Privacy Policy for Nashid Verify, Overify, and SDK Solutions

Nashid Enterprises LLC (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, share, and protect your personal and biometric data when you use our identity verification solutions, including but not limited to Nashid Verify, Overify, overify, or any related SDK or identity verification tool we offer (collectively referred to as the “App”). This policy explains how we handle data collected through our App, including data shared with business clients and how we may use data to improve our technology.

By using the App, you agree to the collection and use of your information as described in this Privacy Policy. This policy applies to all users, including individuals, business clients, and their associated users.

1. Definitions and Key Terms
  • App: Refers to Nashid Verify, Overify, overify, or any related SDK or identity verification solution provided by Nashid Enterprises LLC.
  • Business Clients: Refers to companies, organizations, or institutions that use the App to verify the identities of their customers, employees, or users.
  • Personal Data: Information that identifies or could reasonably identify an individual, such as a name, email, phone number, or government-issued ID.
  • Biometric Data: Unique physical characteristics, including facial geometry and behavioral patterns, collected to verify identity.
  • Verification Data: Data related to the identity verification process, such as biometric matches, document validation, and verification results.
  • Training Data: Anonymized data used to improve our models and systems through machine learning or algorithm training.
  • SDK: Software Development Kit provided by Nashid that allows business clients to integrate our identity verification tools directly into their own applications.
  • You: Refers to individuals using the App for verification or the users of business clients who are verified through our tools.
2. What Data We Collect

2.1 Personal Data

We collect personal data that you provide during the identity verification process. This may include:

  • Full name
  • Date of birth
  • Contact information (e.g., email, phone number)
  • Government-issued identification documents (e.g., passport, national ID, driver’s license)
  • Usernames and authentication credentials (for certain integrations)

2.2 Biometric Data

We collect biometric data for the purpose of identity verification, including:

  • Facial geometry and facial scans using device cameras (such as the TrueDepth API)
  • Liveness detection data (e.g., eye movements, head orientation, facial expressions)
  • Behavioral biometric data based on movement patterns during the verification process

2.3 Verification Data

  • Results from document validation and facial recognition processes.
  • Verification status, including pass/fail outcomes, document authenticity checks, and liveness detection success.

2.4 Device and Usage Data

We automatically collect information about your device and usage when you interact with the App, including:

  • Device type, operating system, and model
  • IP address, location data (if enabled)
  • App usage logs, including timestamps, actions taken, and errors encountered
3. How We Use Your Data

We use your data for the following purposes:

3.1 Identity Verification

  • To verify your identity by comparing biometric data with your submitted identification documents.
  • To authenticate users on behalf of our business clients for secure access and services.

3.2 Sharing Data with Business Clients

  • Business Clients: When our App is integrated into a business client’s system (e.g., a bank, employer, or institution), we may share your personal and biometric data, as well as verification results, with that client.
  • The business client will use this data based on their own privacy policies and data usage agreements, which you are encouraged to review.

3.3 Improving and Training Machine Learning Models

  • Anonymized Data for Improvement: We may anonymize and aggregate data (e.g., facial geometry, behavior data) to improve our machine learning models, algorithms, and verification technologies. This data is stripped of any identifiable information before being used for development and training purposes.
  • Research and Development: The anonymized data may also be used for research and analysis to improve system accuracy, fraud prevention capabilities, and user experience.

3.4 Legal Compliance

  • To comply with legal, regulatory, and contractual obligations, including those related to Anti-Money Laundering (AML) and Know Your Customer (KYC) requirements.
  • To provide information in response to lawful requests from authorities or as required by law.

3.5 Service Enhancement and Customer Support

  • To analyze and improve the functionality and performance of the App, including optimizing the user experience and enhancing security features.
  • To provide customer support, troubleshoot issues, and resolve disputes.

3.6 Communications

  • To notify you and business clients about verification status or other related matters.
  • To send service updates, changes to our terms or this Privacy Policy, and important communications regarding your account or verification process.
5. Data Sharing

We may share your data under the following conditions:

5.1 With Business Clients

When you use the App as part of a business client’s identity verification process, your personal and biometric data will be shared with that client for authentication and verification purposes. Business clients are responsible for their own use of the data, and we recommend reviewing their privacy policies.

5.2 With Service Providers

We work with third-party service providers who help us deliver our services, including:

  • Cloud hosting providers for secure data storage
  • Biometric verification services and AI/ML partners
  • Analytics and performance monitoring tools

These providers are bound by confidentiality agreements and are only permitted to use your data for the specific purposes outlined by Nashid.

5.3 Legal Disclosures

We may disclose your data if required by law, regulation, or legal request. This may include cooperation with law enforcement or compliance with regulatory authorities.

5.4 Corporate Transactions

In the event of a merger, acquisition, or sale of all or part of Nashid’s assets, your personal data may be transferred to the acquiring entity. The acquiring company must comply with the terms of this Privacy Policy unless otherwise notified.

6. Data Retention

6.1 Personal and Biometric Data Retention

  • We retain personal and biometric data only for the duration necessary to complete the verification process. Once the verification is completed, biometric data such as facial scans is securely deleted, unless further retention is required by the business client or law.

6.2 Retention for Model Training

  • Anonymized data used to improve machine learning models may be retained indefinitely for the purpose of enhancing system performance, fraud prevention, and service optimization.

6.3 Compliance Retention

  • We may retain data to comply with legal obligations, resolve disputes, or enforce agreements. For instance, certain data may be retained for AML/KYC compliance for a period required by law.
7. Data Security

We implement comprehensive security measures to protect your data, including:

  • Encryption: Personal and biometric data is encrypted in transit and at rest using industry-standard encryption methods.
  • Access Controls: We limit access to personal and biometric data to authorized personnel only and implement robust internal controls.
  • Audit and Monitoring: We regularly audit our systems to identify vulnerabilities and ensure compliance with data protection regulations.

While we take every precaution to safeguard your data, no system is completely secure. In the event of a data breach, we will promptly notify you in accordance with applicable laws.

8. International Data Transfers

Your data may be transferred to and processed in countries other than your own. When transferring data internationally, we implement appropriate safeguards, such as standard contractual clauses, to ensure the protection of your personal and biometric data.

8. International Data Transfers

Your data may be transferred to and processed in countries other than your own. When transferring data internationally, we implement appropriate safeguards, such as standard contractual clauses, to ensure the protection of your personal and biometric data.

9. Your Rights

You have certain rights regarding your personal and biometric data, including:

  • Right to Access: You can request access to the personal data we hold about you.
  • Right to Correction: You can request that we correct inaccuracies in your personal data.
  • Right to Deletion: You can request the deletion of your personal data, subject to legal and contractual obligations.
  • Right to Object: You have the right to object to the processing of your data in certain situations.
  • Right to Data Portability: You can request that your data be provided to you in a structured, machine-readable format for transfer to another service provider.

To exercise any of these rights, please contact us at privacy@nashid.io.

Updates to Our website

Nashid may from time to time provide enhancements or improvements to the features/ functionality of the website, which may include patches, bug fixes, updates, upgrades and other modifications ("Updates").

Updates may modify or delete certain features and/or functionalities of the website. You agree that Nashid has no obligation to (i) provide any Updates, or (ii) continue to provide or enable any particular features and/or functionalities of the website to you.

You further agree that all Updates will be (i) deemed to constitute an integral part of the website, and (ii) subject to the terms and conditions of this Agreement.

10. Children’s Privacy

Our App is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we discover that we have inadvertently collected personal data from a child under 18, we will take immediate steps to delete such information from our systems. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us at privacy@nashid.io to request the removal of the information.

11. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our data practices, legal requirements, or services. Any significant changes to this policy will be communicated to you through the App, via email, or on our website. The "Effective Date" at the top of this Privacy Policy will be updated to reflect the date of the latest revision.

By continuing to use the App after changes are made, you acknowledge and accept the revised terms of this Privacy Policy. If you do not agree with any changes, you must stop using the App and request the deletion of your data.

12. Contact Information

If you have any questions or concerns about this Privacy Policy, our data handling practices, or your rights regarding your personal or biometric data, please feel free to contact us:

Email: privacy@nashid.io

Phone: (+968) 2206 9835

Address: Office 24, Al Zahra Building Ghala, Muscat, Oman

We are committed to protecting your privacy and ensuring the secure and compliant handling of your data. Your trust is important to us, and we welcome any feedback or questions you may have regarding our privacy practices.