Privacy Policy
Last updated: [Month Day, Year]
Replace this page with your actual Privacy Policy. Paste your existing policy text into this template, keeping the same styling. A few reminders from the compliance review (doc 06) to check are actually present:
- What's collected during ID verification (document + selfie), how long it's retained, and who can access it
- Biometric data consent language — Illinois' BIPA in particular carries steep statutory damages ($1,000–$5,000 per violation) and applies to the selfie/document face-match step specifically
- CCPA/CPRA rights (access, deletion, opt-out of sale) for California residents
- Data sharing with vendors (Stripe Identity, Supabase, Postmark, Twilio) named explicitly
- Waheed LLC named as the data controller, consistent with your Terms of Service
1. Information we collect
[Your policy text here — profile data, ID verification documents, photos, messages, usage data.]
2. How we use your information
[Your policy text here.]
3. Biometric data
[Required disclosure and consent language for ID/selfie verification.]
4. Data sharing with service providers
[Name your vendors: ID verification provider, payment processor, hosting/database provider, email/SMS providers.]
5. Your rights & choices
[Access, correction, deletion, and opt-out rights, including state-specific rights such as CCPA/CPRA.]
6. Data retention & security
[Your policy text here.]
7. Contact
Waheed LLC — [address] — hello@namzadapp.com