Back to KEYS

Last updated March 27, 2026

Privacy Policy

How KEYS handles identity and consent data.

This Privacy Policy explains what information KEYS collects, why it is processed, how it is shared to operate identity verification and citizen services, and what controls users can expect.

1. Scope

KEYS provides account access, identity verification, consent logging, profile management, and QR-based verification workflows. This policy applies to the KEYS landing site, mobile app, and related support interactions that reference this document.

2. Information KEYS collects

Depending on the feature in use, KEYS may collect:

  • account identifiers such as email address and provider subject ID
  • profile details supplied during onboarding or account maintenance
  • identity verification records, consent logs, and support requests
  • technical and security logs needed to operate, secure, and audit the service

3. How information is used

KEYS uses personal information to:

  • authenticate users and recover access to accounts
  • run KYC and verification workflows initiated by the user
  • generate QR credentials and support staff-side validation flows
  • maintain auditability, fraud controls, and operational security
  • respond to support requests, legal obligations, and service notices

4. Legal basis and consent

Where required, KEYS relies on user consent before recording privacy policy, terms, KYC, and data-processing acknowledgements. KEYS may also process data when needed to perform requested services, comply with law, and protect the security and integrity of the platform.

5. Sharing and processors

KEYS shares information only with service providers and operators needed to deliver the platform, such as authentication, database, storage, verification, and infrastructure vendors. Information may also be disclosed to authorized government or legal parties when required by law or by a user-authorized service flow.

6. Retention

KEYS retains records only as long as reasonably necessary for account operations, compliance, fraud prevention, dispute handling, and audit obligations. Retention periods may vary depending on the record type and the legal or contractual context tied to that record.

7. Security controls

KEYS uses technical and organizational safeguards intended to reduce unauthorized access, disclosure, alteration, or loss. These controls include access restrictions, encrypted transport, audit logging, and role-based handling for sensitive workflows.

8. User choices

Users may request support regarding:

  • access to the information associated with their account
  • correction of inaccurate or outdated profile data
  • closure or deletion requests, subject to legal retention duties
  • questions about recorded consent and verification activity

9. Children and sensitive information

KEYS is intended for authorized users of supported services. If a workflow requires sensitive identity data, KEYS expects that collection and processing to remain limited to the minimum needed to complete the requested verification or service action.

10. Policy updates

KEYS may update this policy as product, legal, or operational needs change. Material updates should be reflected on this page with a revised effective date.

11. Contact

For privacy questions related to KEYS, contact the operator through the official support or product channel associated with your deployment of the service.