Privacy Policy

Last Modified: March 21, 2022

AV Tech Global LLC (“AV Tech”) respects your privacy and is committed to protecting it through our compliance with the practices described in this privacy policy.

In this privacy policy, we explain how and on what grounds we collect, store, and Process Personal Data of Data Subjects, i.e., our Client’s representatives, Users, and Visitors. We also explain what Data Subjects’ rights are and our obligations and liabilities.

AV Tech mainly Processes Users’ information as directed by our Clients for providing our Services. Our Clients are the data controllers who determine the purpose of Processing Personal Data and, accordingly, AV Tech is a Data Processor of User information for those services. In other cases, AV Tech is a Data Controller of User information (e.g., for Visitors of the Website). We may also Process certain Data Subjects’ information in anonymized form to develop and improve our Services and in other forms and purposes set out in this privacy policy.

To fully understand how Personal Data is Processed, Data Subjects should review privacy notices shared with the Users by AV Tech and privacy policies of those Clients’ for whose services they are getting identified for.

Please review this privacy policy carefully and contact our privacy offer at if you have any questions, comments, or concerns.

1. Definitions

In this privacy policy, the following definitions apply:

2. Personal Data we Process

Personal Data we Process about Users. We provide personal identity verification services to Clients. This means we verify Users and for that you (i.e., the User) have acknowledged data Processing according to the Client’s privacy policy and data Processing by us under this privacy policy. We may collect and Process, among other data, the following Personal Data:

Personal Data we Process about the Client’s representative. To enter into the Agreement, to provide our Service, to communicate with the Client’s representative, and for other lawful reasons we need to Process the data of Client’s representative. This means we may Process, among other information, the following Personal Data of the Client’s representative:

Personal Data we Process about Visitors to our Website or Users of our Service. We may collect data when you visit our Website or Service by using cookies (see Cookie Policy) or other similar technologies (e.g., IP address, equipment information, location information, beacons) and Process the data gathered by them. This data, among other information, may be as follows:

3. How we obtain Personal Data

How we obtain User’s Personal Data. We use different methods to collect Personal Data from and about Users including through:

How we obtain Client’s representative’s Personal Data. We collect this data either from you directly when you communicate with us directly, e.g., by sending us an email, providing us with your Personal Data on the phone or through our customer support tools. We may also collect some of your Personal Data while providing Service to your employer. We also check information about the Client (including about relevant representatives of the Client) from publicly available sources. We only gather relevant and necessary data to validate the right of representation, e.g., this may include verification of your identity, Processing of your Personal Data for introducing the Service, etc. Again, providing Personal Data is voluntary. However, if you do not provide your Personal Data, the Client might not be able to use the full range of our Services.

Purpose of Processing with the held of cookies and similar technologies. We use the collected data to enable providing the Service according to the habits of a Visitor / User, to ensure the best Service quality, to inform the Visitor about the contents and give recommendations, and to update advertisements and make marketing efforts more efficient. The collected data will also be used for counting the Visitors / Users and recording their habits. Read more from the Cookie Policy.

4. Legal Grounds and Purposes of Processing

Provision of Services. For Personal Data about Users, AV Tech’s main purpose for processing is to verify your identity for our Clients, and for this purpose we capture biometric data (i.e., identifiers and information).

We or our Client may ask you to grant us consent for Processing. Please note that we cannot provide the Service for an anonymous User, and thus using our Service is subject to disclosing Personal Data to us and consenting to the Processing of Personal Data by the Client and us. However, giving consent is voluntary, but failing to do so might mean that we might not be able to provide you with the Service. For example, we will not be able to verify your identity. In some circumstances, e.g., for automated decision-making, you might be asked to provide us with explicit consent. If you have granted the Client or us a consent to Process Personal Data, the details of that processes and purposes of it will be outlined in the consent itself.

We mainly Process your Personal Data as a Processor for the Client’s benefit to fulfill the Agreement entered into with the Client for:

We also Process your Personal Data if Processing is necessary in our legitimate interests, meaning our interest in the management and direction of our business to be able to offer the best possible services on the market. For our legitimate interest, we may Process data for the following purposes:

In addition, we may provide status information on our web pages and Service with the held of a third-party service provider.

We only Process Personal Data on this legal basis (legitimate interest) after careful assessment to ascertain that the legitimate interest is in compliance with the interests and rights of a Data Subject.

Processing for a new purpose. When Personal Data Processing is carried out for a new purpose different from those for which the Personal Data was originally collected or is not based on the consent given by the Data Subject, we will carefully assess the permissibility of that new Processing. To determine whether the Processing for the new purpose follows the purpose for which the Personal Data was originally collected, AV Tech will consider the following:

5. Service development, process, and provision (Automated Processing and decision making)

Machine learning helps to recognize specific patterns in information and make predictions about new sets of information based on those patterns. Algorithms are built, trained, and tested on training sets, which comprise of real data. No biometric data including “biometric identifiers” or “biometric information” is used to train AV Tech’s machine learning training. That processing is only done for internal use to improve and develop our services and done only based on the contractual mandate received from our Clients under the precondition that a valid legal basis has been obtained.

AV Tech also uses machine learning to provide Services to our Client. AV Tech stands for the concept that machine learning is conducted in an ethical and trustworthy way that respects human rights and freedoms. Machine learning as a tool will enable Users to receive better, more secure and faster services provided by AV Tech’s Clients and help to prevent and detect fraud. Datasets used to develop, test, and train are kept in separate, monitored, and highly secure data research environments. Machine learning is also the driving engine for AV Tech’s innovation when improving our Services, testing new features, and ensuring quality Services.

For fraud prevention and detection purposes, AV Tech also checks whether facial images show signs of fraud. To provide this check quickly, in a secure and accurate way, numerical biometric data is extracted from previously collected facial images and device and network information is retained for a limited amount of time as agreed with AV Tech’s Clients. For each verification session, AV Tech captures a new facial image from the User and compares the data derived from the capture to the data we have retained for them.

For further improvement of our Services, Service performance and features testing (A/B tests) is used to analyze the User experience and response regarding changes to the structure, text, or any other feature of AV Tech’s Service.

The verification process is either automated or semi-automated:

The decision on whether the Client provides its service to the User is made by the Client. Meaning, even if the verification flow has been fully automated, the Client will take the verification result into account in decision on whether to provide its service or not. The verification results itself are not determinative for whether the Client’s service is provided to the User.

6. Disclosure of Personal Data

We may disclose aggregated information about our Users, and information that does not identify any individual, without restriction.

We may disclose Personal Data that we Process or you provide as described in this privacy policy:

We may also disclose your Personal Data:

7. Transfer of Personal Data

We are based in the United States of America. For operational reasons we may Process, store, and transfer the Personal Data we Process, in and to a country outside your own, with different privacy laws that might or might not be as comprehensive as your own. Where we do so, and where we are required to under local law, we will put in place appropriate mechanisms to ensure that your Personal Data receives an adequate level of protection where it is processed, including, but not limited to, relying on adequacy decisions issued by or standard contractual clauses approved by the European Commission. In cases where AV Tech acts as the Data Controller, we will make available further information on the safeguards applied (if relevant) on your request.

If you are a Canadian resident or otherwise located in Canada, please note that Personal Data transfers outside of Canada might result in your data becoming accessible to foreign jurisdiction’s law enforcement or other authorities.

8. Your Personal Data use choices

We strive to provide you with choices about the Personal Data you provide to us. We have created mechanisms to provide you with the following control over your data:

We do not control third parties’ collection or use of your Personal Data to serve interest-based advertising. But these third parties may provide you with ways to choose not to have your information collected or used in this way.

9. Accessing and correcting your Personal Data

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your Personal Data changes. You may request access to and to correct the Personal Data that we hold about you.

If you want to review, verify, correct, or withdraw consent to the use of (if allowed by the law of your jurisdiction) your Personal Data, you may send us an email at to request access to, correct, or delete any Personal Data that you have provided to us. Please note that if you withdraw your consent, we might not be able to provide you with a particular product or service. We will explain the impact to you at the time to help you with your decision. In some circumstances, we cannot delete your Personal Data except by also deleting your account. We will not accommodate a request to change or delete information if we believe the change or deletion would violate any law or legal requirement or cause the information to be incorrect. Unless prohibited by law, we may charge you a fee to access your Personal Data, however, we will notify you of any fee in advance.

We may request specific information from you to help us confirm your identity and your right to access and to provide you with the Personal Data that we hold about you or make your requested changes. Law may allow or require us to refuse to provide you with access to some or all the Personal Data that we hold about you, or we might have destroyed, erased, or made your Personal Data anonymous under our record retention obligations and practices. If we cannot provide you with access to your Personal Data, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

10. Data security

The security of your Personal Data is very important to us. We do our best to protect Personal Data in our hands.

We use physical, technical, and organizational safeguards designed to protect your Personal Data from unauthorized or arbitrary modifications, disclosure, acquisition, destruction, loss, theft, misuse, alteration, or unauthorized access.

Unfortunately, the transmission or storage of information through the internet is not completely secure. Thus, despite the security measures that we have put in place to protect Personal Data about you, we cannot guarantee that loss, misuse, or alteration of data will never occur. If you have any information about an actual or suspected data breach, please inform us immediately at

11. Data retention

To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the Personal Data and the purposes for which we Process it. We must also consider periods for which we may need to retain Personal Data to meet our legal obligations or to deal with complaints or queries and to protect our legal rights in the event of claims being made. Any data retention periods referenced here that would be more than three years are not applicable to Personal Data qualified as biometric identifiers or biometric information for Illinois law. For Texas, the preceding is limited to one year, dated from the collection of that information.

We will store your Personal Data for as long as required by law or in accordance with the law, or for the purposes stated in this privacy policy.

We store the data of Users during the period set out in the Agreement (we may have different data retention periods agreed on with the Client lasting up to three years) or as long as it is necessary for possible establishment, exercise, or defense of legal claims of Users, Clients, or ourselves.

We may store your Personal Data, for a longer period than the Agreement duration if we have a lawful basis do to so, e.g., you have given us consent to use your Personal Data for the development of our Services or we have assessed that we have legitimate reason to do so, e.g., in pseudonymized form or for the Service history log.

After the Personal Data storage period expires, we will anonymize or permanently erase your Personal Data.

12. Children’s Personal Data

Our Website and Service is not intended for persons under 18-years old. No one under 18-years old may provide any Personal Data to or on the Website. We do not knowingly collect Personal Data from persons under 18-years old. If you are under 18, do not use or provide any Personal Data on this Website or through any of its features, register on the Website, or provide any information about yourself to us, including your name, address, telephone number, email address, or any scree name or username you might use. If we learn we have Processed Personal Data from a person under 18, we will delete that information. If you believe we might have any information from or about a person under 18, please contact us at

13. Do Not Track policy

Do Not Track (“DNT”) is a privacy preference that you can set in your browser. DNT is a way for you to inform websites and services that you do not want certain information about your webpage visits collected over time and across websites or online services. We are committed to providing you with meaningful choices about the information it collects and that is why we provide you the ability to opt out. But we do not recognize or respond to any DNT signals as the internet industry works toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT. For more information about DNT, visit

14. Notice to Illinois, Texas, and Washington residents

The Illinois Biometric Information Privacy Act, the Business Code of Texas on the Capture or Use of Biometric Identifiers, and the Washington Biometric Privacy Law regulates the collection, storage, use, and retention of “biometric identifiers'' and “biometric information.” “Biometric identifier” means a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry. Biometric identifiers do not include writing samples, written signatures, photographs, human biological samples used for valid scientific testing or screening, demographic data, tattoo descriptions, or physical descriptions including height, weight, hair color, or eye color. “Biometric information” means any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual.

AV Tech collects certain biometric identifiers and biometric information, namely face scan information (face geometry information and information based on that), during the identity verification process. Collection of this information is required to verify your identity or authenticate your identity against data already obtained about you based on instructions from AV Tech’s Client. This information is only retained for the period required for the verification and authentication process or for the period required by the Client, but this data will not be retained for more than three years after your last interaction with AV Tech for the residents of the State of Illinois and more than one year after your last interaction with AV Tech for the residents of the State of Texas. By providing your consent for the verification process, you consent to providing AV Tech with biometric information and identifiers and for AV Tech to use and store that information for verifying and authenticating your identity and as otherwise required by the Client and disclosure of your biometric information to its service providers to provide the Service.

AV Tech uses the reasonable standards of care within its industry to store, transmit, and protect from disclosure your facial scan information, in a manner that is the same as or more protective than the manner in which it stores, transmits, and protects other confidential and sensitive information. AV Tech will not sell, lease, trade, or otherwise profit from the biometric information and identifiers than to provide the Services to its Client.

For disclosures of the preceding information, please see paragraph 6 of this privacy policy.

15. Your California privacy rights

If you are a California resident, California law may provide you with additional rights about our use of your personal data. To learn more about your California privacy rights, visit this link. As a “Service Provider” as defined in the California Consumer Privacy Act (CCPA), AV Tech will not sell, retain, use, or disclose personal information for any purpose other than as set out in the Agreement or as otherwise permitted or required by the CCPA.

California’s “Shine the Light” law (Civil Code Section 1798.83) permits Users and Visitors of our Website who are California residents to request certain information regarding our disclosure of personal data to third parties for their direct marketing purposes. To make that request, please send an email to

16. Your Nevada privacy rights

Nevada residents who wish to exercise their sale opt-out rights under Nevada Revised Statutes Chapter 603A may submit a request to this designated address: However, please know we do not currently sell data triggering that statute’s opt-out requirements.

17. Your EEA and UK privacy rights

If you live in the EEA or UK, under certain circumstances, you have rights under data protection laws in relation to your Personal Data. Your rights may include the following:

If you wish to exercise any of the rights set out above or ask questions about the privacy policy, please contact us at We will respond to your request by email as a rule within one month. Before we can provide you with the requested information regarding your Personal Data, we may need to verify your identity. If your request concerns data we have Processed as a Processor (i.e., while providing Services), you must submit your request to the Client who is the Data Controller of Processing of your Personal Data who might fulfill the request. We will inform you if this is the case. You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

If you live within the EEA, you have the right to make a complaint at any time to the appropriate supervisory authority for your country of residence. See for those details.

If you live in the UK, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (

We would, however, appreciate the chance to deal with your concerns before you approach your supervisory authority so please contact us in the first instance.

18. Changes to our privacy policy

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat Personal Data, we may notify Clients and Users whose contact information we have or through a notice on our Website home page. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes.

19. Contact information

To ask questions or comment about this privacy policy and our privacy practices, contact us at We have procedures in place to receive and respond to complaints or inquiries about our handing of Personal Data, our compliance with this policy, and our compliance with privacy laws. To discuss our compliance with this policy, please contact us.