Yoti privacy and cookies policy

Last updated: 4th January 2017

In this policy, we set out all the information you need on how we will handle your personal information when you sign up and use our app, Yoti dashboard and website (www.yoti.com). Please read it carefully before you sign up!

  1. Who we are
  2. Our principles
  3. What personal information do we collect from you and what do we do with it?
  4. Sharing your personal information with others
  5. Your rights
  6. Transfer of your personal information to other countries
  7. Cookies and analytics
  8. Security
  9. Changes to our privacy policy
  10. How to contact us

1. Who we are

We are Yoti Ltd, 7-8 St Martin’s Place, London, WC2N 4JH (company number 0‍8998951), but you can call us ‘Yoti’.

Our general email address is hello@yoti.com.

2. Our principles

We take your privacy very seriously. We design our software and services with privacy at their core, guided by a set of principles which you can read here.

We are monitored by a Guardian Council, who are respected and influential individuals who make sure that Yoti always seeks to do the right thing, and that we are transparent about what we are doing and why. Read more about them here.

We are also certified as a B Corp company, meaning that we consider the impact of our decisions on employees, consumers, the community and the environment. Read more about it here.

3. What personal information do we collect from you, and what do we do with it?

When you create an account with Yoti, we collect:

Your photo and mobile number.

  • To create your account in the app.
  • To check you do not already have an account with Yoti – users are only allowed to have one account.
  • The mobile number is kept encrypted on our servers until the account is closed and the data is deleted.
  • See below for information on how we use the photo.

After registering we might ask you to complete a short test which involves saying some words in a recorded video.

  • This helps us to make sure you are a real live person. We delete the video after 7 days, if not before.

Information from Google Analytics (see below).

Registering for Yoti dashboard (this will let you see all your receipts as a result of sharing your information), we collect:

For a consumer, we request your photo.

To register as an organisation, we request your photo, name, date of birth, email address and mobile number.

  • To register you for an account with Yoti dashboard and check you do not already have an account with Yoti – users are only allowed to have one account.
  • The information (except the photo - see below) is kept encrypted on our servers until the account is closed and the data is deleted.
When you choose to add information to our app, we collect:

Government-issued identity documents (for example, passport, driving licence);

Age attribute (for example, 18+);

Other attributes about you (for example, qualifications or employment)

  • We use the information from government-issued identity documents to verify your identity and check the document is valid.
  • While we verify your identity the information is kept securely but is visible by our Security Team. Information will be visible to Yoti for up to a period of 7 days after verification.
  • We keep this information encrypted on our servers until the account is closed and the data is deleted.
  • We aggregate some of this information to help us understand how our app is being used.
  • We create reports on this activity to improve our service.
  • Where you provide a name, address and date of birth we will verify these details with credit reference agencies.
  • This will leave a footprint on your credit file, which does not affect your credit score.
When you lose access to your Yoti account (for example, you have lost your mobile phone, can’t login and need to recover access to it), we collect:

Details from your passport (including data from the biometric chip), driving licence or other valid identification documents. Typically, this could include details such as your full name, nationality, date of birth, gender, address and photo.

  • To verify your identity and check you are the true holder of the Yoti account and grant you access to it again.
  • While we verify your identity the information is kept securely but is visible by our Security and Customer Support Team. Information will be kept visible to Yoti for up to 7 days after verification.
When you use our app, we collect:

App login credentials

  • To log you into your Yoti

Information from Google Analytics (see below).

Using our in-house software, we collect information on the occurrence of key events during your use of the app. This information includes information about your device. Specifically, we collect the name of the device manufacturer, the device model, its operating system, its operating system version, a description of the vendor layer (custom software sometimes bundled with a mobile device by the manufacturer), and the version of our app being used. Our in-house software does not track your personal app usage.

  • We use our in-house data to calculate statistics on mobile phone registrations and document registrations. We group this data by country code (for mobile numbers) age, sex and nationality (for documents). This information helps us understand who is using our service so we can improve our service to our users.
  • We also use our in-house data to look at key event prevalence statistics by device manufacturer, device model, operating system, operating system version, vendor layer (custom software sometimes bundled with a mobile device by the manufacturer), and the version of our app being used. We create reports on this activity to monitor and improve our service.

Anonymous information about what classes of data you have shared with third parties.

  • So that we may charge organisations for the attributes shared.
When you use our dashboard, we collect:

Dashboard login credentials

  • To log you into your Yoti dashboard.

Information from Google Analytics (see below).

When you use our website, we collect:

Information from Google Analytics (see below).

Your photo

Yoti will store a biometric template of your photo to verify that it is always you trying to access your Yoti account. A biometric template is a digital reference of distinct characteristics that have been extracted from your facial photo. For your security this is done in such a way that your photo cannot be retrieved from this template. Yoti also securely stores the actual photos. If you consent to the use of your photo to help us improve the service provided to our users, we will use the photo internally for personalised facial matching and to improve the performance of the biometric algorithms.

Your encrypted information

Except for the biometric template and consented photos mentioned in the previous paragraph, we do not have access to your personal information that has been verified and stored on our servers. The only way we can access the information is if you provide us with the encryption key (which is a set of unique numbers stored securely on your device). Only you hold the keys to decrypt your account information.

4. Sharing your personal information with others

When Yoti shares your personal information

While we verify your account, for a short period of time following registration or information adding, your account will be marked 'pending' and Yoti will be able to see your personal information. We may have to share a copy of your information with the appropriate authorities if we suspect a registration may involve identity theft, a national security threat, legal infringement, a criminal offence, or other issues where disclosure is necessary or appropriate.

If false or inaccurate information is provided and we suspect fraud, we may pass details to fraud prevention agencies to prevent fraud and money laundering. We are members of CIFAS (a cross-industry fraud prevention service). You can get more information explaining how the fraud prevention agencies will use the information by emailing privacy@yoti.com.

If we get a request from a law enforcement or other official authority for your encrypted information, we cannot provide it unless either you, or a third party you shared your information with, provides us the receipt from your sharing activity, as this contains the decryption key necessary to access the personal information you shared with that third party.

If you have provided your name, address and date of birth, we will check this information against credit reference agency data as part of verifying your identity. This check leaves a footprint on your credit file, which will reference an identity check carried out by Yoti. This footprint does not affect your credit score.

Some companies using Yoti will request an identity check against credit reference agency data. If you agree, Yoti will send your name, address and date of birth to the credit reference agency on behalf of the company, and will send back to the company the response from the credit reference agency. This check leaves a footprint on your credit file, which will reference an identity check carried out by Yoti. This footprint does not affect your credit score.

We may use the services of other businesses to help us in certain areas, for example, storage and hosting service providers; online payment providers; and certified identity providers who we use to cross-reference our databases. Due to the way we have designed the system, in most situations we won’t have to share your information with third parties or, if we do, your data will be encrypted or protected by the terms of our contract with these third parties.

If Yoti is sold or merged with another business, Yoti will make the sale or merger dependent on the new business adhering to the core Yoti principles of data privacy. The acquiring company won’t be able to access your encrypted personal information but Yoti will be able to provide them with statistical and demographic anonymised information.

Besides this, Yoti’s core principles are that we will not sell, transfer or share outside the company any of the personal information used to set up your account or your user activity information.

When you share your personal information

You alone will decide when you want to use your Yoti to identify yourself to a third party. You choose whether to agree or not to share the information the third party requests. If you decide to share your information with a third party, you will both receive a receipt which will contain a copy of the information that each party shared as part of the transaction. Yoti encourages companies to only ask for the information they actually need, for example, confirming you are over 18 rather than a full date of birth. If you choose to share your information with a third party using Yoti, those third parties may choose to use that information to communicate with you or they may share that information with others. We advise you to read the privacy notices of any company you share your information with to understand how they will use your personal information.

Yoti creates and encrypts a master receipt which contains the details of the sharing transaction for both parties. This master receipt is securely stored on our servers and we cannot access or view it unless either you or the third party provides us with their own receipt containing the encryption key needed to access the information.

My Venue: identity and access management services

Yoti also provides identity and access management services (called My Venue) to other companies so that you can use your Yoti to access particular venues (such as nightclubs, offices and so on), speeding up sign-in, and removing the need to carry and check documents for proof of age and ID.

When you share your personal information through MyVenue with a participating company, we store your details securely in separate databases. Both Yoti and the participating company are able to access information about who has used Yoti to access the company’s premises, and we encourage you to read the privacy notices the company provides about their uses of your personal information. Yoti only uses the personal information collected through MyVenue to provide the service to companies. Yoti may also de-identify and aggregate the personal information to provide statistics to the participating companies on things like how many users entered in a given period of time, and breakdowns of users by gender, age and so on.

Nightclubs: Yoti provides our identity and access management service to participating nightclubs and as part of this hosts a national watchlist so nightclubs can flag individuals they have banned from their premises for specific periods of time for specific offences. Participating venues should notify you if they want to include you on this watchlist.

5. Your rights

Access rights: you are entitled to see the personal information we hold about you.

  • We do not have access to your personal information that has been verified and stored on our servers. The only way we can access the information is if you provide us with the encryption key (which is a set of unique numbers stored securely on your device). Only you hold the keys to decrypt your account information.
  • You can access all the personal information we hold on you through your Yoti app. When you use your Yoti, some metadata about your device, app, dashboard and website usage is collected and stored automatically through Google Analytics as outlined in section 7 below. Google assigns and shares with us only an encoded identifier for your device. The data that we gather from your device through Google Analytics is linked only to this encoded identifier, and is not searchable or retrievable based on your name or your device identifiers (for example, IMEI or MEID numbers). Therefore, we cannot provide you with access to this data. You can make an access request to Google here: https://support.google.com/policies/contact/sar

Correction rights: you are entitled to correct information we hold about you that is inaccurate.

  • If you think that any of the information in your Yoti account is inaccurate, you can amend it at any time by accessing your account. Yoti only has access to the information held in your account for up to 7 days after it is first provided and approved by Yoti.
  • If you change your name, you can only update your Yoti by adding a government-issued identity document with the new name.

Deletion rights: in certain circumstances you are entitled to ask us to delete the data we hold about you.

  • If you want to close your account and delete your information, please refer to our FAQs.

Objection rights: in certain circumstances you are entitled to object to Yoti processing your personal information.

  • If you want to contact us about any of your rights, please email: privacy@yoti.com.
  • You can also complain to the Information Commissioner's Office (ICO).

6. Transfer of your personal information to other countries

We currently store your personal data in the UK.

In future we may transfer your personal data to countries outside the European Economic Area (the EEA) (for example, we may store your data on servers located outside the EEA). Some of these countries may not have equivalent data protection legislation. We will make sure that your information is adequately protected where we transfer it outside the EEA.

In some countries, for regulatory or practical reasons, Yoti may be required to store personal data on local servers.

When we decide to transfer or store your personal information in another country, we will update this section to describe the safeguards we have put in place.

You should be aware that if you choose to use your Yoti to access an overseas service or an EEA service that may hold data overseas, then your personal information may be transferred outside the EEA.

7. Cookies and analytics

Cookies

We use an online technology called cookies to collect information about you and to store your online preferences. Cookies are small pieces of information sent by a web server to a web browser which allows the server to uniquely identify the browser on each page. We use the following categories of cookies on our dashboard and website:

  • Strictly necessary cookies

    These cookies are essential for you to move around our website and dashboard and use their features. Without these cookies, services you have asked for such as access to secure areas cannot be provided.

  • Performance cookies

    These cookies collect anonymous information on how people use our dashboard and website.

  • Functionality cookies

    These cookies remember choices you make such as your last action, language and search parameters such as language preferences. These can then be used to provide you with an experience more appropriate to your selections and to make the visits more tailored. The information these cookies collect will be anonymised and they cannot track your browsing activity on other websites.

If you want to delete any cookies that are already on your computer, please refer to the help and support area on your internet browser for instructions on how to locate the file or directory that stores cookies.

Information on deleting or controlling cookies is available at www.allaboutcookies.org. Please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of our site.

_ga (Perfomance cookie)
(Google Analytics & Adwords) Used to show us how users arrive at and interact with our website. It helps highlight areas where we can improve and shows us how effective our marketing campaigns are.

_gat (Performance cookie)
Used by Google Analytics to prevent attacks on their servers.

_yop (Strictly necessary cookie)
Stores only a session ID (no user data.)

_csrf (Strictly necessary cookie)
Security feature to prevent account hijack.

xsrf-token (Strictly necessary cookie)
Security feature to prevent account hijack.

connect.sid (Strictly necessary cookie)
Stores only a session ID (no user data.)

channel_id (Strictly necessary cookie)
Used to identify which mobile device to communicate with.

privateKey (Strictly necessary cookie)
Used for decrypting personal information - no data from this cookie is transferred to Yoti.

publicKey (Strictly necessary cookie)
For encryption of personal information.

refId (Strictly necessary cookie)
Used with channel_id and is also used to identify which mobile device to communicate with.

signedPublicKey (Strictly necessary cookie)
To prove ownership of public key.

ad-referral (Performance cookie)
Used to provide information about the effectiveness of our marketing campaigns.

ngStorage-ageLink (Strictly necessary cookie)
Used to store the URL of a Yoti Connect Page.

ngStorage-profile (Strictly necessary cookie)
Temporarily stores user’s avatar, date of birth and age - this data is not sent to Yoti.

ngStorage-venue (Functionality cookie)
Used to temporarily store data concerning a mock venue’s age restrictions.

_ye (Strictly necessary cookie)
A session cookie used to store a user ID.

_ys (Functionality cookie)
Stores data regarding the mobile device a user is using. It also stores the ID of a Yoti App being shared, data regarding peer-to-peer Yoti sharing and the last action a user was about to perform prior to app installation.

Analytics

Facebook, Twitter and Google Adwords pixels
These track activity on the website such as when a user completes an activity (for example, clicking through, completing a purchase, downloading the app). We use this to determine which platform users come to Yoti from, and to understand what actions users take once they arrive at Yoti. For more information, please see:

Visual Website Optimiser
VWO anonymously tracks where people click on our website allowing Yoti to generate a diagram highlighting the most active areas, as well as count how many times a certain link or button is clicked on. We use this tool to understand how people use our website and to test different content, so that we can improve the website.

Adjust
We use Adjust performance and analysis technology in our app. This allows us to us to track and analyse which marketing channels or sources are producing the best results in directing users to download the Yoti app and to help us understand how our users are interacting with our app. When you launch the app, Adjust collects information on user activity (such as clicks and when an app is installed) when certain events happen (such as completing registration, successfully adding an ID document, deleting the account and so on). To provide this service, Adjust uses your anonymised (hashed) IDFA or Google Play Services ID, and your anonymised (hashed) IP and MAC address. The hashes used are one-way hashes and it is not possible to identify you or your mobile device individually. Adjust provide us with aggregated information. You can opt out of Adjust analytics in the settings in the app.

Google Analytics
Using Google Analytics we collect:

  • the device model
  • the operating system and statistics about your use of the app on your device such as the screen orientation;
  • the default language and resolution;
  • the network connection type;
  • the make of web browser;
  • the network from which the website / dashboard is accessed;
  • the times and dates of your use of the app / website / dashboard;
  • how long it takes for our pages to load on your device;
  • what screens you see and what events occur during your use of the app / website / dashboard;
  • how long you spend on various screens while using the app;
  • how you were prompted to register for a Yoti when you first downloaded and used the app;
  • how you were prompted to start using the website / dashboard;
  • your location when using the app / website / dashboard (we only get this at city / region level);
  • what if any errors occurred during your use of the app / website / dashboard; and
  • what uses you make of the app / website / dashboard while you are using it.

What we do with the data

  • To aggregate this information to help us understand how our app / website / dashboard is being used and its performance. We create reports on this activity to monitor and improve our service.
  • Specifically, we use Google Analytics data to calculate statistics on the performance of our app, in particular, the numbers of users and time it takes to complete critical activities using our app (such as adding a passport, completing a liveness test, sharing information with a company or another user, and deleting an account).
  • We use the Google Analytics data to look at usage statistics within groups by location and user acquisition channel, to learn how to better increase the number of people using Yoti. The more people and companies who use Yoti, the more useful it will become to all our users.
  • Learn more about Google Analytics and privacy.
  • For Google’s use of this data, please see www.google.com/policies/privacy/partners.

You can opt out of Google Analytics in the settings in the app.

8. Security

We take the security of your personal information very seriously. We store your personal information in secure infrastructure. We use encryption and other physical security measures to store and transfer your information.

We continually test our systems and are ISO 27001 certified, which means we follow top industry standards for information security.

9. Changes to our privacy policy

If this policy changes in any way, we will put an updated version on this page and on our app. Regularly reviewing this policy ensures that you are always aware of what information we collect, how we use it and how we might share it.

10. How to contact us

If you have any questions about this privacy policy, how we handle your personal information, or to contact our data protection officer, please e-mail privacy@yoti.com. You can also contact us through the website. You can also find some more information in our Terms and Conditions and FAQs.