How FileSpin manages, secures and deletes Face Data
Data Collection and Storage
- Facial Embeddings: Our system uses face embeddings or vectors. These are mathematical representations of facial features, not directly identifiable images.
- Temporary Storage: Embeddings are stored temporarily for processing and matching purposes only.
- Encryption: All facial data is encrypted at rest and in transit using industry-standard encryption protocols.
- Data Separation: Customer data is logically separated to prevent unauthorized access.
- Search Images: Input images provided for search are discarded when the search request completes. These images are not retained by the system.
- User Data: Face Recognition & Search Addon does not store any metadata except the Face Embeddings to provide face recognition and search.
Data Retention and Deletion
- Data Retention: Face embeddings are stored securely and are encrypted at rest.
- Data Deletion: We provide APIs for programmatic deletion of all Face data. Facial data is purged upon Face Data Delete API request.
Security and Compliance
- Infrastructure: We use AWS infrastructure, which adheres to strict security standards and best practices.
- Independent Review: Our system has undergone a well-architected review by an independent, AWS-approved reviewer.
- Compliance: We comply with relevant data protection regulations (e.g., GDPR, CCPA) as applicable.
- Privacy Agreement: Our SaaS agreement includes comprehensive privacy clauses signed by all parties.
Transparency and Control
- Audit Logs: We maintain detailed logs of all data access and processing activities.
- Access Controls: Strict role-based access controls are in place to limit data access to authorized personnel only.
- Customer Control: You have control over when facial recognition is applied to assets and can request data deletion at any time using the Deletion API.
Responsibilities
- You are responsible for:-
- ensuring privacy and data compliance of images used for Face Recognition
- calling Face Data Delete API to delete a Face Embedding
- We are responsible for:-
- providing Face Recognition and Search securely using secure access protocols
- storing Face Embeddings encrypted at rest
- deleting Face embeddings when Face Data Delete API is called