Comms.ID ISP and ASP Privacy Notice

1. Purpose of This Notice

This notice provides detailed information about how we handle your personal information when you create and manage your Comms.ID Digital ID. When we perform these functions, we are acting as an Identity Service Provider (ISP) and an Attribute Service Provider (ASP) in alignment with the Australian Government Digital ID System (AGDIS) framework.

Creating a Comms.ID is a prerequisite for using our services. This process involves verifying your identity to a high level of assurance and requires your explicit consent for the collection and storage of identity documents and biometric information, which are necessary for our high-security model.

2. Verifying Your Identity (Our Role as an ISP)

To issue you a secure, reusable Digital ID, we must first verify you are who you say you are.

• What Information We Collect: We will ask you to provide information from, and capture images of, your Australian government-issued identity documents. This includes:

  • An image of the identity document itself.
  • An image of you holding your identity document.

• How We Verify It: We use the details from your document to perform a real-time check with the Australian Government's Document Verification Service (DVS), confirming the details match the issuing agency's records.

• How and Why We Store Document Images: To enable high-assurance features and comply with regulatory expectations, we securely store the images of your identity document. This is necessary to:

  • Allow for offline or in-person verification (e.g., a venue checking your ID against your face).
  • Meet the requirements for higher Identity Proofing Levels (such as IP4).
  • Assist in high-priority fraud investigations.

---

3. Your Biometric Information: The Key to Your Security

Our platform is designed to be password-free. Your security is guaranteed by binding your verified identity to you as a person. This requires the use of your biometric information (your face) for both creating your Digital ID and for every subsequent authentication.

This section explains how we handle this sensitive information. Your explicit consent to these practices is mandatory to create and use a Comms.ID account. For detailed disclosures about face data retention periods and third-party sharing, see Section 4: Face Data Disclosure.

What We Collect and Why

During setup and subsequent authentications, we will ask you to perform a facial scan using your device's camera. This process includes a "liveness check" to ensure you are a real person.

From these scans, we create and securely store:

1. A biometric template: A mathematical representation of your face used for automated matching.
2. A limited gallery of your authentication images and videos: These are retained to provide a higher level of confidence and security for your account.

Storing this information is mandatory because it is essential for our security model. It allows us to:

• Effectively investigate fraud or transaction disputes (e.g., if you report an unauthorised event).
• Securely verify your identity if you register a new, untrusted device.
• Maintain an auditable, high-confidence record of authentications.

Continuous Improvement of Our Biometric Systems

In alignment with the Digital ID Act 2024 and Accreditation Rules, we may also use biometric information to test and continuously improve our identity verification systems. This includes:

• Ensuring our presentation attack detection correctly rejects fraudulent attempts.
• Optimising our biometric matching to improve accuracy and performance.
• Identifying and correcting any system biases to ensure our technology does not disadvantage or discriminate against any group.

This testing is conducted in accordance with ethical principles and, where possible, uses synthetic or anonymised data. When real biometric information is used, it is protected in accordance with our security controls and destroyed when no longer required for testing purposes.

How We Use Your Biometric Information

Your biometric data is used exclusively for identity verification and authentication purposes. This is always a one-to-one (1:1) match to confirm your presence and identity. We will never use your biometric information for one-to-many (1:N) searching or for any other purpose.

Your Biometric Data Is Never Shared With Third Parties

Your biometric information is never shared with, sold to, or accessible by any third party for their own purposes, including Relying Parties. When you use your Comms.ID to verify your identity with a Relying Party, only the result of the verification (confirmed or not confirmed) is shared—never your biometric data itself. For information about secure cloud infrastructure used for real-time processing, see Section 4: Face Data Disclosure.

Your Explicit Consent

By creating an account and ticking the specific consent checkbox during registration, you provide your express and informed consent for Comms.ID to collect, use, and store your biometric template, as well as the images and videos from your identity setup and subsequent authentications, as described in this section.

Data Retention and Your Right to Withdraw Consent

You have the right to withdraw your consent at any time. Withdrawing consent will result in the closure of your Comms.ID account, as biometric authentication is essential for the security and operation of our service.

After account closure, your biometric template and associated authentication images and videos will be retained for up to 7 years for compliance purposes, then permanently destroyed.

---

4. Face Data Disclosure

This section provides specific disclosures about our handling of face data (biometric information derived from facial images) as required by applicable laws and platform policies.

Types of Face Data Collected

When you use Comms.ID, we collect the following types of face data:

1. Facial images and liveness videos: Photos and videos captured during identity verification and authentication.
2. Biometric templates: Mathematical representations derived from your facial images, used for automated matching.

Retention of Face Data

Liveness check videos captured during identity verification:

• Retained: No.
• Duration: Destroyed immediately after the verification process completes.
• Reason: These videos only confirm you are a real person during initial verification. Once verified, they serve no ongoing purpose.

Biometric templates for authentication:

• Retained: Yes, with your explicit consent.
• Duration: For the active lifetime of your account, or until you withdraw consent, whichever occurs first. After account closure, retained for up to 7 years for compliance purposes, then permanently destroyed.
• Why this duration: Your biometric template is required to authenticate you each time you access your account. Without a stored template, we cannot verify it is you attempting to access your identity. This is the foundation of our passwordless security model. After account closure, the biometric template is retained as part of your identity verification record to meet our obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act), which requires retention of verification records for 7 years. Retention of biometric templates for authentication purposes with express consent is authorised under section 49 of the Digital ID Act 2024.

Authentication images and videos (limited gallery):

• Retained: Yes, with your explicit consent.
• Duration: Rolling 24-month window from capture while your account is active. After account closure, retained for up to 7 years for compliance purposes, then permanently destroyed.
• Why this duration: While your account is active, this rolling timeframe allows us to investigate potential fraud or disputed transactions within applicable limitation periods, verify your identity when registering new devices, and maintain an auditable security record. Images and videos older than 24 months are automatically destroyed even if your account remains active. After account closure, remaining images are retained as part of your identity verification record to meet our obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act).

Biometric information used for system testing:

• Retained: Yes, temporarily, where real data is used.
• Duration: Maximum 14 days from collection, then destroyed.
• Why this duration: This is the maximum period permitted under the Digital ID Act 2024 for testing purposes. Testing is conducted in accordance with ethical principles and, where possible, uses synthetic or anonymised data instead of real biometric information.

Third-Party Sharing of Face Data

We do not share your face data with any third party for their own purposes. This includes:

• Relying Parties who use Comms.ID to verify your identity
• Advertisers or marketing partners
• Data brokers or analytics providers
• Any other external organisations

When you verify your identity with a Relying Party using Comms.ID, only the result of the verification (confirmed or not confirmed) is shared—never your biometric data.

Limited exceptions: Face data may only be disclosed to law enforcement agencies if:

• Required by a valid warrant issued under Australian law; or
• You provide express consent for the disclosure for the purpose of verifying your identity or investigating an offence.

Because we do not share face data with third parties for their own purposes (except under the limited law enforcement exceptions above), there are no third parties storing your face data as a result of our services.

Processing Partners

To perform facial matching and liveness detection, we use secure third-party cloud infrastructure for real-time processing. These service providers process your facial images transiently and do not retain your face data after processing completes. They act as data processors under our contractual instructions. This processing may occur in data centers outside Australia; however, no face data is stored overseas—only transient processing occurs.

Withdrawal of Consent

You may withdraw your consent to biometric processing at any time. Upon withdrawal, your Comms.ID account will be closed, as biometric authentication is essential to our security model. Your biometric template and authentication images and videos will then be retained for up to 7 years for compliance purposes before being permanently destroyed.

---

5. Verifying Your Attributes (Our Role as an ASP)

• Beneficial Ownership: Our service can verify your status as a beneficial owner or director of a company. We do this by checking your details against information held in official government sources, such as the Australian Business Register (ABR).
• Other Attributes: We do not currently verify other attributes, such as professional qualifications, unless it is to conduct simplified verification of a regulated entity that is itself a Relying Party, as permitted by law.

6. Record Keeping and Your Data

As outlined in our Privacy Policy, we are subject to legal obligations, including the Anti-Money Laundering and Counter-Terrorism Financing Act 2006. This requires us to keep records of identity verification actions and the evidence used for that verification for a minimum period of 7 years. This retention requirement applies to the images of the identity documents you provided during setup.

However, this legal retention requirement does not apply to your biometric data in the same way. As detailed in Section 4: Face Data Disclosure, biometric templates and authentication images/videos are retained for up to 7 years after account closure for compliance purposes, then permanently destroyed.