Comms.ID Identity Exchange Provider (IXP) Privacy Notice

This notice explains what happens when you use your Comms.ID to access a 3rd party (a "Relying Party") website, app, or service. In these moments, we are acting as an Identity Exchange Provider (IXP) in alignment with the Australian Government Digital ID System (AGDIS) framework.

Think of our Identity Exchange as a secure digital switchboard. It doesn't permanently store your identity; it manages the secure flow of information between you, your Comms.ID, and the Relying Party you wish to interact with. Its entire function is built around your control and your consent, and a particular distiction of Comms.ID Identity Exchange vs other identity systems is the principle of data minimisation.

2. Your Consent: "Access" or "Access and Duplicate" vs. "Duplicate"

When you use other digital identity systems with any other app or website they will request your consent to get your personal data, all of that data is all sent "over the wire". Usually they will say "access" but in fact in practice they duplicate your data! Over a period of 1-3 years, if you use 12-36 apps or financial services or any other websites or services, there will be 12-36 copies of your personal information on these 3rd party sytems and databases. This puts your data outside of your control, increasing the likelihood of it being hacked or misused. The default for other systems is actually to "Duplicate" your data, and it increases the risks of compromise by more than 1000-3000%.

Comms.ID Identity Exchange is different, it is designed to minimise this data duplication. When a Relying Party (any other app or website) requests your personal information, the only data they get "over the wire" that can be duplicated is what is needed for personalisation of your user expereince inside their app. For example, your name and a profile picture. Everything else they need, including records for compliance reasons, can only be "accessed" in a secure dashboard we provide to them called the Companion App. This means that if any of the 12-36 apps or websites or servies you use are compromised, most of your idenity data will not be there. The default for apps and websites that you use with Comms.ID is "Access", "Access and Duplicate" is highly restricted. "Duplicate" is not even an option.

When a website or app you use needs your personal information, Comms.ID Identity Exchange will clearly present to you on the consent screen:

• Access Only: This is our preferred and default method. With this consent, your personal information is not sent to the Relying Party's systems. Instead, it remains securely within the Comms.ID ecosystem and is made available to them only through our secure Companion App. This allows them to verify information as needed and meet compliance without creating a copy of your data.

• Access and Duplicate: In some cases, a Relying Party may require a copy of your data to function (for example, to display your name or profile picture in their user interface). With this consent, the specific information requested is securely sent to the Relying Party. While these Relying Parties are bound by the Privacy Act, this action does create a copy of your data outside of our direct control.

The Consent Process

The consent screen will show you exactly what information a Relying Party is requesting and what type of access they require. You have one simple choice:

• Agree: To accept the entire request as presented.
• Decline: To decline the entire request. No information will be shared.

If you Agree, you can use the Relying Party's app like normal. If you Decline, the Relying Party's app or service will not work.

3. Breach or overreach on your data

Keep in mind, with Comms.ID the Relying Parties are contractually bound not to request more of your data than what is absolutely nessecary. Relying Parties are also bound by the Privacy Act only to request data from you they actually need to provide the service you want from them. We will enforce the rights of Data Minimisation afforded to you if a Relying Party breaches or overreaches with respect to Data Minimisation, we take the matter of protecting your privacy rights more seriously than other identity systems.

4. Information We Handle (But Don’t Keep)

Our Identity Exchange is designed to be a temporary holder of your information. During a transaction, personal data passes through our systems. This information is encrypted during transfer and is transient. It is not retained by our Identity Exchange function once the transaction is complete. This is a core privacy protection that minimises the storage of your data in this part of our system.

5. Transactional Information We Do Keep

To ensure the security, integrity, and reliability of our platform, we do keep a record of the transaction itself. This “transactional data” is de-identified technical information and includes:

• A unique, anonymous identifier for the transaction session.
• The date and time of the transaction.
• The outcome of the transaction (e.g., successful, declined by user).
• Which Relying Party was involved.

We retain this de-identified data for auditing, security monitoring, and fraud investigation. This data is not linked to your personal identity in our Exchange logs.

6. Managing Your Consent

You are always in charge of who you share your information with. You can view and revoke any ongoing consents you have granted to Relying Parties at any time through the Comms.ID mobile or web applications. Revoking consent means that Relying Party can no longer use our service to verify your identity until you grant consent again.

For questions about these practices, please contact us using the secure channels listed in our Privacy Policy.