Biometric Data Policy

How CAIRL collects, uses, and protects biometric data

During identity verification, CAIRL processes biometric data derived from user-submitted images. This includes facial geometry extracted from a selfie and facial geometry extracted from a government-issued ID.

CAIRL does not retain raw biometric images after processing is complete.

We store limited biometric data in the form of:

• Biometric comparison results (e.g., match / no-match scores)
• Biometric reference (facial embedding) — a mathematical representation of facial features, not an image

Biometric data is used solely for:

• Identity verification — comparing a selfie to an ID photo
• Liveness detection — preventing spoofing and automated attacks
• Fraud prevention and account integrity — detecting duplicate or fraudulent account creation

Biometric data is not used for advertising, profiling, or any commercial purpose beyond identity verification and security.

Biometric data is not used to track your behavior across unrelated services.

• We do not sell, lease, or trade biometric data
• We do not share biometric data with partner platforms
• We do not provide biometric data to third parties except as required by law

Partners receive only verified claims (e.g., "identity_verified: true"), never biometric data.

Biometric data is processed by Amazon Web Services (AWS) Rekognition, acting as a data processor under our control. AWS processes this data solely to perform face matching and liveness detection on our behalf and does not use your biometric data for its own purposes.

Biometric references (facial embeddings) associated with your account are permanently destroyed within 30 days of: your deletion request, your withdrawal of consent, or your account closure.

Biometric session data (raw processing results) is ephemeral and is not retained beyond the verification session.

Deletion is permanent and irreversible.

You may:

• Request deletion of your biometric data at any time
• Close your account to trigger deletion
• Contact us with questions about how your data is used

After deletion, identity verification may be required again to continue using CAIRL.

Biometric data is collected only after a clear, explicit consent prompt in the verification interface. This consent is separate from your agreement to the Terms of Service.

You may withdraw consent at any time by requesting deletion of your data or by contacting privacy@cairl.app.

This policy is designed to satisfy notice and consent requirements under applicable biometric privacy laws, including Illinois BIPA, Texas CUBI, and Washington's biometric privacy law.

Residents of Illinois, Texas, and Washington may have additional rights under their respective state laws. See the Privacy Policy for details.

Biometric data is encrypted in transit and at rest, access-restricted using least-privilege controls, and stored separately from partner-accessible systems.

privacy@cairl.app