GDPR is not a new law, it is an update to existing data protection law, but we are already implementing many of the elements of GDPR as privacy and security are core to our design and principles. Protecting personal data is paramount. We are ISO 27001 compliant and our technology undergoes regular penetration testing by leading security consultancies.
Here is how Yoti puts into practice several key GDPR principles and requirements, helping you do more compliant identity/age verification and authentication.
Privacy by design
Yoti offers out of the box identity verification, authentication and login. It’s a single privacy by design solution - not a combination of processes, systems, access controls and data handling practices that must be joined up.
A better way to know your customers using biometrics
Yoti brings biometric security to your verification, authentication and login needs - allowing you to trust the identity of your customers.
Less data to worry about
Individuals create one verified digital identity using their biometrics and ID document details. You can prove people are genuine using fewer personal data credentials and no more copies of ID documents.
Our easy to use Hub helps businesses manage personal data requirements - along with a simple interface that securely connects you with customers in seconds. It’s a modern identity solution.
Our security by design stores data in Tier 3 data centres so you don't need to store your customer’s data. Each data type (such as name, date or birth, photo) is held separately and encrypted in secure servers which means that there is no way of combining the data to build a full profile of your customers.
Better transparency and audit trail
We clearly present your customers with the details you are requesting, and offer the choice of whether to share them. Both the customer and you get a receipt showing what data was shared and when. You can also present an appropriate privacy notice before details are shared.
An identity provider you can trust
Yoti is built on principles of privacy, transparency and trust - we have an independent Guardian Council to ensure we act in the best interests of the people who use Yoti. Here’s our approach.
If you have more questions, you can check our dedicated GDPR page here (add link). Also see our FAQ for individuals on how the Yoti app implements several key GDPR principles and requirements. Or you can contact Customer Support.