information, as well as your rights and choices concerning our customer’s data practices, please refer to our customer’s privacy policy.