At Idyllic, we’re committed to protecting and respecting your privacy.
This Policy explains when and why we collect personal information about people who use our app, how we use it, the conditions under which we may disclose it to others and how we keep it secure.
We may change this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes. By using our app, you’re agreeing to be bound by this Policy.
Who are we?
We’re Idyllic, an innovative Mobile Identity Platform. Idyllic is a trading name that is owned and operated by Identity.Ninja Inc.
Idyllic creates custom combinations of strong and appropriate identity proofing, re-proofing and authentication techniques to meet any product, service or compliance objective - without continuous technology investment or re-investment for our business customers.
The Idyllic app identifies, authenticates and captures consent from consumers, staff or partners - without the exchange of physical documents, numbers or passwords.
An Idyllic app user only needs a smartphone and their email address:
· to verify and re-verify their identity any time, from anywhere
· to open a new account, switch accounts or register for a new service
· to make a first payment, buy a ticket, make a claim or other transaction
· for enhanced due diligence (e.g. AML, KYC compliance)
· to prove or obtain consent or additional consent (e.g. GDPR compliance)
· to make binding agreements with other app users (P2P transactions)
· to gain authorised access to a person, place or service (Access control)
Please read this policy carefully. If you do not agree with the terms, you should not use this app.
For more information, please contact firstname.lastname@example.org
How do we collect information from you and what type of information do we collect?
Idyllic is a collection of innovative Identity Proofing tools and techniques. As such, we will ask you to provide us with identity information in order to create secure digital identities (credentials) that you can then use to identify yourself to or use services you need. Idyllic also provides identity based processes such as e-signatures and transactions so you can use your issued digital identities (credentials) in creative ways.
We ask you for identity information as part of using our app. For example, at enrolment you provide the following details:
· Your name
· Your email address
· Your phone number
· Your selfie
In certain circumstances, and for your safety and security we will send validation codes to your email address or phone number to ensure they are under your control.
Our Digital Identities (credentials) may require more identity information or documents before they can be issued and used. This might include items like Date of Birth or Driver’s License. In some circumstances, we will use the camera on your smartphone to collect identity images or to scan / extract other data (e.g. from a passport). Occasionally, we use your camera and microphone to facilitate video and audio interactions between you and 3rd party services you wish to use. In other circumstances you may be invited to participate in online identity validation processes. These techniques and processes will always be optional for you and will always request your consent before they are initiated. Idyllic will never use or collect data from you without your consent.
What permissions does our app need?
Idyllic requires access to the following information and services on your smartphone:
android.permission.INTERNET: Allows Idyllic to load metadata, to use server-side components necessary for security and to facilitate various identity interactions
android.permission.ACCESS_NETWORK_STATE: Allows applications to access information about networks
android.permission.CAMERA: Allows Idyllic to capture images and scan/capture images and data from identity documents and to capture/record video during certain identity interactions
android.permission.RECORD_AUDIO: Allows Idyllic to record audio during video interactions
android.permission.USE_FINGERPRINT: Allows the Idyllic app to be further secured on the app user’s smartphone
android.permission.READ_EXTERNAL_STORAGE: Allows idyllic to read information from external storage
android.permission.WRITE_EXTERNAL_STORAGE: Allows idyllic to store information on external storage
How is your information used?
We use your information to:
· create secure digital identities (credentials) on your behalf;
· to help you authenticate to any approved website
· to help you prove your identity to any approved service
· help you digitally sign documents on behalf of an approved service
· help you to transact or make agreements with another app user
· help you carry out other functions as a validated user of that approved service (e.g. complete surveys etc)
· to carry out our obligations arising from any contracts entered into by you and us;
· seek your views or comments on the services we provide;
· notify you of changes to our services;
· send you communications that you have requested or that may be of interest to you.
We review our retention periods for all personally identifiable information (PII) on a regular basis to minimize risk to you. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant transaction, or as long as is set out in any relevant contract you hold with us.
Who has access to your information?
We will not sell or rent your information to third parties.
We will not share your information with third parties for marketing purposes.
Third Party Service Providers working on our behalf: We will only pass your information to 3rd party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example help you prove your consent or your actions). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes. Please be reassured that we will not release your information to any third parties for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
We may share your data including any PII with our successor in interest in the event of a corporate reorganisation, merger or sale of all or substantially all of our assets.
How you can access and update your information?
The accuracy of your information is important to us. Our app allows you to update your identity information as required to create new or renew digital identities. From time to time we will request that you confirm or update your information in order to retain its currency and usability during identity interactions.
You have the right to ask for a copy of the information Idyllic holds about you. We may charge a fee to cover our costs in providing you with details of the information we hold about you.
Security precautions in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take steps to ensure that it’s treated and securely at all times. All personally identifiable information (PII) is encrypted and protected on both your smartphone and in transit to any of Idyllic’s services. Idyllic does not issue, use or store any passwords. Idyllic never stores PII persistently on any of its servers. Non-sensitive details (your email address etc.) may be stored on Idyllic servers, and can never be guaranteed to be 100% secure. While we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your PII, we make every effort to ensure its security on systems within our control at all times. Where we have provided you with digital identities (credentials) that enable you to access other businesses or services, you are responsible for keeping these safe and confidential. We ask you not to share your mobile device with anyone and to prevent unauthorised access to it by using your device’s security features or Idyllic’s PIN / Fingerprint protection (available from the settings page of the app).
We may analyse your personal information to help detect and reduce fraud and other risk.
Links to other websites
In addition, if you use this app as part of a service or suite of services provided by a 3rd party, Idyllic cannot be responsible for the privacy policies and practices of the owners and operators of that service and recommend that you check the relevant policies of that service.
16 or Under
We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian's permission beforehand whenever you provide us with personal information. Idyllic facilitates app users to provide or obtain consent for age related processes.
Transferring your information outside of Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU. These countries may not have similar data protection laws to the EU. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
Audio and Video recording
In some circumstances our app requires the use of video and audio services to help prove your identity to a business or service you may wish to use or to an app user you wish to make an agreement with. All such interactions are entirely optional for you and will always require your consent before they can begin. However, to ensure the integrity of such identity interactions, all video and audio is recorded and will be made available to you or your counter-party as required. All such recordings are stored encrypted and under strong access control by our 3rd party service provider.
Review of this Policy
We keep this Policy under regular review. This Policy was last updated in MAY 2018.