This site uses cookies to store information on your computer, which provides functionality to our site and assists in providing our service. For more information see our Cookie Policy here. Please click "I Accept" to agree to our use of cookies.
Did you know you can access the Social Security Administration with your ID.me account? Learn more about how ID.me can help you access your SSA benefits.
Version: 1.1.0
Last updated: 2024-10-22
ID.me is committed to protecting your Personal Information in its role as a Data Controller of the Personal Information we collect from and about our users. This Notice, in conjunction with the general ID.me Privacy Policy, explains how we process, disclose, transfer, and store your Personal Information in accordance with the General Data Protection Regulation (“GDPR”) which establishes the applicable data protections for individuals residing in the European Union (EU) and United Kingdom (UK). For additional information about how ID.me may use your Personal Information, including the third-parties with whom it may be shared, please see the ID.me Privacy Policy.
Your use of ID.me’s Services demonstrates your review and acceptance of the ID.me Terms of Service and Privacy Policy, and shall be understood as consent for ID.me to collect, process, and retain your Personal Information.
We collect and process your Personal Information for the following purposes:
We may collect the following types of Personal Information, additional details may be found in the general ID.me Privacy Policy:
We rely on the following legal bases for processing your Personal Information, additional details may be found in the general ID.me Privacy Policy:
ID.me complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. ID.me has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of Personal Information received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in ID.me’s Privacy Policy or Notice to Residents of the EU an UK, and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
ID.me is based in the United States, all data processing and storage shall occur within the United States. ID.me may transfer your Personal Information to carefully selected service providers, business partners, and other third parties for the purposes described in the ID.me Privacy Policy.
With respect to personal data received or transferred pursuant to the Data Privacy Frameworks, ID.me is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the Data Privacy Frameworks, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain Personal Information relating to you in the United States. Upon request, we will provide you with access to the Personal Information that we hold about you. You may also correct, amend, or delete the Personal Information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the Data Privacy Frameworks, should direct their query to [email protected]. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your Personal Information, please submit a written request to [email protected].
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
ID.me’s accountability for personal data that it receives in the United States under the Data Privacy Frameworks and subsequently transfers to a third party is described in the Data Privacy Framework Principles.
In particular, ID.me remains responsible and liable under the Data Privacy Framework Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Data Privacy Framework Principles, unless ID.me proves that it is not responsible for the event giving rise to the damage.
We will retain your Personal Information and account history for up to 3 years following account closure for the detection and prevention of fraud on the ID.me platform. For additional details regarding ID.me’s retention of your Biometric Information, please review the Biometric Information Privacy Policy.
Under GDPR, you have the right to:
In order to exercise these rights you must submit a verified request via your ID.me Account, for additional questions or concerns please contact our support team.
You have the right to withdraw your consent at any time by closing your ID.me account. If you withdraw consent, it will not affect our processing performed before its withdrawal. ID.me will continue to retain certain Personal Information in account with the terms disclosed in our general Privacy Policy, as required for legal and compliance purposes as well as for the prevention and detection of fraud on the ID.me platform.
ID.me takes your concerns and rights very seriously. However, if you believe that we have not responded in an appropriate manner to your complaints or concerns, or if you believe your rights have been infringed, you have the right to lodge a complaint with the relevant supervisory authority.
In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, ID.me commits to resolve complaints about our collection or use of your Personal Information transferred to the U.S. pursuant to the EU-U.S. DPF. EU and UK individuals with inquiries or complaints should first contact [email protected].
ID.me has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf
If you have any questions or concerns about your Personal Information or this notice, please contact our Data Protection Officer at [email protected].
Corporate Address.
ID.me, Inc. 8280 Greensboro Drive, Suite 800 McLean, VA 22102
For Users and Customers.
Member Service Inquiries may be directed to our support team.
For Legal Notices.
For Legal Notices.Legal notices may be directed to [email protected].
Copyright © 2024 ID.me, Inc. All rights reserved.
This site uses cookies to store information on your computer, which provides functionality to our site and assists in providing our service. For more information see our Cookie Policy here. Please click "I Accept" to agree to our use of cookies.