Privacy Policy

Effective Date: July 1, 2026

Last Updated: July 1, 2026

Welcome to KYCService.com (“we,” “our,” or “us”). We are committed to protecting your privacy and safeguarding the personal and sensitive data you entrust to us. This Privacy Policy explains how we collect, use, disclose, and secure your information when you use our Know Your Customer (KYC) and identity verification services (the “Services”).


1. Information We Collect

To perform identity verification accurately and comply with global anti-money laundering (AML) and counter-terrorism financing (CTF) regulations, we collect several categories of information:

  • Identity & Demographic Data: Full name, date of birth, gender, nationality, and place of birth.

  • Government-Issued Identification: Images and data extracted from passports, driver’s licenses, national ID cards, and visa documents (including document numbers, expiry dates, and barcodes).

  • Biometric Data: Liveness checks, facial scans, and biometric templates derived from your photos/videos to match your face against your identity documents.

  • Contact Information: Email address, phone number, and physical billing/residential address.

  • Financial & Corporate Data: Proof of address documents (e.g., utility bills, bank statements) and source of funds declarations where legally required.

  • Technical & Usage Data: IP address, device type, operating system, browser type, and timestamps of your verification sessions.


2. How We Use Your Information

We process your data strictly for the following purposes:

  • Identity Verification: To verify that you are who you claim to be on behalf of our business clients (the organizations requesting your KYC verification).

  • Fraud Detection & Prevention: To detect, prevent, and mitigate identity theft, financial fraud, money laundering, and other illicit activities.

  • Compliance with Law: To fulfill legal obligations under applicable global AML/KYC regulations.

  • Service Improvement: To optimize our verification algorithms and improve system security (using anonymized or pseudonymized data wherever possible).


3. Legal Basis for Processing

We process your data under the following legal frameworks:

  • Consent: Explicit consent provided by you when uploading your biometric data and documents.

  • Contractual Necessity: To perform the identity verification requested by you or the platform you are trying to access.

  • Legal Obligation: To satisfy statutory requirements relating to AML, KYC, and financial auditing.


4. How We Share Your Information

We do not sell your personal data. We only share your information in the following limited circumstances:

  • With the Requesting Client: The business or platform that directed you to our Services to complete your KYC check.

  • Service Providers: Trusted third-party vendors who assist us with secure data hosting, OCR text extraction, or database cross-referencing (e.g., sanction list screening). These providers are bound by strict confidentiality agreements.

  • Legal & Regulatory Authorities: When required by law, subpoena, or government order to cooperate with law enforcement or financial regulators.


5. Data Security

Data security is our highest priority. We implement robust technical and organizational measures to safeguard your sensitive information:

  • Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.

  • Access Control: Strict role-based access controls (RBAC) ensure that only authorized personnel have access to your data.

  • Anonymization: Biometric data and images are purged or heavily pseudonymized immediately after the verification process is complete, subject to client agreements and legal retention requirements.


6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, satisfy our clients’ compliance needs, or meet statutory retention periods required by financial regulations (typically ranging from 5 to 7 years depending on the jurisdiction). Once the retention period expires, your data is securely deleted or anonymized.


7. Your Privacy Rights

Depending on your location (e.g., European Union under GDPR, California under CCPA), you may have the following rights regarding your data:

  • Right to Access: Request a copy of the personal data we hold about you.

  • Right to Rectification: Request correction of inaccurate or incomplete data.

  • Right to Erasure (“Right to be Forgotten”): Request deletion of your data, subject to legal retention overrides.

  • Right to Withdraw Consent: Withdraw your consent for biometric processing at any time.

To exercise any of these rights, please contact the organization that requested your KYC check originally, or contact us directly at the email below.


8. International Data Transfers

As a global service, your information may be transferred to and processed in countries outside of your home jurisdiction. We ensure that such transfers are protected by adequate safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission.


9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. We will notify you of any material changes by posting the new policy on this page with an updated effective date.


10. Contact Us

If you have any questions, concerns, or privacy requests regarding this policy, please contact our Data Protection Officer (DPO) at:

Email: [email protected]