Biometric Information Privacy Policy
COINFLIP BIOMETRIC INFORMATION PRIVACY POLICY
In order to effectively and securely confirm the identity of individuals, GPD Holdings LLC and CF Preferred LLC (collectively “CoinFlip”) may use a biometric identification system. CoinFlip may use a third-party biometric online verification system or vendor, including by not limited to, Persona Identities, Inc. (“Persona”) and Veriff OÜ (“Veriff”), to supply it with biometric identification systems or services.
In order to comply with applicable law concerning biometric data (including the Illinois Biometric Information Privacy Act), CoinFlip has instituted the following policy:
Biometric Data Defined
As used in this policy, biometric data includes “biometric identifiers” and “biometric information” as defined in the Illinois Biometric Information Privacy Act, 740 ILCS § 14/1, et seq, and Texas Bus. & 503.001.
Biometric Data Collection & Use
As part of your use of certain CoinFlip services, you may be asked to verify your identity. CoinFlip’s vendor will generate biometric data by analyzing images of your face during this verification process.
CoinFlip and its vendors may utilize biometric technology and collect this biometric data solely for the purposes of confirming the identity of potential or existing customers, security, and fraud prevention. CoinFlip and its vendors may also use the data collected to improve their services and internal operations.
Authorization
If you elect to use CoinFlip features that require facial verification through these biometric technologies, you will use an input device or terminal designated to collect your biometric data. By using these CoinFlip services and participating in the verification process, you consent to the collection and use of your biometric data by CoinFlip and its vendor(s) in accordance with this policy.
Disclosure
As indicated above, some of the features through which you are asked to provide biometric data may be operated on CoinFlip’s behalf by Persona, Veriff, or another third-party vendor.CoinFlip discloses (or permits the direct collection of) biometrics data to/by to such vendor(s) for the purposes of operating the identity-verification systems they provide to CoinFlip.
CoinFlip will not sell, lease, trade, or otherwise profit from an individual’s biometric identifiers or biometric information. Nor will it authorize its identification vendors to engage in any such activity. (CoinFlip does, however, pay its vendors for the services they provide.) Persona, Veriff, or any other vendor used in accordance with this policy may engage with third parties to assist in providing the identification services, including hosting, cloud services, and other information technology services; email communication and SMS software providers; and identity verification services, background check providers, public and private records database providers, consumer reporting services, and fraud and identity management providers. Neither CoinFlip nor its identification vendors will disclose or disseminate an individual’s biometric data unless:
The individual or the individual’s legally authorized representative provides consent to such disclosure;
The disclosed data completes a financial transaction requested or authorized by the individual;
Disclosure is required by state or federal law or municipal ordinance; or
Disclosure is required pursuant to a valid warrant or subpoena.
Storage
Persona, Veriff, or any other vendor retains biometric data only for as long as necessary to provide identity verification, fraud prevention, and authentication services. Persona, Veriff, and other vendors will not retain biometric data greater than three years of your last interaction with said service, unless the third-party vendor is otherwise required by law or legal process to retain the data. CoinFlip shall use a reasonable standard of care to store, transmit, and protect from disclosure any paper or electronic biometric data collected. Such storage, transmission, and protection from disclosure shall be performed in a manner that is the same as or more protective than the manner in which CoinFlip stores, transmits, and protect from disclosure similar sensitive and confidential information. CoinFlip will require its vendor(s) to similarly protect and delete biometric data.