NoahFace is committed to the highest standards of privacy. As such we provide you with comprehensive facilities to help you comply with local privacy and biometric legislation around the world, including the following:
You should of course seek your own professional and independent legal advice on your compliance with all relevant local legislation.
Privacy Requirements
The common privacy requirements that have emerged and that NoahFace addresses are as follows:
Notice and Consent
NoahFace displays a simple privacy statement that employees actively consent to during registration. This privacy statement explains what data is captured, what it is used for, and when it is destroyed.
No Surveillance
NoahFace does not capture and store video under any circumstances. NoahFace only uses facial recognition to identify those that consent.
Non-Biometric Options
NoahFace supports identification using passcodes or QR codes, both for individual employees that do not consent to the use of facial recognition, as well as system wide. NoahFace also supports a personal mobile App.
Minimization of Data
NoahFace only captures data that is absolutely necessary for business purposes. For example, it captures the date and time that employees clock in and out for work, so they can be accurately paid.
Retention and Destruction
NoahFace automatically destroys clocking data after a configured retention period (from 1 month to 7 years), and destroys biometric data as soon as employee relationships end.
Individual Rights
NoahFace allows employee data to be queried, updated, exported, and deleted, so that you can easily satisfy individual data access requests.
No Commercial Use
NoahFace does not use personal data for commercial purposes, nor do we sell, lease or disclose personal data to third parties.
Data Security
NoahFace includes comprehensive data storage, transmission and protection features, including encrypting data in transit and at rest. All data is stored securely within Amazon Web Services.
Security at a glance
Our reputation is built on the security of your data. We therefore take extensive measures to ensure that your data remains protected, including:
SOC 2 Security Compliance
As part of our ongoing commitment to protecting our customer's data, NoahFace has successfully completed a SOC 2 Security Audit. The SOC 2 Type I audit, completed by Johanson Group LLP, demonstrates that our systems are appropriately configured and our policies address the SOC 2 security requirements.
World Class Providers
NoahFace has chosen to build our business and our platform on secure foundations. Our kiosks run exclusively on the Apple iPad, and our Dashboard and Data Storage is hosted in Amazon Web Services (AWS). We selected these providers because of their clear focus on privacy and data security.
Data Encryption
NoahFace uses industry standard data encryption to protect your data while it is in transit and at rest.
Automation
NoahFace uses automation to avoid data leakage caused by human error. For example, NoahFace automatically destroys data after a configurable retention period and even automatically disables logins that have not been used for an extended period.
You are in Control
NoahFace gives you the flexibility to determine where your data is stored, how long it is retained, and who has access to it. You can even configure comprehensive password rules and use two-factor authentication.
Individual Rights
NoahFace allows employee data to be queried, updated, exported, and deleted, so that you can easily satisfy individual data access requests.
NoahFace uses facial recognition so that employees can identify themselves by simply presenting themselves at an iPad based kiosk. Employees find this process fast, convenient, and safe. Read on to learn more:
What are biometrics?
In the context of facial recognition, biometrics are a series of facial measurements, such as the distance between your eyes, the distance between your chin and mouth, etc, that together can uniquely identify your face.
How are biometrics captured?
Employees present themselves at an iPad based kiosk, identify themselves (eg: using a password), consent to a simple privacy statement, and their photo is taken. Their biometrics are then automatically extracted from this photo.
Is the use of facial recognition optional?
Yes. NoahFace supports identification using passcodes or QR codes, both for individual employees that do not consent to the use of facial recognition, as well as system wide. NoahFace also supports a personal mobile App.
Where are biometrics stored?
You have the flexibility to decide whether you want to store biometrics only on individual iPads or also in the Cloud.
When are biometrics deleted?
NoahFace automatically destroys biometrics when an employment relationship ends. You can also manually delete biometrics, for example, if an employee removes their consent.
Can biometrics be exported?
No. There is no mechanism to export biometrics from NoahFace.