HYPR Affirm Biometric Data Policy and Consent
HYPR Affirm Biometric Data Policy and Consent To Collect Use and Disclose Biometric Data
LAST UPDATED: January 7, 2024
Notice and Consent
This Biometric Data Policy and Consent to Collect Use and Disclose Biometric Data describes how HYPR collects and processes certain categories of Personal Information in connection with the Affirm Services provided by HYPR ("Services").
The company that is providing the services you wish to access or that employes you (“Company”) uses HYPR Affirm to verify your identity.
Please carefully review the details below prior to consenting to our collection and use of your information. Please note that once consent has been provided for the collection and processing of your information as part of your verification it may not be revoked where it is required to complete the verification services.
If you choose not to provide the Biometric Data, HYPR Affirm cannot verify your identity and it is recommended that you reach out to your employer’s support desk for alternative means of completing their required identity verification practices.
The type of Biometric Data Collected:
In connection with your Company’s use of the HYPR Affirm platform to verify your identity, HYPR will collect, capture, receive, or otherwise acquire one or more of the following biometric identifiers about you (collectively, "Your Biometric Data"):
- Face geometry (“Facial Recognition”)
- Voice print (“Voice Verification “)
- Video and audio footage to verify customer biometric data (“Video Verification”)
Use of Your Biometric Data:
HYPR may collect, use, disclose, and otherwise process Your Biometric Data necessary for the following:
- Comparing Facial Recognition data extracted from your photo in your identity document or electronic ID to the facial scan data extracted from the photo/video to verify your identity;
- Comparing Facial Recognition data from a reference image (for example the photo/video in your identity document or face you upload when you first enroll), to the facial scan data provided when you authenticate yourself as an authorized user of services;
- Comparing your voice print for Voice Verification;
- Allowing Video Verification;
- Detecting and preventing fraud, including to determine whether HYPR has previously verified a user’s identity;
- Detecting whether there is a genuine human or physical document in the photo/video (instead of a bot, for example) or signs of tampering with an identity document, electronic ID, or photo/video; and
- Improving and developing HYPR’s services, where permitted by applicable law;
- Completing a transaction, in accordance with the requesting Company’s instructions and as requested and authorized by you or your legally authorized representative;
- Completing a financial transaction requested or authorized by you or your legally authorized representative;
- As may be required by state or federal law, or municipal ordinance;
- Preventing prevent harm, loss or injury to others; and
- As may be expressly consented to by you.
(collectively, "Permitted Purposes").
You consent to HYPR's collection, use, and storage of Your Biometric Data for the Permitted Purposes and any other purposes that you specifically consent to from time to time.
Your consent will be valid for twelve months from the initial data of consent. HYPR will require you to provide your consent to the collection of your Biometric Data after the initial date of consent.
Disclosure of Biometric Data:
HYPR will not disclose or disseminate any Biometric Data except in furtherance of the Permitted Purposes, as follows:
- To the organization who has subscribed to the HYPR Affirm services for authentication and verification purposes;
- As required with other third parties and where permitted by law to enforce our Terms of Service,
- To third party service providers that perform functions on our behalf. These service providers are limited to using Your Biometric Data to assist in our provision of Services and must maintain any Biometric Data we share in a secure fashion.
Retention of Biometric Data:
HYPR may retain Your Biometric Data as long as is necessary or relevant for the Permitted Purposes. .
Under no circumstances will HYPR retain this information for longer than thirty-six (36) months absent a subpoena, warrant, or other legally compelling justification. HYPR’s goal is to destroy your Biometric Data within twelve months of your last interaction, unless otherwise required by law.
For users who are residents of Illinois, in accordance with Illinois state law HYPR will retain Biometric Data only until the occurrence of the first of the following:(a) the initial purpose for collecting or obtaining such Biometric Data has been satisfied; or (b) three (3) years following your last interaction with HYPR.
Deletion of your Biometric Data:
You may request that we delete your Biometric Data after verification by contacting us at firstname.lastname@example.org. HYPR reserves the right to retain this information as needed to comply with our legal obligations, including warrants, subpoenas or other court orders, or to help prevent fraud.
Safeguarding Your Biometric Data:
We use robust physical, organizational, technical, and administrative measures to safeguard all data we hold or process, and we regularly re-assess and revise our policies and practices to improve security. While we go to great lengths to protect your data, no method of data transmission or storage is totally secure; therefore, we cannot guarantee the security of data in our control.
Right to Withdraw Consent:
You may withdraw your consent at any time by contacting HYPR at www.hypr.com/contact. If you choose to withdraw your consent, HYPR may be unable to verify your identity or provide the requested Services.