Effective Date: 14/07/2025

Last Updated: 14/07/2025

Welcome to IT’s SAFE, powered by Keyless. We take your privacy seriously and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including biometric authentication and secure access control solutions.

1.1 Who We Are

IT’s SAFE is a provider of zero-knowledge biometric authentication technology. We enable secure, passwordless access to digital and physical environments without storing biometric data.

1.2 What Data We Collect

Depending on your use of our services, we may collect:

• Personal Identification Data: Name, email address, company, role (if applicable)

• Biometric Data: Facial recognition templates (processed locally, never stored or transmitted)

• Device & Usage Data: Device ID, browser type, IP address, access time, and location (for contextual access control)

• Access Logs: Time, location, and nature of access attempts

1.3 How We Use Your Data

We use your data to:

• Verify your identity securely and privately

• Provide authorized access to physical and digital spaces

• Improve system performance and security

• Maintain compliance with legal and regulatory requirements

• Provide technical support and service updates

1.4 Zero-Knowledge Architecture

Your biometric data is never stored on our servers or transmitted to the cloud. Our system uses zero-knowledge cryptography to authenticate without revealing or retaining your identity information.

1.5 Sharing of Data

We do not sell your personal data. We may share anonymized or aggregated data with:

• Service providers who help us operate (under strict data processing agreements)

• Authorities, if required by law or for legal proceedings

1.6 Your Rights

Depending on your jurisdiction, you may have the right to:

• Access your personal data

• Request correction or deletion

• Object to or restrict processing

• Withdraw consent

• Lodge a complaint with a data protection authority

For EU users, these rights fall under the GDPR. For California residents, CCPA and CPRA rights apply.

1.7 Data Retention

We retain only necessary data for as long as required to fulfill the purposes described above, or as required by law.

1.8 Security Measures

We implement industry-standard security controls, including:

• End-to-end encryption

• Local biometric processing

• Role-based access controls

• Continuous monitoring and audit logs

1.9 International Transfers

Your data may be processed outside your home country. We ensure that such transfers comply with applicable data protection laws, including the use of Standard Contractual Clauses (SCCs) where necessary.

1.10 Cookies and Tracking

Our website may use cookies and similar technologies for analytics and functionality. You can manage your cookie preferences through your browser settings.

1.11 Contact Us

If you have questions about this policy or wish to exercise your rights, contact us at:

Email: legal@its-safe.eu