Your data is protected
We guarantee the highest level of trust, which is why we certify both the accuracy of our technol
ogies and the security of our systems, in accordance with various standards.
Proprietary technology in accordance with the highest standards and the most stringent regulations
ALICE meets the highest standards of risk prevention and offers you CCPA, GDPR and WCAAG compliance to protect your customers’ privacy.
Data protection by design and by default
Data protection legislation (GDPR) is based on the idea that individuals are the owners of their personal data. This implies that individuals have the power to control their personal data, its use and destination.
Alice, complies with the guidelines established by the General Data Protection Regulation (or GDPR) and the Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights (hereinafter, LOPDPPDD), guaranteeing this right to privacy of users by default and from the design of our product.
At Alice we determine which security measures (technical, organisational and legal) need to be put in place before any processing of personal data is carried out, to be implemented during the design of the processing and which by default comply with the principles of minimisation and limitation.
- Responsabilidad proactiva
- Certifications and compliance. We periodically carry out data protection impact assessments whenever necessary. We are also certified with ISO 27001 for Information Security.
- Minimisation of personal data. Our solution only collects data that is strictly essential to fulfil the service provided to our customers.
- Data encryption. End-user data is encrypted during transport and storage with advanced encryption standards approved by the National Cryptologic Centre to protect it and make it unusable in the event of a data breach.
- Data deletion. Once we verify our customers’ users, we delete this information in accordance with the timeframes set out in our Data Retention Policy, depending on each customer’s needs.
- Specialist Data Protection Officer. We have a DPO and cooperate with the Spanish Data Protection Agency.
- Transparent communication with customers. Alice is committed to informing its customers within 36 hours of any security breach that may compromise its users’ data.
The data lifecycle at Alice Biometrics
What is the journey of your personal data like when you sign up for a service that uses Alice Biometrics technology?
Let’s say, for example, that you are going to sign up for a digital bank, using your mobile phone. This data journey begins with the use of the camera, scanning your ID card and your face. A fast, convenient and secure process.
Who processes your data and what use is made of it?.
At Alice Biometrics we capture your ID document and your face and we verify the data on our servers to validate that your ID document is authentic and that the person who has taken the selfie is the same as the person on the document.
Once this is done, we return this information to the digital bank, which will be responsible for safekeeping it. And it can only use this information to validate your identity, which is what you have given your consent for. The regulation makes it clear that it is not allowed to use this information for any other purpose.
Are there any risks from the use of the face? Are there any risks from the use of the face?
No. Alice’s biometric technology converts your face into an undecipherable and irreversible mathematical vector. Once generated, it is not possible to go back to the original image, as it is a non-interoperable numerical representation. In other words, only the system that created it can read and understand it.
Where is all this information processed? Where is all this information processed?
Alice Biometrics is hosted in world-class public cloud data centres, meeting the highest security standards and certifications in the industry.