PRIVACY POLICY
OZ FORENSICS LLC

1. INTRODUCTION

We, Oz Forensics, LLC Company, (hereinafter referred to as Company, or We) - the producer of products for the face biometric authentication. Not only convenience and opportunities provided by our products, but also the right of each person to private life and protection of their personal data are equally important for us. In our everyday practice Company does everything to prevent illegal distribution of personal data, as well as strives towards the protection of privacy of all parties.

The objective of this privacy policy is to inform you - the user of the device or services of Company - on the objectives, scope and methods of protection, periods of processing of personal data and your rights within the framework of our personal data processing procedures.

For details about the information we collect on our websites and online platforms, including how we use cookies, please visit our WEB SITE POLICY.

2. BASIC DEFINITIONS

This Privacy Policy uses the following basic definitions:

2.1. Policy – the present Privacy Policy

2.2. User – a natural person, who is using the Application

2.3. Application – Oz Forensics Device SDKs, Oz Forensics API, Oz Forensics Demonstration tool that performs different facial recognition checks.

2.4. Personal data – any information Application may collect includes user data, images, device information, operating system information, usage metrics and usage statistics. Any data that is transferred to the server via Oz Forensics s API is secured including a unique identifier, associated IP address, software version number, image data, biometric data, and information about which tools and/or services in the SDK are being used.

2.5. Data subject — natural person, who either directly, or indirectly is identified or can be identified by means of personal data.

2.6. Data processing - means any action or a set of actions implemented with the data by using automated equipment or without such equipment, for instance, collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction, etc.

2.7. Third party – a person that is not a representative of the Company, its employee, subsidiary, representative office, associated company and (or) a partner, which is bound with the Company by contractual liabilities regarding non-disclosure of personal data, as well as persons that are not identified by the respective personal data.

2.8. User device – tablet, smartphone or any other device operated by the user to use the Application of Company.

3. AREA OF POLICY APPLICATION

3.1. This privacy policy is in effect regarding any information, including personal data in the meaning of the applicable law that Company and/ or affiliated persons of Company may obtain regarding you in the process of the use of any websites, software, products, and/ or services of Company (hereinafter jointly - Services), the information on which you can find on the websites ozforensics.com, oz-services.ru, https://www.apple.com/ru/ios/app-store/, https://play.google.com/store (hereinafter jointly - Websites). Please pay attention to the fact that the use of any Website and/ or Service may be regulated by additional terms and conditions that may amend and/ or supplement the present policy.

3.2. The policy determines the category of personal data collected by the Company, procedures and objectives of the use of data, as well as the conditions of granting access to such data.

4. CATEGORIES OF PERSONAL DATA PROCESSED BY US AND METHODS OF OBTAINING THEM

The Company receives personal data in the following ways:

4.1. To provide our demo application of our Biometric Tools(hereinafter jointly - Application). The exact information needed depends on the check that’s being carried out on behalf of our client. For example, when verifying the identity of a user, we’ll ask for an image of their identity document as well as a picture or video of their face. We’ll then seek to verify whether the identity document is likely to be genuine and whether the person in the photo or video is likely the same person pictured in the identity document. We will also look to identify signs of fraud (for example, someone wearing a mask to impersonate another person or conceal their own real identity). If the user is successful on both the document and facial verification checks, Oz Forensics demo application will likely consider the user to have proven their identity.

In some cases, our application may also further check whether we have previously verified a user on behalf of a specific client by comparing the picture of their face to the pictures previously provided by that client. This helps our client not only verify identity but further protects them and their users by helping them understand when a user may be generating multiple identities.

To do all of this, we closely examine the information contained in the images, including the machine readable data (such as an identity document’s barcode) and the image metadata (such as the name of the camera model used to take the image), video content- our system uses this data to understand the wide variety of facial structures from people all around the world and we may use this data to remove duplicate identities from our systems as deemed necessary by Oz Forensics.

For demo Application - non-production deployments only - enrollment and authentication session information collected will include the above information as well as the following information, which is never shared or used for any other purpose except to positively identify the user and to improve Oz Forensics services:

Email address provided - In the event we have questions about how you intend to use our service or what issues you might have had with it, we will use your email address only to contact you directly with questions and to send you only our own product updates if you desire.

4.2. The User. Users are individuals whose identities we verify. We collect users’ information from the users themselves who download our Application. This information might include an image of any identity document (e.g. a passport or a driver's license), photos (at times, taken in quick succession for anti-fraud purposes) or a video of the user, and the biometric facial identifiers in those images. This enables our application to provide necessary checks and verify that the user is the true owner of the identity document and has not shown signs of fraud. We may also collect device identifiers (metadata).

4.3. Facial Biometric Comparison. When providing our Application, we will frequently extract and compare numerical biometric data from facial images to understand whether two faces are likely to be a match. We do this on behalf of our clients for two reasons. Primarily, we will check whether a user owns their identity document by comparing an image of their face to the facial image contained in the identity document. When we do this, we do not retain the extracted numerical biometric data for any length of time beyond this comparison.

In addition, we may also check whether we have previously verified a user on behalf of a specific client to help that client understand when a user may be generating multiple identities. We do this by comparing the facial image of a user to the facial images of other users previously verified on behalf of that specific client. To provide this check quickly, we store the numerical biometric data extracted from the previously collected facial images until the client deletes those original images.

4.4. Automated Decision Making and Reports. When we verify an identity or carry out a check on behalf of a client, we provide a Report to that client. This Report details the results of matching. The results are generated from the different machine learning models. We have no human powered processes, that can be used to verify an identity or perform a check.

4.5. Sharing information outside our demo Application. As well as sharing information with users, Oz Forensics do not share information with external parties: other companies, organizations, government bodies, and individuals outside Oz Forensics. Data collected is only used to operate our business, provide our products and services, improve existing products and services, develop new products and services, and to improve and personalize User experiences interacting with the software.

5. MEASURES IMPLEMENTED FOR DATA PROTECTION PURPOSES

5.1. Personal data collected by the Company are stored on secured networks, the access to which can be granted to representatives, employees, subsidiaries, associated companies, representative offices and partners of Company that are bound to Oz Forensics by contractual obligations on non-disclosure of personal data to third parties.

5.2. Company takes the following technical measures for the protection of Personal Data:

5.3. Measures for the protection of personal data indicated in Paragraphs 5.1, 5.2 of the present section shall be used until the moment of their depersonalization thereof.

5.4. Access to Manage User Data. We are providing Users the ability to do the following:

Third party data collection

The period for which the data is stored:

5.5. Your Rights. If you would like to access a copy of your information, have your information deleted, or otherwise exercise control over how your information is used, please contact Oz Forensics at support@ozforensics.com, or the postal address below in Paragraph 7.

6. POLICY CHANGES

6.1. The amendments to the provisions of the Policy may be implemented occasionally, within the limits permissible by the legal enactments of the Russian Federation and the EU, as well as generally adopted standards of international laws and regulations in the area of personal data protection.

6.2. All amendments to the Privacy Policy will be reflected in the present website, indicating the date, when the amendment has come into effect.

6.3. By continuing to use the Website after the changes in Privacy Policy are made you, as a User, give your consent to collection, processing and storage of your personal data in accordance with the amended Privacy Policy.

7. FEEDBACK

All queries regarding the provisions of the Policy may be sent to the one of our office:

Oz Forensics LLC

Moscow, Skolkovo, Nobel St. 5, 1 floor, Russia, 143026

Office e-mail: info@ozforensics.com

E-mail for GDPR enquire: info@ozforensics.com