Below you will find a very brief summary of how we manage your personal data. If you want more information, scroll down for the extended text.
The FastID-app is created and made available by FastID, Melkeppe 24, (2498 CV) Den Haag, the Netherlands.
By using the app we process the following categories of your personal data: e-mail address (at registration) and the information you add to your profile for using the app.
With the exception of the parties with whom we collaborate as mentioned under point 4, we only transfer your personal data on to third parties after you have given us explicit consent to do so and related to specific use-cases.
We have put in place appropriate security measures to prevent your information from being lost, used or accessed in an unauthorised way. If you feel that your personal data is not properly secured or there are indications of abuse, do not hesitate to contact us.
Under certain circumstances, you have rights in relation to your personal data, including the right to access, correct, erase and withdraw your consent. Please send a request to: firstname.lastname@example.org. In case you are unhappy with the way we treat your personal data or request, you can complain to the regulator.
The vision of FastID is based on the idea that the consumer should be the one to have full ownership and control of its personal data and identity. With FastID the ID and the personal data from the user is stored encrypted only on the mobile phone of the user. This means that only the user can access the data, and that only the relevant data will be shared with explicit consent of the user.
FastID fully adheres to the applicable privacy rules in all processing activities, such as those included in the General Data Protection Regulation (GDPR).
Please find our contact details below:
FastID B.V.Melkeppe 24
2498 CV Den Haag
In case you have any questions relating to data protection, please contact us via email@example.com.
The design of the FastID-app is such that personal data is stored exclusively on the telephone of the user. In the registration process for the FastID-app, FastID will only request the email address from the user to confirm the installation of the FastID-app, and in order to contact the user in case that is needed for the delivery of the service.
Furthermore, we may process the personal data that is voluntarily provided by users and stored in the FastID-app. This means that FastID may collect, store, and use personal when it is voluntarily submitted to us by the user. Examples of such personal data are name, address, place of residence, telephone number, passport data and facial photo.
Other than the email address FastID has no access to any personal data the user stores in the FastID-app.
Apart from the processing of the email address of the user, which FastID needs to deliver the service, the legal basis for the processing of all personal data is explicit consent. Before processing or transferring any personal data of the user and in every specific use-case, explicit consent from the user will be asked.
The user will be given the opportunity to withdraw their consent at any time, after which the processing will be terminated.
FastID will not transfer your personal data to third parties without your explicit consent, unless this is necessary to comply with a judicial proceeding, court order or legal process. In addition, parties with whom we collaborate to make the services possible (so-called sub-processors) have access to your personal data in certain cases. We have made agreements with these parties about, among other things, the way in which personal data is processed and the security requirements. Below is a summary of the sub-processors with whom FastID cooperates with regard to the service:
Amazon Web Services - data hosting back-end (servers within the EEA)
Amazon Rekognition - facial recognition (optional)
Oracle OPERA PMS - transfer reservation data (optional for hotels)
Mews PMS - transfer reservation data (optional for hotels)
Trask ZenID - liveness check / verification document / performing and improving the fraud check.
20Face - facial recognition (optional)
We have taken appropriate security measures to protect your personal data against unauthorized access to or unauthorized alteration, disclosure, or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems where we store personal data. In the agreements with the third parties, we work with, we have agreed the same measures to ensure that their security level is also sufficient to protect your personal data.
Under the General Data Protection Regulation (GDPR) users may exercise certain rights regarding their personal data processed with the use of the FastID-App:
- Withdraw consent: you can withdraw your consent at any time by sending us an email.
- Access: you have the right to access your personal data.
- Rectification: if it appears that your personal data is incorrect, you can ask us to update or correct your data.
- Restrict: under circumstances you have the right to ask us not to process your data for any purpose other than just storing it.
- Delete: you can also request us to delete personal data and stop using it.
- Data portability: you have the right to receive your data to have it transmitted to another controller.
- Object: you have the right to object to the processing of your data if the processing is carried out on a legal basis other than consent.
The app is designed in such a way that FastID does not have access to the data that the user has included in it. The user himself is the only person who can add, correct and delete data.
If you have a question about the processing of your personal data, or in case you want to exercise the above-mentioned rights, please contact us via firstname.lastname@example.org. Your requests shall be exercised free of charge and will be addressed by us as early as possible and always within one month.
If you are not satisfied with the way in which we handle your personal data or related requests and/or questions, you can also submit a complaint to Dutch Data Protection Authority via: https://autoriteitpersoonsgegevens.nl.
Latest update: 19 September 2023