Guides

Data Handling

How FileSpin manages, secures and deletes Face Data

Data Collection and Storage

  • Facial Embeddings: Our system uses face embeddings or vectors. These are mathematical representations of facial features, not directly identifiable images.
  • Temporary Storage: Embeddings are stored temporarily for processing and matching purposes only.
  • Encryption: All facial data is encrypted at rest and in transit using industry-standard encryption protocols.
  • Data Separation: Customer data is logically separated to prevent unauthorized access.
  • Search Images: Input images provided for search are discarded when the search request completes. These images are not retained by the system.
  • User Data: Face Recognition & Search Addon does not store any metadata except the Face Embeddings to provide face recognition and search.

Data Retention and Deletion

  • Data Retention: Face embeddings are stored securely and are encrypted at rest.
  • Data Deletion: We provide APIs for programmatic deletion of all Face data. Facial data is purged upon Face Data Delete API request.

Security and Compliance

  • Infrastructure: We use AWS infrastructure, which adheres to strict security standards and best practices.
  • Independent Review: Our system has undergone a well-architected review by an independent, AWS-approved reviewer.
  • Compliance: We comply with relevant data protection regulations (e.g., GDPR, CCPA) as applicable.
  • Privacy Agreement: Our SaaS agreement includes comprehensive privacy clauses signed by all parties.

Transparency and Control

  • Audit Logs: We maintain detailed logs of all data access and processing activities.
  • Access Controls: Strict role-based access controls are in place to limit data access to authorized personnel only.
  • Customer Control: You have control over when facial recognition is applied to assets and can request data deletion at any time using the Deletion API.

Responsibilities

  • You are responsible for:-
    • ensuring privacy and data compliance of images used for Face Recognition
    • calling Face Data Delete API to delete a Face Embedding
  • We are responsible for:-
    • providing Face Recognition and Search securely using secure access protocols
    • storing Face Embeddings encrypted at rest
    • deleting Face embeddings when Face Data Delete API is called