a) VERIFYMY LIMITED operates the http://www.verifymycontent.com (“Site”), an identity and content verification service (“Service”). We are a limited company registered in England & Wales under company number 12050874 and ICO registration number ZA529836.
b) In the EU and UK, VERIFYMY LIMITED is known as the data controller of the personal data described in the Privacy Policy which means it holds and manages your personal data.
c) This Privacy Policy describes our practices regarding personal data generally in the context of the Site and Service. For more detail regarding our collection, use, disclosure, and retention of biometric data (which is more limited than for most other personal data) in this context, please see the Verifymy Identity Verification and Content Moderation Biometric Data Policy.
a) Personal data is any information about you that enables you to be identified. Personal data covers information such as your name and contact details, but it also includes information such as identification numbers, electronic location data, and other online identifiers.
b) The types of personal data that we collect and why is set out below.
a) VMC is a Service provided to you either as a business customer or as an individual uploading content to one of our business customer’s websites (“Content Uploader”).
b) When you are a Content Uploader we will be conducting an identity and content check on you. This will involve you providing certain personal data to us and setting up an account with us.
c) Where you are our business customer we will collect and process certain personal data about you as part of our business relationship, in order for us to conduct the identity and content verification check for you in relation to Content Uploaders.
We collect personal data about you either directly from you, from our business customer (who you have a relationship with), or from third parties. We have set these out below.
a) If you are a content uploader, we will collect and process the following personal data:
| Data Collected | How We Collect the Data |
|---|---|
| “Data Processed” | Provided by you via our Site |
| “IP address” | Provided by you via our Site |
| “Images containing your face, taken live from your device’s camera (“Facial image” or “selfie image”)” | Provided by you via our Site |
| “Images of your government-issued identification (including the image of you), and other pertinent information on that identification” | Provided by you via our Site |
| “Face map” | Created by us using biometric scans based on your facial image and the image of you in your government-issued identification |
| “Email address” | Provided by you via our Site & by the business customer to us |
| “Telephone number” | Provided by you via our Site & by the business customer to us |
| “Website ID” | Provided by the business customer to us |
b) If you are a business customer, we will process the following personal data when you provide it to us via our Site:
| What we do | What personal data we use | Our lawful basis under the GDPR where this is relevant |
|---|---|---|
| Registering an account on our Site and communicating with you |
All personal data listed under section 4(a) |
Your consent. |
| Supplying our Service to you (when making a purchase or accessing a website) | All personal data listed under section 4(a) | Your consent and our legitimate interests to improve our Services |
| Supplying our Service to you (as a business customer) | All personal data listed under section 4(b). | Fulfilment of our legal contract with you or the business you represent. |
| Protect against, identify and prevent fraud and other prohibited or illegal activity, claims and other liabilities | All personal data listed under section 4. | Our legitimate interests in operating a business and upholding our legal rights and obligations. |
| Compliance with applicable legal requirements and our policies | All personal data listed under section 4. | The legal obligations to which we are subject. |
| Establish, exercise and defend legal claims | All personal data listed under section 4. | Our legitimate interests in operating a business and to uphold our legal rights and obligations. |
We also use data for statistical analysis in order to operate, evaluate and improve our business. Such analysis is only done on personal data at an aggregated and anonymised level.
a) We use the following automated systems for carrying out certain kinds of decision-making and profiling. If at any point you wish to query any action that we take on the basis of this or wish to request ‘human intervention’ (i.e. request that someone review the action themselves, rather than relying only on the automated method), the Data Protection Legislation gives you the right to do so. Please contact us to find out more using the details in section 12.
a) We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. When we conduct a check, we typically plan to keep the personal data for the periods provided below:
| Type of Data | Months/days held since the Date of Last Verification |
|---|---|
| “Email address” | 24 months |
| “IP Address” | Deleted immediately following the check |
| “Facial image” | Varies by image. See the Verifymy Identity Verification and Content Moderation Biometric Data Policy for details. |
| “Images of your government-issued identification (including the image of you), and other pertinent information on that identification” | 365 days |
| “Face map” | Varies depending on the face map. See the Verifymy Identity Verification and Content Moderation Biometric Data Policy for details. |
| “Telephone number” | 24 Months |
| “Website unique identifier (e.g. account username, account ID)” | 24 Months |
b) Where you do not successfully complete our identity and content verification process, and we believe you are a minor, we will delete any personal data we hold immediately upon confirmation of such as a result.
a) All personal data is stored by us within the EEA.
b) We may share your data with external third parties, as detailed below in section 8, that are based outside your country of residence which may be located outside of the EEA. In such cases we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK or EU.
a) We share face maps only in the limited ways described in our Verifymy Identity Verification and Content Moderation Biometric Data Policy. We share other personal data as set forth in this section.
b) We share the results of our identity verification and content moderation services with our business customers when you use their site (or attempt to use it) and they request that we verify your identity.
c) We may share your personal data with other companies in our group for the purposes described in this Privacy Policy.
d) We contract with third parties to supply certain services related to our business. This may include sharing any personal data you have given us or data that we have obtained from a third party source to improve the accuracy of our Service.
e) When any of your personal data is shared with a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law.
f) If any personal data is transferred outside of the UK or EEA, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK or the EEA or the US and under data protection laws.
g) We have put in place appropriate safeguards (such as regulator approved standard contractual terms) in accordance with applicable legal requirements to provide adequate protection for your personal data. For more information on the appropriate safeguards in place and to obtain a copy of such safeguards, please contact us as set out at section 12 below.
h) If we sell, transfer, or merge parts of our business or assets, your personal data may be transferred to a third party in connection with that event. (We may seek your additional consent to this disclosure or omit your face maps from our disclosure if we believe either approach is required by applicable law.). Any new owner of our business or assets and their suppliers may continue to use your personal data in the same way(s) that we have used it, as specified in this Privacy Policy.
i) In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
We implement physical, technical, and organisational security measures designed to safeguard the personal data we process through our Services, such as high-end cryptography to protect customers’ data. All data is encrypted at rest and in-transit using a combination of 256-bit encryption and hashing algorithms. These measures are aimed at providing on-going integrity and confidentiality for your personal data. We evaluate and update these measures on a regular basis.
a) If applicable under EU and UK the data protection laws, you may have the following rights:
b) To exercise any of the rights outlined above, please contact us using the details provided in section 12. There is not normally any charge for making a request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
c) We will respond to your request within a month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request.
d) If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the data protection regulator. In the UK, this is the Information Commissioner’s Office. We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first, using the details in section 12.
Our Site may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check.
To contact us about anything to do with your personal data and data protection, including to make requests or exercise any rights you may have (such as rights under Nevada law to opt out of certain disclosures), please use the following details:
By email:
support@verifymy.io
By post:
VERIFYMY LIMITED
Unit 213 The Frames
1 Phipp Street
London
England
EC2A 4PS
a) We may change this Privacy Policy from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects how your personal data is protected.
b) Any changes will be posted on our Site. We recommend that you check this page regularly to keep up-to-date.
c) This Privacy Policy was last updated June 2024.
Get in touch
