Illustration

Identity Key’s Privacy Policy

Version 1.2 – Last modified August 18, 2020

Identity Key puts you in control of how your data is used, stored, and shared by providing mobile, web, and desktop applications (App) that integrate with Self-Sovereign Identity (SSI) trust networks.

SSI provides a way to verify the source of information (Issuer) by establishing a unique, secure, direct line of communication between a data holder (You) and a data verifier (Recipient). This provides a layer of trust, while preserving privacy and ensuring data protection.

The purpose of the App is to quickly authenticate or release personal, verified data that you store and manage yourself on your device.

Neither Identity Key nor third parties have access to personal data that you manage via the App unless you explicitly release it. All data that you manage via the App will be stored on your device and will not be sent unless you explicitly consent to the sending of such data.

Data transmissions facilitated by Identity Key (Mediator) are always encrypted and can only be decrypted by You and the Recipient. You are strongly encouraged to consider any Recipient’s (as a responsible person) data protection declarations, who may process your personal data.

If you have any questions about these terms, we encourage you to contact us by email, or regular mail using the addresses below;

Identity Key (Cayman) Limited
PO Box 30089
Seven Mile Beach, Grand Cayman
Cayman Islands, KY1-1201

Email: privacy@identity.ky

Accessing, downloading, or using applications and services, will denote agreement with the Privacy Policy without any obligations. Please refrain from accessing, downloading, or using applications and services if you do not fully agree to the privacy policy.

How Your Personal Data Is Collected

Your Data

Identity Key is designed to provide a secure method for consumers to maintain and share identity-related information, in the form of digital certificates (“verifiable credentials”), with individuals and organisations alike. Verifiable credentials are stored on the end-user’s device. Where the end-user chooses to upload his or her data to the cloud (for example for back-up purposes), the data may be hosted on our servers or through third-party cloud service providers. Encryption keys relating to your encrypted data, may also be held. In situations where Identity Key provides the data hosting service, your data is held in an encrypted form that does not enable the identification of specific individuals.

Agents

An Agent within a self-sovereign identity ecosystem refers to something more specific than just a “user agent” or a “software agent”.

The Identity Key Wallet is an Agent that manages your credentials and makes a connection to other Agents. This type of agent can be referred to a “mobile” or “edge” or “rich” Agent.

Agents are also 1) cloud-based services where agents can communicate and expose stable endpoints; called a “cloud” or “routing” agent and 2) can issue credentials; called an “on-prem” or “edge” or “advanced” agent. In situations where Identity Key hosts these Agents for a third-party (client), encoded data is received relating to the client and the client’s “customer” (you). This data enables the client to identify and interact with you when using the Identity Key Wallet or Apps.

Personal data records that are received in the function of providing data hosting and back-up services are processed on behalf of the client for the purpose of supporting the client in delivering identity credential-related and digital wallet services to you. Data transmissions facilitated by Identity Key (Mediator) and accepted by you, are always encrypted and can only be decrypted by You and the Client. You are strongly encouraged to consider any Client’s (as a responsible person) data protection declarations, before agreeing to share your personal data with an Agent.

Identity Key Website

Cookies

The Identity Key website uses cookies in the form of session IDs. These small pieces of information are temporarily stored on your computer and deleted after leaving the browser session. Session IDs are used to provide a more user-friendly experience. An example of this is permanently displaying text in a language of choice. Session IDs are usually accepted automatically by the browser, but can be deactivated at your discretion.

Communication

If you contact Identity Key by email or contact form, personal data voluntarily communicated will be automatically saved for the purpose of responding or processing your request. These items include salutation, first name, last name and email.

Analytics

We use Google Analytics tools to help collect, measure and analyze web-traffic and usage trends in connection with our website and other Digital Channels. This allows us to understand, among other things, who is using the Digital Channels, how they are using them, and ways to improve the Services. Such third-party analytics tools and services may use cookies and persistent device identifiers to collect and store information including, but not limited to time of visit, pages visited, time spent on each page, IP address, unique device ID, advertising tags and type of operating system used.

You can opt-out or obtain more information on tracking from Google Analytics.

How We Use Information

We use your information to:

  • Respond to your inquiries;
  • Communicate with you about our business, products, and services, including through newsletters and other similar materials;
  • Send you promotional materials and updates about our business, products, and services;
  • Assess the effectiveness of our marketing efforts;
  • Analyze and improve the functionality of our website;
  • Improve our products, services, and business;
  • Prevent, detect, or investigate security concerns, including fraud;
  • Comply with applicable laws, regulations, or industry requirements; and
  • Fulfill any other purpose that you have requested or consented to.