FaceLock

FaceLock Creator Application Privacy Policy

Last Updated: January 12, 2026

FaceLock ("we", "us", or "our") is committed to protecting the privacy and security of all individuals who use our FaceLock Creator Application (the "App"). This Privacy Policy explains how we collect, use, disclose, store, and protect information when organizations (Issuing Authorities) use the App to create biometrically bound credentials.

FaceLock aligns with privacy-by-design principles: leveraging FaceTec's 3D liveness and UR Code technology, biometric data is processed locally on the issuing authority's device or controlled environment. FaceLock itself does not receive, store, or process end-user biometric templates or raw biometric data. The App facilitates the creation of digitally sealed, PKI-signed QR codes (UR Codes) that bind a cryptographic representation of the biometric to the credential.

This policy applies to Issuing Authorities (administrators and users of the Creator App) and indirectly informs how end-user privacy is preserved in the FaceLock ecosystem. We operate in compliance with applicable data protection laws, including the GDPR (where relevant), CCPA/CPRA, BIPA, and other jurisdictional biometric privacy requirements.

1. Information We Collect

We collect only the minimal information strictly necessary to deliver the FaceLock application, enable secure credential issuance by Issuing Authorities, support administrative access, and maintain auditability and compliance (e.g., GDPR, chain-of-custody requirements). FaceLock prioritizes data minimization, privacy-by-design, and strong security controls throughout our Azure-based infrastructure.

  • Account and Contact Information: When an Issuing Authority registers or manages access, we collect organization name, administrator name(s), email address(es), phone number(s), and authentication credentials (e.g., passwords, multi-factor tokens). This data supports secure account provisioning and administrative functions.
  • Usage and Technical Data: To ensure system reliability, security monitoring, performance optimization, and compliance auditing, we collect device information (e.g., type, OS version), IP addresses, application logs, performance metrics, and detailed audit trails from credential issuance sessions and administrative logins. Audit trails include timestamps, event types, and non-sensitive metadata to enable temporal tracking of actions (e.g., effective-dating of administrative changes or credential events).
  • Credential Metadata: Non-biometric attributes entered by the Issuing Authority during issuance, such as the credential holder's full name, ID number, issue/expiry dates, role/attributes, and other verified claims. This metadata is cryptographically incorporated into the digitally signed QR code (u-code), enabling offline or simple-device validation without centralized lookup.
  • Administrative Biometric Data (Limited and Opt-In): For Issuing Authorities that choose to enable biometric face login for their authorized agents or system administrators, we store a secure, one-way biometric representation (derived from FaceTec processing) solely for the purpose of authenticating those administrators to the FaceLock platform. This biometric is:
    • Collected only with explicit opt-in consent from the administrator.
    • Processed and transformed into a non-reversible, privacy-preserving format (e.g., one-way template or vector) via the FaceTec SDK.
    • Stored securely in our Azure SQL database exclusively for that administrator's repeated authentication to FaceLock.
    • Never used for credential issuance or end-user verification.
    • Subject to strict retention limits, revocation options, and deletion upon account termination or opt-out.

Important: What We Do Not Collect, Receive, or Store

FaceLock is designed with a strong zero-storage policy for end-user biometrics to eliminate honeypot risks and uphold the highest privacy standards:

  • We do not collect, receive, transmit, or store raw selfies, 3D FaceScans, facial geometry maps, 3D FaceMaps, biometric templates, or any other biometric identifiers/templates from credential holders or end-users during onboarding or issuance.
  • During credential issuance, liveness validation (via FaceTec SDK) and comparison of a live 3D face map to the provided 2D authoritative government photo occur entirely within the Issuing Authority's controlled environment (on-device or in their infrastructure) or on FaceLock's hosted servers in the Azure environment for a cloud-hosted installation. FaceLock receives only a cryptographic confirmation of successful validation, after which we derive the u-code from the verified 2D photo. No 3D data or intermediate biometric artifacts are ever sent to or persisted in our systems (including Azure SQL).
  • Any ephemeral data processed during an issuance session is discarded immediately upon completion.

This architecture ensures true biometric binding to credentials (via the digitally sealed QR code) without retaining sensitive biometrics centrally. For Issuing Authorities, we recommend implementing temporal modeling in your own systems (e.g., effective-dating or bitemporal tables in Azure SQL) to track credential lifecycle events—such as issuance, activation, updates, revocation, or administrative changes—while preserving immutable historical integrity for audits and compliance.

If administrators opt into biometric login, they can revoke or delete their stored one-way biometric at any time via account settings, and it is automatically purged upon account closure. All biometric handling for admins complies with applicable data protection laws, with processing limited to authentication purposes only.

This section can be placed under a broader Privacy Policy heading, potentially followed by sections on Data Use, Sharing, Security, Retention, User Rights, etc. Let me know if you'd like expansions on those or corresponding data model suggestions for the admin biometric storage (e.g., a simple temporal table with effective dates, revocation flags, and hash-based integrity checks).

2. How We Use Your Information

We use the collected information solely to:

  • Provide, maintain, and improve the FaceLock Creator App.
  • Authenticate Issuing Authorities and manage access to the system.
  • Generate audit logs for compliance, chain-of-custody, and temporal integrity (effective-dating of credential lifecycle events).
  • Support customer service, troubleshooting, and security incident response.
  • Comply with legal obligations, prevent fraud, and enforce our terms.

We do not use any information for marketing, profiling, or unrelated purposes. See Section 4 below for data sharing policy.

3. Biometric Data Handling (End-User Privacy)

FaceLock's core innovation is privacy-preserving biometric binding:

  • Biometric processing occurs exclusively through the FaceTec SDK, running either in the FaceLock Cloud, currently Microsoft Azure or in the Issuing Authority's controlled environment (on-device or private infrastructure).
  • No raw biometric data or reconstructible templates are transmitted to FaceLock servers.
  • The resulting credential contains a digitally signed, one-way cryptographic representation (non-reversible to the original face) bound to the credential data via PKI.
  • Verification occurs offline via the free FaceLock Reader app — comparing the presenter's live face to the sealed biometric reference without storing or transmitting data to us.

This architecture minimizes privacy risks, avoids central biometric databases, and supports compliance with GDPR (special category data minimization), BIPA (no storage of biometric identifiers by FaceLock), and similar laws.

Issuing Authorities remain the data controllers for end-user personal data and biometrics processed through the App. They must obtain explicit consent (where required) and provide their own notices to credential holders.

4. Sharing of Information

We do not sell, rent, or trade personal information. We may share information only:

  • With service providers (e.g., Azure hosting, logging tools) under strict data processing agreements.
  • To comply with legal requirements, court orders, or protect rights/safety.
  • In connection with business transfers (e.g., merger/acquisition), with notice where feasible.

5. Data Storage, Security, and Retention

  • Data is hosted in Azure SQL databases with encryption at rest and in transit.
  • We implement industry-standard security measures (access controls, audit logging, temporal modeling for historical integrity).
  • Issuing Authority account data is retained as long as the account is active, plus a reasonable period for legal/audit purposes.
  • We do not retain end-user biometric data.

We use temporal modeling (effective-dating / bitemporal) in our Azure SQL schema to track credential lifecycle events (issuance, activation, deactivation, revocation) without data loss, enabling full auditability and compliance.

6. International Data Transfers

Data may be processed in the United States or other jurisdictions. Where required (e.g., GDPR), we implement appropriate safeguards such as Standard Contractual Clauses. Cached website content may be served through a remote POP node via Azure Front Door purely for delivery performance.

7. Your Rights

Issuing Authorities may:

  • Access, update, or correct their account information.
  • Request deletion of their account data (subject to retention for legal purposes).

For end-user rights (access, deletion, etc.), please contact the relevant Issuing Authority, as FaceLock does not hold their biometric or personal data.

To exercise rights or inquire, contact us at privacy@envoc.com.

8. Changes to This Privacy Policy

We may update this policy to reflect changes in practices or law. Significant changes will be notified via the App or email. Continued use constitutes acceptance of updates.

9. Contact Us

For privacy questions, contact:

FaceLock Privacy Team
Email: privacy@envoc.com

We take privacy seriously and design FaceLock to unlock trust — any medium, face-sealed, and accessible to everyone — while respecting the highest standards of data protection.

Trademarks

"UR" and "UR Codes" are trademarks of FaceTec, Inc. "UR" is registered in the European Union and United Kingdom. "FaceTec" is a trademark of FaceTec, Inc. and is registered in the United States.