Effective date: January 1, 2026 · Last updated: May 1, 2026
We collect information that you provide directly to us, such as when you request a demo, contact our team, or subscribe to our newsletter. This may include your name, email address, company name, and phone number. When you use FaceLink's biometric access solutions, facial recognition data ("biometric data") is processed in real time to verify identity. We do not store raw facial images beyond the verification event unless you explicitly opt in to a profile-enrollment service and consent to ongoing storage. We also collect standard technical data such as IP addresses, browser type, and usage logs when you visit our website.
We use collected information to: • Provide, operate, and improve our biometric access products • Respond to your inquiries and support requests • Send transactional emails and, where consented, marketing communications • Comply with legal obligations and enforce our agreements • Prevent fraud, abuse, and security incidents Biometric data is used solely for identity verification and access-control purposes defined at deployment time. It is never sold to third parties or used for advertising.
FaceLink treats biometric data as a special category requiring heightened protection. We: • Process biometric data only with explicit informed consent or pursuant to a lawful contractual necessity • Apply AES-256 encryption at rest and TLS 1.3 in transit for all biometric templates • Retain biometric templates only for the period necessary to fulfil the stated access-control purpose • Honour deletion requests promptly and purge templates within 30 days of request Where applicable, we comply with Illinois BIPA, Texas CUBI, Washington My Health MY Data Act, and the EU GDPR Article 9 requirements for processing special category data.
We do not sell, rent, or trade your personal information. We may share data with: • Service providers acting as processors under data processing agreements (e.g., cloud infrastructure, analytics) • Partners (Cognitec Systems, Face4System) strictly for system interoperability purposes • Law enforcement or regulatory bodies when required by applicable law • Acquirers in the event of a merger or acquisition, subject to the same privacy commitments All third-party processors are contractually obligated to protect your data and use it only for specified purposes.
We retain personal data only as long as necessary for the purposes described in this policy or as required by law. Biometric templates are deleted upon termination of the access-control relationship or within 30 days of a deletion request. Website analytics data is retained for 24 months.
Depending on your jurisdiction, you may have the right to: • Access the personal data we hold about you • Correct inaccurate or incomplete data • Request deletion ("right to be forgotten") • Object to or restrict certain processing activities • Receive a portable copy of your data • Withdraw consent at any time without affecting prior lawful processing To exercise any of these rights, email us at privacy@facelinkpr.com. We will respond within 30 days.
Our website uses essential cookies required for operation and, with your consent, analytics cookies to understand how visitors interact with our site. You can manage or withdraw cookie consent at any time via your browser settings. We do not use cross-site tracking cookies or behavioural advertising.
We implement industry-standard administrative, technical, and physical safeguards including SOC 2 Type II certified infrastructure, role-based access controls, penetration testing, and continuous monitoring. However, no system is completely immune to security incidents, and we encourage users to practise good security hygiene.
Our services are not directed at children under 13. We do not knowingly collect personal data from children. If we learn that we have inadvertently collected such data, we will delete it promptly.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on our website or by email. Continued use of our services after the effective date constitutes acceptance of the revised policy.
For privacy-related inquiries or to exercise your rights, contact our Data Protection Officer at: Email: privacy@facelinkpr.com Mail: FaceLink LLC, Privacy Office, Puerto Rico, United States