Yoti privacy and cookies policy

What's changed:

We have revised our terms as we are introducing new features. As we have several app releases over the next few months, some of the new features may not yet be active, but they will be very soon. The main changes are listed below.

Section Changes
3 Liveness test: we are introducing automated liveness checks so have updated the relevant paragraph to explain this. The main difference is that the analysis is done on your phone rather than you sending a recorded video to us.
3 Yoti Password Manager, account back-up and account recovery: new information here explains data collection and use if you use the new Yoti Password Manager, if you back up your account, and when you recover your account.
4 When you share your personal information: we have added information here to cover the new features of being able to swap, send and request information from others.

Last updated: 12th June 2017

In this policy, we explain how we will handle your personal information when you sign up and use our app, Yoti dashboard and website (www.yoti.com). Please read it carefully before you sign up!

  1. Who we are
  2. Our principles
  3. What personal information do we collect from you and what do we do with it?
  4. Sharing your personal information with others
  5. Your rights
  6. Sending your personal information to other countries
  7. Cookies and analytics
  8. Security
  9. Changes to our privacy policy
  10. How to contact us

1. Who we are

We are Yoti Ltd, Fountain House, 130 Fenchurch Street, London, EC3M 5DJ (company number 0‍8998951), but you can call us ‘Yoti’.

Our general email address is hello@yoti.com.

Where we say ‘we’ and ‘us’ we mean Yoti. Where we say ‘third party’ this means anyone who is not you or us. This could be another person or an organisation.

2. Our principles

We take your privacy very seriously. We design our software and services with privacy at their heart, guided by a set of principles which you can read here.

We are monitored by a Guardian Council, who are respected and influential individuals who make sure that Yoti always seeks to do the right thing, and that we are transparent about what we are doing and why. Read more about them here.

We are also certified as a B Corp company, meaning that we consider the impact of our decisions on employees, consumers, the community and the environment. Read more about it here.

3. What personal information do we collect from you, and what do we do with it?

When you create an account with Yoti, we collect:

Your photo and mobile number.

  • To create your account in the app.
  • To check you do not already have an account with Yoti – users are only allowed to have one account.
  • We encrypt your mobile number (which means we can’t access it) and keep it until you or we close the account and delete the information.
  • See below for information on how we use the photo.

After registering we might ask you to complete a short test which could involve saying some words in a recorded video, or could involve moving the phone around your face to capture multiple images.

  • This helps us to make sure you are a real live person. For the video method, we delete the video after 7 days, if not before. For the other method, the information is processed on your phone and you get an instant pass / fail decision.

Information from Google Analytics (see section 7).

Registering for Yoti dashboard (this will let you see all your receipts from sharing your information), we collect:

For a consumer, we request your photo.

To register as an organisation, we request your photo, name, date of birth, email address and mobile number.

  • To register you for an account with Yoti dashboard and check you do not already have an account with Yoti – users are only allowed to have one account.
  • We keep the information (except the photo - see below) encrypted on our servers (which means we can’t access it) until we or you close the account and delete the data.
When you choose to add information to our app, we collect:

Government-issued identity documents (for example, passport, driving licence);

Age attribute (for example, 18+);

Other attributes about you (for example, qualifications or employment)

  • We use the information from government-issued identity documents to verify your identity and check the document is valid, and check that you are over 12. You will not be able to add an expired passport or driving licence.
  • While we verify your identity the information is kept securely but our Security Team can access it. We can access this information up to 7 days after verification.
  • We then keep this information encrypted on our servers (which means we can’t access it) until you or we close the account and delete the data.
  • We create general statistics and reports from some of this information to help us understand how people are using our app, and to allow us to improve the service. This information does not identify any specific user.
  • Where you provide a name, address and date of birth we will verify these details with credit reference agencies.
  • This will leave a footprint on your credit file, which does not affect your credit score.
When you use Yoti Password Manager, we collect:

Usernames, passwords, URLs, website names, and any login specific settings you choose to set.

Passwords you generate using our password generator.

Information you provide to use the auto-complete feature.

  • We store the information so you can use Yoti Password Manager to log into websites without having to remember your login details, and so you can automatically fill in your information.

Google Analytics and our in-house analytics to understand the following.

  • What percentage of overall registered Yoti users also registered for Password Manager
  • How many active Password Manager users there are
  • How many users use Password Manager for at least one website
  • How many users per country: based on a truncated IP address to give the country
  • Which browser is used: Chrome, Firefox, Safari or Internet Explorer
  • Total number of uses of Password Manager in a day, week and month (not per user)
When you back up your account to your own cloud:

We store an encrypted key in the cloud you choose for back up so that you can recover access to your account on a different phone.

When you lose access to your Yoti account (for example, you have lost your mobile phone, can’t log in and need to recover access to it):

We will retrieve the encrypted key from your cloud to restore your link to your account.

We will request you enter your PIN, take a photo and complete the liveness test.

If you forget your PIN we will ask you for your mobile number and date of birth (if you have added a document).

  • To verify your identity and check you are the true holder of the Yoti account and grant you access to it again or reset your PIN.
  • While we verify your identity we keep the information but our Security and Customer Support Team can access it. We can access the information for up to 7 days after verification.
When you use our app, we collect:

App login details

  • To log you into your Yoti

Information from Google Analytics (see section 7).

Information from our in-house analytics (see section 7).

If the app crashes, or you have some other issue, you can contact us about it by e-mail, from within the app or through the website. You can also choose to share certain data with us to help us find the server logs for your phone so that we can identify and fix the issue. The information you send comes to us by e-mail and if you have an e-mail address on your Yoti account, you will receive an acknowledgement e-mail with a ticket number for your issue. You can then revisit your ticket to see progress and contact us further about the issue.

On the back end, we associate your server log information with a reference number (for example, 3bbf6e6fe414b40bf9fed99c8d36bd2c) but we do not connect it to you personally. This log information is deleted after 6 months.

Anonymous information that does not identify any specific user about what types of information you have shared with third parties.

  • This information allows us to charge organisations for the information they get from you. For example, we may charge an organisation more for receiving 5 pieces of information from you through Yoti, than we would charge an organisation who only received 3.
When you use our dashboard, we collect:

Dashboard login details

  • To log you into your Yoti dashboard.

Information from Google Analytics (see section 7).

When you use our website, we collect:

Information from Google Analytics (see section 7).

Your photo

  • Yoti will securely store a biometric template of your photo to verify that it is always you trying to access your Yoti account. A biometric template is a digital map of your face created from your photo. Yoti also securely stores the actual photos. We may ask you if you would like to agree to us using your photo to help us improve the service provided to our users. If you agree, we will use the photo internally to improve the performance of the technology we use to verify photos against digital maps.
  • When you add a document to the app it may be sent to our admin team to check it against the photo you took when you set up the account.

Your encrypted information

  • Except for the biometric template and photos you have agreed to let us use, as mentioned in the previous paragraph, we do not have access to your personal information that we have verified and stored on our servers. The only way we can access the information is if you provide us with the encryption key (which is a set of unique numbers stored securely on your device). Only you hold the keys to decrypt your account information.

4. Sharing your personal information with others

When Yoti shares your personal information

While we verify your account, for a short period of time after you register or add information, your account will be 'pending' and Yoti will be able to access your personal information. Yoti’s core principles are that it is not our business model to sell, transfer or share outside the company any of the personal information used to set up your account or your user activity information. There are though some situations where we will share or will have to share some information, and we list these below.

If we suspect a registration may involve identity theft, a national security threat, legal infringement, a criminal offence.

We may have to share a copy of your information with the appropriate authorities.

If you provide false or inaccurate information.

If, after investigation, we determine that there has been fraud that meets the criteria for reporting, we will pass the details to relevant fraud prevention agencies to prevent further fraud and money laundering. You can get more information explaining how the fraud prevention agencies will use the information by emailing privacy@yoti.com.

If we get a request for user information from a law enforcement or other official authority.

We cannot provide your information that is encrypted in our database unless either you, or a third party you shared your information with, provides us the receipt from your sharing activity, as this contains the decryption key necessary to access the personal information you shared with that third party.

We have an internal policy and process to make sure that, where we are able to share information, the request is valid, the information requested is no more than necessary, and that we think it’s the right thing to do.

We may have a legal obligation to share the information if we receive a court or similar legal order ordering us to disclose it.

If you have provided your name, address and date of birth.

We will check this information against credit reference agency data as part of verifying your identity. This check leaves a footprint on your credit file, which will reference an identity check by Yoti. This footprint does not affect your credit score.

Some companies using Yoti will request an identity check against credit reference agency data.

If you agree, Yoti will send your name, address and date of birth to the credit reference agency on behalf of the company, and will send back to the company the response from the credit reference agency. This check leaves a footprint on your credit file, which will reference an identity check by Yoti. This footprint does not affect your credit score.

We may use the services of other businesses to help us in certain areas, for example, for data storage; online payment providers; and certified identity providers who we use to cross-reference our databases.

Because of how we have designed the system, in most situations we won’t need to share your information with third parties or, if we do, we will encrypt your data and/or it will be properly protected by the terms of our contract with these third parties.

If Yoti is sold or combined with another business.

Yoti will agree to the sale or being combined with another business if the new business commits to the core Yoti principles of data privacy. While we are negotiating with the company buying or combining Yoti with their own business, they won’t be able to access your encrypted personal information but Yoti may provide anonymised statistical information.

When you share your personal information

You alone will decide when you want to use your Yoti to identify yourself to a third party, or to swap, send and request information. You choose whether to agree or not to share the information the third party requests. If you decide to share your information with a third party, you will both receive a receipt which will contain a copy of the information that each party shared.

Yoti encourages companies to only ask for the information they actually need, for example, confirming you are over 18, rather than a full date of birth. If you choose to share your information with a third party using Yoti, those third parties may choose to use that information to communicate with you or they may share that information with others. We suggest you read the privacy policies of any organisation you share your information with to understand how they will use your personal information.

Yoti creates and encrypts a master receipt which contains the details of what information was shared and who with. This master receipt is securely stored on our servers and we cannot access it unless either you or the third party provides us with their own receipt containing the encryption key we need to access the information.

MyVenue: identity and access management services

Yoti also provides identity and access management services (called MyVenue) to other companies so that you can use your Yoti to access particular venues (such as nightclubs, offices and so on), speeding up sign-in, and removing the need to carry and check documents for proof of age and ID.

When you share your personal information through MyVenue with a participating company, we store your details securely in separate databases. Both Yoti and the participating company are able to access information about who has used Yoti to access the company’s premises, and we encourage you to read the privacy notices the company provides about their uses of your personal information. Yoti only uses the personal information collected through MyVenue to provide the service to companies. Yoti may also de-identify and aggregate the personal information to provide statistics to the participating companies on things like how many users entered in a given period of time, and breakdowns of users by gender, age and so on.

Nightclubs: Yoti provides our identity and access management service to participating nightclubs and as part of this hosts a national watchlist so nightclubs can flag individuals they have banned from their premises for specific periods of time for specific offences. Participating venues should notify you if they want to include you on this watchlist.

5. Your rights

Access rights: you are entitled to see the personal information we hold about you.

  • We do not have access to your personal information that we have verified and stored on our servers. The only way we can access the information is if you provide us with the encryption key (which is a set of unique numbers stored securely on your device). Only you hold the keys to decrypt your account information.
  • You can access all the personal information we hold on you through your Yoti app.
  • When you use your Yoti, we collect some information about your phone and how you are using the app, dashboard and website. This information is collected and stored automatically through Google Analytics as set out in section 7. For each phone that is using our app Google creates and shares with us an identifier (such as, 76c24efd-ec42-492a-92df-c62cfd4540a3). The information data that we collect from your phone through Google Analytics is linked only to this identifier, and so it is not possible to search or get the information using your name or your phone’s other identifiers (for example, the IMEI number which is like a serial number for your phones). So we cannot provide you with this information.
  • You can make an access request to Google here: https://support.google.com/policies/contact/sar

Correction rights: you are entitled to correct personal information we hold about you that is inaccurate.

  • If you think that any of the information in your Yoti account is not accurate, you can update it at any time through your account. Yoti only has access to the information in your account for up to 7 days after it is first provided to Yoti.
  • If you change your name, you can only update your Yoti by adding a government-issued identity document with the new name.

Deletion rights: in certain circumstances you are entitled to ask us to delete the personal information we hold about you.

  • If you want to close your account and delete your information, please read our FAQs.

Objection rights: in certain circumstances you are entitled to object to Yoti processing your personal information.

  • If you want to contact us about any of your rights, please email: privacy@yoti.com.
  • You can also complain to the Information Commissioner's Office (ICO) who is responsible for making sure that organisations comply with the law on handling personal information.

6. Sending your personal information to other countries

We currently keep your personal information in the UK.

In future we may send your personal information to countries outside the UK. If those countries are in the European Union, Switzerland, Iceland, Liechtenstein and Norway, there are equivalent laws on handling personal information and so your information is protected in the same way as it is in the UK.

If we send your personal information to any other countries (for example, we may have other databases and servers in other countries), some of these countries may not have equivalent laws on handling personal information. However we will make sure that your personal information is properly protected.

In some countries, for legal or practical reasons, Yoti may have to store personal information in that country.

When we decide to send or store your personal information in another country, we will update this section to describe the protections we have put in place.

You should be aware that if you choose to use your Yoti to access an overseas service or an EU service that may hold personal information overseas, then your personal information may be sent to those other countries.

7. Cookies and analytics

Cookies

We use an online technology called cookies to collect information about you and to store your online preferences. Cookies are small pieces of information sent by a web server to a web browser which allows the server to uniquely identify the browser on each page. We use the following categories of cookies on our dashboard and website:

  • Strictly necessary cookies

    These cookies are essential for you to move around our website and dashboard and use their features. Without these cookies, we cannot provide services you have asked for, such as access to secure areas.

  • Performance cookies

    These cookies collect anonymous information on how people use our dashboard and website.

  • Functionality cookies

    These cookies remember choices you make, such as your last action, language and search parameters such as language preferences. We can use these to provide you with a better experience based on your preferences. The information from these cookies is anonymous and they cannot track your browsing activity on other websites.

If you want to delete any cookies that are already on your computer, please go to the help and support area on your internet browser for instructions.

Information on deleting or controlling cookies is available at http://www.allaboutcookies.org/. Please note that if you delete or disable our cookies you may not be able to access certain areas or features of our site.

_ga (Perfomance cookie)
(Google Analytics & Adwords) Used to show us how users arrive at and interact with our website. It helps highlight areas where we can improve and shows us how successful our marketing campaigns are.

_gat (Performance cookie)
Used by Google Analytics to prevent attacks on their servers.

_yop (Strictly necessary cookie)
Stores only a session ID (no user data.)

_csrf (Strictly necessary cookie)
Security feature to prevent account hijack.

xsrf-token (Strictly necessary cookie)
Security feature to prevent account hijack.

connect.sid (Strictly necessary cookie)
Stores only a session ID (no user data.)

channel_id (Strictly necessary cookie)
Used to identify which mobile to communicate with.

privateKey (Strictly necessary cookie)
Used for decrypting personal information - no data goes to Yoti.

publicKey (Strictly necessary cookie)
Used to encrypt personal information.

refId (Strictly necessary cookie)
Used with channel_id and is also used to identify which mobile to communicate with.

signedPublicKey (Strictly necessary cookie)
To prove ownership of public key.

ad-referral (Performance cookie)
Used to provide information about how successful our marketing campaigns are.

ngStorage-ageLink (Strictly necessary cookie)
Used to store the URL of a Yoti Connect Page.

ngStorage-profile (Strictly necessary cookie)
Temporarily stores user’s avatar, date of birth and age - no data goes to Yoti.

_ye (Strictly necessary cookie)
A session cookie used to store a user ID.

_ys (Functionality cookie)
Stores data about the mobile a user is using. It also stores the ID of a Yoti App being shared, data sharing between Yoti users, and the last action a user was about to perform before installing the app.

Analytics

Facebook, Twitter and Google Adwords pixels
These technologies track activity on the website, such as when a user completes an activity (for example, clicking through or downloading the app). We use this information to determine which platform users come to Yoti from (for example, you clicked on a Yoti advert in Facebook, on Twitter, Instagram and so on), and to understand what actions users take once they arrive at Yoti. For more information, please see:

Visual Website Optimiser
VWO anonymously tracks where people click on our website allowing Yoti to generate a diagram highlighting the most active areas, as well as count how many times user click on a certain link or button. We use this technology to understand how people use our website and to test different content, so that we can improve the website.

Adjust
We use Adjust performance and analysis technology in our app. This allows us to us to track and analyse which marketing channels or sources are producing the best results in directing users to download the Yoti app, and to help us understand how our users are using our app. When you launch the app, Adjust collects information on user activity (such as clicks and when you install the app), as well as when certain events happen (such as completing registration, successfully adding an ID document, adding a password, deleting the account and so on).

To provide this service, Adjust uses three identifiers which they anonymise using a technology called ‘hashing’. One identifier is one that Apple AppStore or Google Play gives your phone (depending on which app store you visited). The second identifier is your IP address which is like an address for your phone from your mobile network provider, and which may change if you take your phone to a different location. The third identifier is your MAC address, which is a unique number the phone manufacturer gives to the parts of your phone that connect to the internet. The hashing technology Adjust uses to anonymise these identifiers means that it is not possible to identify you or your mobile individually. Adjust then provide us with aggregated information. Adjust also pass back this aggregated information to Facebook and Twitter so they can improve their systems and do better at targeting relevant advertising.

You can opt out of Adjust analytics in the settings in the app.

In-house analytics
Using our in-house software, we collect some information from users and some information on when certain things happen as you use the app. This information includes information about your phone.

Specifically, for the app we collect:

  • the country code from the mobile number you use to set up a Yoti
  • the age, sex and nationality (where this information is contained in a document you add to your Yoti)
  • the phone manufacturer (such as Apple or Samsung)
  • the phone model (such as iPhone 6 or Galaxy S)
  • its operating system (such as iOS 10 or Nougat)
  • its operating system version number
  • a description of the vendor layer (custom software sometimes put on a mobile device by the manufacturer) (such as samsung/zerofltexx/zeroflte:6.0.1/MMB29K/G920FXXU4DPGW:user/release-keys. The strings of numbers identify a model number/software release, they are not unique identifiers so everyone with the same phone/software version will have the same numbers)
  • the version of our app you are using
  • events related to connect interactions (such as scanning a QR code on a website) and a record of:
    • timestamp
    • the identifier of the application/page
    • which user attributes were exchanged (such as name, photo)
    • the ‘Remember me’ ID of the person who scanned the code (the identifier to connect you and a third party when you want your details remembered for easier log in next time)
    • whether the interaction was successful or not.

Our in-house software does not track how you personally use our app.

  • We use this data to create statistics and understand at an aggregate level how our product is being used, what sectors or types of users are using it, and how it’s performing (such as, number of users per month). The statistical reports we create help us to monitor our service and improve it.
  • We calculate statistics on account creation, address and document registration, liveness tests, logins and sharing. We group these data by country code. For documents we also group the data by age, sex and nationality.
  • We also calculate statistics on which phones and operating systems are being used to do things like creating an account or adding documents.

Google Analytics
Using Google Analytics we collect:

  • the device model (such as iPhone 6, Windows tablet or Dell laptop);
  • the operating system (such as Nougat) and statistics about your use of the app on your device (such as which way round the screen is);
  • the default language and resolution (the pixel size of your screen);
  • the network connection type (such as wifi, 3G, 4G);
  • the make of web browser (such as Safari);
  • the mobile provider network you access the website / dashboard from;
  • the times and dates of your use of the app / website / dashboard;
  • how long it takes for our pages to load on your device;
  • what screens you see and what events happen when you use the app / website / dashboard;
  • how long you spend on various screens while using the app;
  • how you were prompted to register for a Yoti when you first downloaded and used the app;
  • how you were prompted to start using the website / dashboard;
  • your location when using the app / website / dashboard (we only get this at city / region level);
  • what, if any, errors happened during your use of the app / website / dashboard; and
  • what uses you make of the app / website / dashboard while you are using it.

What we do with the data

  • We aggregate this information to help us understand how our app / website / dashboard is being used and its performance. We create reports on this activity to monitor and improve our service.
  • Specifically, we use Google Analytics data to calculate statistics on how our app is performing, in particular, the numbers of users and time it takes to complete critical activities using our app (such as adding a passport, completing a liveness test, sharing information with a company or another user, or deleting an account).
  • We use the Google Analytics data to create statistics on how people use the app based on location and how they came to Yoti, this helps us learn how to increase the number of people using Yoti. The more people and companies who use Yoti, the more useful it will become to all our users.
  • Learn more about Google Analytics and privacy here.
  • For Google’s use of this data, please see www.google.com/policies/privacy/partners.

You can opt out of Google Analytics in the settings in the app.

8. Security

We take the security of your personal information very seriously. We store your personal information in secure locations. We use encryption and other physical security measures to store and transfer your information.

We continually test our systems and are ISO 27001 certified, which means we follow top industry standards for information security.

9. Changes to our privacy policy

If this policy changes in any way, we will put an updated version on this page and on our app. Regularly reviewing this policy ensures that you are always aware of what information we collect, how we use it and how we might share it.

10. How to contact us

If you have any questions about this privacy notice, how we handle your personal information, or to contact our data protection officer, please e-mail privacy@yoti.com. You can also contact us through the website. You can also find some more information in our Terms and Conditions and FAQs.