Privacy Policy

FaceRec - Smartery LLC

Last updated: July 1, 2025

1. Introduction

Welcome to FaceRec. This Privacy Policy describes how Smartery LLC ("we", "our") collects, uses, stores, shares, and protects your information when you use our mobile application FaceRec (the "Application") and our services.

Our commitment is to your security and the protection of your privacy. By using the Application, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect different types of information to provide and improve our service to you.

a) Information You Provide Directly:

Personally Identifiable Information (PII):

We collect data such as full name, document numbers (ID, SSN), mother's name, father's name, and date of birth. This data is used to create a unique profile and link your civil identity to your biometric data.

Contact Information:

We collect your email address and phone number. These are used exclusively for essential communications about your account, such as password recovery, technical support, and security notifications. We do not use your contact information for marketing purposes.

Address Information:

We collect your physical address for registration purposes.

b) Biometric Data (Sensitive Data):

Facial Recognition Data:

When you use the Application, we may collect images of your face and identification documents to generate a biometric model (embedding).

Fingerprint Data:

We may collect your fingerprint data to generate a corresponding biometric model.

Purpose:

This biometric data is used exclusively for authentication and security identification purposes within the platform, ensuring that only you can access your account and be verified in our systems.

c) Automatically Collected Information:

Unique Device Identifier (device_id):

We collect a unique and persistent identifier from your mobile device. This ID is essential for the Application's operation and is used exclusively for:

  • Licensing the use of the application on your device.
  • Ensuring secure authentication and linking your session to your hardware.
  • Controlling access to our API resources.

Geographic Location Data:

We collect the latitude and longitude coordinates of your device at the time of registration and during security events. The purpose is to record the geographic origin of important operations and, in the future, to allow mapping of visited locations within the platform as part of your security activity history.

Usage and Analytics Data:

We use analytics tools to collect information about how you interact with our Application. This data, such as crash reports and feature usage statistics, is generally aggregated and anonymized and helps us identify issues, improve stability, and enhance the user experience.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Provide and Maintain the Service: To operate the Application and allow your secure access.
  • Manage Your Account: To create and manage your profile, and to identify you as a unique user.
  • Security: To verify your identity, prevent fraud, and protect the integrity of our platform.
  • Communications: To send important notifications, security updates, and respond to your support requests.
  • Product Improvement: To understand how our services are used and to develop new features and improvements.
  • Legal Compliance: To comply with legal and regulatory obligations.

4. Information Sharing

We do not sell, rent, or trade your personal information with third parties. Data sharing occurs only under the following circumstances:

  • Service Providers: We use infrastructure providers to host our data and services, such as Google Cloud. These providers act as our sub-processors and are contractually obligated to protect your information with the highest security standards.
  • Analytics Tools: We share aggregated and anonymized usage data with analytics tools, such as Google Analytics for Firebase and Crashlytics, for service monitoring and improvement.
  • Within the Platform ("Spots"): Your data is segmented by client ("Spot"). Information from a user registered in a Spot is visible only to administrators and authorized systems of that specific Spot. There is no data sharing between different clients' Spots.
  • Legal Obligations: We may disclose your information if required by law or by valid court order to protect our rights, your safety, or the safety of others.

5. Data Storage and Security

The security of your data is our priority. We implement technical and organizational security measures to protect your information, including:

  • Encryption: We use encryption for data in transit (HTTPS/TLS).
  • Access Control: We adopt strict access control policies to ensure that only authorized personnel can access sensitive data.
  • Secure Infrastructure: Your data is stored on secure servers provided by Google Cloud, which adheres to global security standards.

6. Data Retention

We will retain your personal and biometric information as long as your account is active or as necessary to provide services to you.

If you decide to delete your account, your data will be permanently removed from our production systems within a reasonable period (generally up to 90 days), unless we are required by law to retain certain information for a longer period.

7. Your Privacy Rights (LGPD)

In accordance with Brazil's General Data Protection Law (LGPD), you have the right to:

  • Access your information.
  • Correct incomplete, inaccurate, or outdated data.
  • Request anonymization, blocking, or deletion of unnecessary data or data processed in non-compliance with the law.
  • Request the portability of your data to another service provider.
  • Request the deletion of your personal data processed with your consent.
  • Revoke your consent at any time.

To exercise any of these rights, contact us at: [email protected].

8. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not intentionally collect personally identifiable information from minors. If you are a parent or guardian and discover that your child has provided us with personal information, please contact us so we can take the necessary measures.

9. Changes to This Privacy Policy

We may update our Privacy Policy periodically. We will notify you of any changes by posting the new policy on this page and, if the change is significant, through an in-app notification or by email.

10. Contact

If you have any questions about this Privacy Policy, please contact us:

Smartery LLC

Email: [email protected]

Essential Google Play Requirement: Prominent Disclosure

To comply with Google's rules, before requesting camera, location, or biometric permissions, you need to display a screen within your application. This screen must be clear and obtain explicit user consent.

Example Text for the Prominent Disclosure Screen in the App:

FaceRec Permissions and Data Usage

To ensure your security and the proper functioning of the application, we need your permission to access some features of your device.

Camera Permission

What we use it for: We use the camera to capture your face photo and images of your identity documents. This data is essential for our facial recognition and identity verification process, which is the core of our security service.

Location Permission

What we use it for: We collect your geographic location to record where registrations and security events occur, increasing traceability and operational security.

Biometry/Fingerprint Permission

What we use it for: If applicable, we use the fingerprint sensor for biometric registration and verification, offering an additional layer of security.

Device Identifier (device_id)

What we collect: We access a unique identifier from your phone to license the use of the application and ensure that your account is secure and linked to this device.

By continuing, you agree to the collection and use of this data as described in our Privacy Policy.