Welcome to iDen2 Inc ("we" or "us"). This Privacy Policy is designed to help you understand how we collect, use, disclose, and safeguard your personal information when you use our website and related services.1. Information We Collect2. How We Use Your Information3. Sharing Your Information4. Cookies and Similar Technologies5. Your Choices6. Security7. Children's Privacy8. Changes to This Privacy Policy9. Contact Us

Effective Date: Jan 2, 2025

This privacy policy outlines how Iden2, Inc. collects, uses, protects, and shares personal information when you use our digital identity verification services. We recognize that your privacy is paramount and are committed to being transparent about our data practices.

Introduction and Company Commitment

At Iden2, Inc. ("Iden2," "we," "us," "our"), we are committed to protecting your privacy and safeguarding your personal information. This Privacy Policy describes how we collect, use, and disclose information when you use our digital identity verification services, mobile applications, websites, and related services (collectively, the "Services").

Our Core Privacy Commitments:

• We will never sell, rent, or trade your Personal Information

• We have built robust security and privacy safeguards into our technology from inception

• We only transfer your Personal Information with your consent, to assist in verifying your identity, or as required by law.

• We give you control over your data, allowing you to see who has access to your information..

• 
  

You must be at least 16 years old to use our Services and may need to meet additional age requirements to use certain features.

Types of Information We Collect

We may collect and process the following categories of personal information, depending on how you choose to use our Services:

Information You Provide

When you use our Services, you may provide us with:

• Account Information: Email address, phone number, and other contact details necessary to create and maintain your account

• Identity Verification Information: Photos or videos of yourself ("Selfie") and images/scans of your government-issued identity documents (passport, driver's license, or other permitted identity documents)

• Travel Information: Travel dates, booking details, and itinerary information if you choose to use travel-related services

• Health Information: Vaccination records or other health information, if you decide to use health verification services

• Other Information: Any additional information you choose to provide when contacting us with requests or inquiries

Information We Generate

When you use our Services, we may generate the following information:

• Unique Identifiers: We create unique IDs associated with your account

• Verification Results: If you ask us to verify your identity, we will:

  • Extract information from your identity documents (document type, document number, name, date of birth, sex, citizenship, issuing authority, expiration date)

  • Generate facial scans comparing the image in your Selfie with the portrait in your identity document, which may be considered biometric information under applicable privacy laws

• Usage Records: We create records of your use of our Services, including identity verifications performed and data shared with partners at your request

Information We Collect Automatically

When you use our Services, we may automatically collect:

• Device Information: IP address, device type, operating system, device language

• Usage Information: How you interact with our Services, including features accessed and actions taken

How We Use Your Information

We do not sell, lease, trade, or otherwise profit from your personal information. We use your information only for the following purposes:

To Create and Manage Your Account

We use your email address and contact information to:

• Create and maintain your account

• Send important service information and updates

• Provide customer support

To Enable Core Services

We use your personal information to:

• Enable you to use our identity verification services

• Allow you to upload a Selfie and identity documents

• Maintain a record of your activities

• Process your requests to delete information

To Verify Your Identity

When you request identity verification, we use your Selfie and identity documents to:

• Verify the authenticity of your identity documents

• Confirm that the documents belong to you through facial comparison

• Create a verified digital identity that you can use across our services

To Share Information at Your Request

When you authorize us to share your verified identity with our partners, we will:

• Only share information you explicitly approve

• Clearly inform you what information will be shared and with whom

• Allow you to review and revoke sharing permissions

• Enable efficient and secure interactions with our partners' services

To Improve and Secure Our Services

We use information about how you use our Services to:

• Enhance and improve our Services

• Develop new features and functionality

• Detect and prevent fraud, spam, and unauthorized activities

• Troubleshoot technical issues

To Comply with Legal Obligations

We may use your information to:

• Comply with applicable laws, regulations, and legal processes

• Respond to lawful requests from public authorities

• Protect our rights, privacy, safety, or property

When We Share Your Information

We share your personal information only in the following circumstances:

With Service Providers

We share information with service providers who help us to:

• Verify your identity

• Provide technical infrastructure and support

• Analyze usage data to improve our Services

• Provide customer support

• Conduct audits and ensure compliance with applicable laws

Prohibited Practices

• AI Training: We prohibit the use of personally identifiable information for model training. Iden2 may incorporate usage data into models with your explicit consent.

• Advertising: Iden2 does not share data with ad networks, data brokers, or affiliate marketers.

• Political/Law Enforcement: We challenge non-public government requests for data unless we are legally compelled to do so.

With Partners at Your Request

If you choose to connect your verified identity with one of our partners:

• We will share only the information you explicitly approve

• You will need to review and approve each instance of sharing

• We will clearly display what information will be shared, with whom, for what purpose, and for how long

• You can review active sharing permissions and revoke access at any time

With Group Companies

We may share information with other companies in the Iden2 corporate family who help us provide, improve, and secure our Services.

For Business Transactions

We may share information in connection with a corporate transaction, such as a merger, acquisition, or sale of assets

For Legal Purposes

We may share information:

• In response to lawful requests from public authorities

• To protect against fraud, spam, abuse, or security threats

• To enforce our terms and policies

• To comply with applicable laws and regulations

Where Your Information is Stored and For How Long

Storage Location

We primarily store and process your personal information on servers in the European Union and data centers in the Asia-Pacific region to ensure optimal service to users across global markets.

Storage Duration

For most identity document information: Your Selfie, identity documents, and information extracted from these remain within our mobile application and are only accessible to you. We do not have ongoing access to this information except:

• When you request identity verification, we and our service providers will access this information temporarily and delete it from our servers within 48 hours after completing verification

• When you request sharing with partners, we provide temporary access to the partner as specified in your sharing approval

• 
  

For account information, we retain your account details as long as your account is active or as necessary to provide you with our Services.

For transaction records: We maintain records of verifications performed and data shared for legal and compliance purposes as required by applicable laws

Data Deletion

You may delete your information at any time by:

• Deleting specific information through our application

• Deleting your account entirely

• Contacting us to request the deletion of information we maintain

Data Security

The security of your personal information is a top priority for us. We implement robust security measures to protect your information:

Technical Safeguards

• Encryption of personal information during transmission and at rest

• Access controls limiting who can view your information

• Security monitoring to detect and prevent unauthorized access

• Regular security assessments and penetration testing

• Use of certified authentication devices for capturing biometric information

Organizational Safeguards

• Employee training on data protection and security

• Non-disclosure agreements with employees and contractors

• Background checks for personnel with access to sensitive information

• Incident response procedures for promptly addressing security incidents

• Regular audits of our security practices

Data Protection in the Asia-Pacific Region

For users in the Asia-Pacific region, we implement additional measures:

• Compliance with regional data protection laws, including Singapore's Personal Data Protection Act and Australia's Privacy Act

• Specialized data handling procedures for certain identity verification programs

• Masking of identification numbers by default, with only the last four digits displayed

• Enhanced security protocols for handling data under Singapore's MyInfo and Australia's myGov frameworks

Your Rights and How to Exercise Them

Depending on where you live and subject to applicable data protection laws, you may have the following rights:

Access and Transparency

• Right to access: Request information about what personal data we hold about you

• Right to transparency: View details of who has accessed your information through our Services, past and present

Control and Choice

• Right to correction: Update or correct inaccurate information

• Right to deletion: Request deletion of your personal information

• Right to object: Object to the processing of your information

• Right to restriction: Request that we temporarily or permanently stop processing certain information

• Right to withdraw consent: Withdraw consent at any time for processing based on consent

• Right to data portability: Request your data in a structured, commonly used format

How to Exercise Your Rights

You can exercise your rights by:

• Using the self-service features in our application to view, edit, or delete information

• Contacting our privacy team at privacy@iden2.com

• 
  

We will respond to your request within 30 days, or as required by applicable law.

International Data Transfers

We may transfer your personal information to countries other than where you reside. When we transfer information outside your country, we implement appropriate safeguards:

• For transfers to countries not recognized as providing adequate protection, we use Standard Contractual Clauses approved by the relevant authorities

• We implement additional technical and organizational measures to ensure the security of cross-border transfers

• We conduct assessments of the data protection laws in recipient countries

For users in the Asia-Pacific region, we comply with cross-border data transfer requirements under:

• Singapore's Personal Data Protection Act

• Australia's Privacy Act

Children's Data

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you are a parent or guardian and believe we have collected information from your child, please contact us immediately at privacy@iden2.com. We will take steps to remove such information.

For family travel or group bookings where a parent or guardian may provide information about minors, we implement additional safeguards to protect the privacy of children.

Changes to this Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of any material changes by:

• Posting the updated Privacy Policy on our website

• Sending you an email notification

• Displaying a notice in our application

How to Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us at:

Iden2, Inc. Email: privacy@iden2.com Postal Address: 30 N Gould St Ste R, Sheridan, WY 82801, USA Privacy Officer: dpo@iden2.com

For users in the Asia-Pacific region, you can also contact our regional representatives:

• Singapore: apac-privacy@iden2.com

• Australia: au-privacy@iden2.com

Your Right to File a Complaint

You have the right to file a complaint with a data protection authority or regulator about our collection and use of your personal information. For users in the Asia-Pacific region, this includes filing complaints with:

• Singapore: Personal Data Protection Commission

• Australia: Office of the Australian Information Commissioner

© Iden2, Inc., 2025. All rights reserved.