Biometric Consent Policy

1 Purpose of Biometric Data Processing

BIOPIA collects and processes palm vein biometric data exclusively for the following purposes:

• Secure identity authentication: Verifying that the individual presenting a palm at a BIOPIA-enabled terminal or device is the registered account holder, without requiring a password or PIN.
• Password-free login: Enabling seamless, frictionless access to BIOPIA services and linked merchant loyalty programs through palm recognition.
• Payment and transaction authorization: Authorizing financial transactions, loyalty redemptions, and access control events at BIOPIA merchant terminals where palm authentication is the designated authorization method.

Biometric data is not used for any purpose beyond those listed above. It is not used for advertising, behavioral profiling, identity verification for third parties, law enforcement cooperation beyond legal obligation, or any secondary commercial purpose.

2 Explicit Consent Requirements

2.1 Nature of Consent

BIOPIA processes biometric data solely on the basis of your explicit, freely given, specific, informed, and unambiguous consent, as required under applicable data protection law including GDPR Article 9(2)(a) and equivalent biometric privacy frameworks. Consent is not a condition of general access to BIOPIA services where non-biometric alternatives exist.

2.2 Consent at Enrollment

Before any biometric data is collected, you will be presented with a clear, plain-language consent screen within the BIOPIA application that:

• Identifies the specific biometric data being collected (palm vein feature vectors);
• States the purposes for which it will be used;
• Explains how it will be stored and protected;
• Discloses the retention period;
• Explains how to withdraw consent and the consequences of doing so;
• Provides a link to this Biometric Consent Policy in full.

Enrollment proceeds only after you actively confirm your consent by completing a deliberate affirmative action. Pre-ticked boxes, implied consent, or consent bundled with general terms of service are not used for biometric enrollment.

2.3 No Processing Without Consent

No biometric data is collected, processed, stored, or transmitted at any stage prior to the receipt of your explicit consent. Attempting to use BIOPIA services that require biometric authentication without completing enrollment will result in a prompt to enroll, not in silent data collection.

2.4 Withdrawal of Consent

You may withdraw your consent to biometric data processing at any time, without penalty. Withdrawal may be effected through:

• The "Biometric Settings" section within the BIOPIA application;
• A written request submitted to support@biopia.ai with the subject line "Biometric Consent Withdrawal."

Upon receipt of a verified withdrawal request, BIOPIA will permanently delete all biometric feature vectors associated with your account within 72 hours. You will receive written confirmation of deletion.

3 Data Handling and Security

3.1 Encryption at Rest

All biometric feature vectors stored by BIOPIA are encrypted at rest using AES-256. Encryption keys are managed through a dedicated key management system with access restricted to automated authentication processes only. No human operator has routine access to decrypted biometric data.

3.2 Encryption in Transit

All transmission of biometric data between the BIOPIA application, BIOPIA terminals, and BIOPIA servers is encrypted using TLS 1.3. Connections using TLS 1.2 or earlier are rejected. Certificate pinning is implemented in the BIOPIA mobile application to prevent man-in-the-middle attacks.

3.3 Isolated Storage Architecture

Biometric feature vectors are stored in a dedicated, logically isolated database partition that is physically and logically separated from all other personal data including your name, email address, account identifiers, and transaction history. The biometric store and the identity store are linked only through an internal pseudonymous reference identifier.

3.4 Access Controls

Access to the biometric data store is restricted to:

• Automated authentication processes operating under strict service account controls;
• Security engineers responding to verified incidents, under dual-authorisation requirements and full audit logging.

No marketing, product, customer support, or business operations personnel have access to biometric data. All access events are logged immutably and reviewed periodically.

3.5 Prohibited Uses

BIOPIA strictly prohibits the following uses of biometric data:

• Sale, licensing, or transfer to any third party for any commercial purpose;
• Use for advertising targeting, behavioural profiling, or user segmentation;
• Sharing with merchants, business partners, or affiliates;
• Use for any purpose not explicitly stated in Section 1 of this Policy;
• Retention beyond the periods specified in Section 4.

4 Retention and Deletion

4.1 Standard Retention Period

Biometric feature vectors are retained only for the duration of your active BIOPIA account and active consent. There is no archival, backup retention, or secondary retention of biometric data beyond the active account period.

4.2 Immediate Deletion Triggers

Biometric data is permanently and irreversibly deleted within 72 hours of any of the following events:

• Account deletion: When you delete your BIOPIA account through the application or by written request;
• Consent withdrawal: When you withdraw biometric consent as described in Section 2.4;
• Account termination by BIOPIA: When BIOPIA terminates your account for any reason;
• Inactivity: When your account has been inactive for a continuous period of 24 months, following a 30-day advance notice.

4.3 Deletion Process

Deletion is performed by cryptographic erasure (destruction of the encryption key) followed by secure overwrite of the data store record. This process renders the biometric data permanently irrecoverable. BIOPIA does not maintain shadow copies or cold-storage archives of biometric data beyond a rolling 7-day operational backup window, after which backup data is also purged.

5 User Rights

With respect to your biometric data, you have the following rights, exercisable at any time by contacting support@biopia.ai:

5.1 Right to Withdraw Consent

You may withdraw your consent to biometric processing at any time. Upon withdrawal, biometric data will be deleted within 72 hours and you will receive written confirmation.

5.2 Right to Deletion

You may request the deletion of your biometric data at any time, independently of account deletion. BIOPIA will process deletion requests within 72 hours and provide written confirmation. This right is absolute with respect to biometric data.

5.3 Right of Access

You may request information about what biometric data BIOPIA holds about you, how it is processed, where it is stored, who has access to it, and the legal basis for processing. BIOPIA will respond to access requests within 30 days.

5.4 Right to Complain

If you believe BIOPIA has processed your biometric data in violation of applicable law or this Policy, you have the right to lodge a complaint with:

• The Communications and Information Technology Regulatory Authority (CITRA) in Kuwait;
• The relevant data protection supervisory authority in your country of residence (for EU residents, the competent lead supervisory authority under GDPR; for UK residents, the Information Commissioner's Office).

5.5 Right Not to Be Subject to Automated Decisions

Where an authentication attempt fails, no adverse legal or similarly significant decision is made solely on the basis of the automated result without the opportunity for human review or an alternative authentication method. You may request human review of any authentication outcome that has resulted in denial of service.

6 International Compliance Framework

6.1 GDPR Alignment

Biometric data constitutes a "special category" of personal data under Article 9 of the General Data Protection Regulation (GDPR). BIOPIA processes biometric data on the legal basis of explicit consent under Article 9(2)(a). All processing is conducted in accordance with the principles of lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and confidentiality.

6.2 Biometric Privacy Best Practices

BIOPIA's biometric data practices are designed in alignment with internationally recognised biometric privacy frameworks, including the principles underlying the Illinois Biometric Information Privacy Act (BIPA): written consent before collection, prohibition on sale or profit from biometric data, defined retention schedules, and secure storage obligations.

6.3 Financial Services Regulatory Alignment

Where BIOPIA operates in regulated financial services contexts, biometric authentication is implemented in compliance with applicable Know Your Customer (KYC), Anti-Money Laundering (AML), and strong customer authentication (SCA) requirements.

6.4 Apple Platform Requirements

The BIOPIA iOS application processes biometric data in accordance with Apple's App Store Review Guidelines. Camera access is used exclusively for palm capture and QR code scanning. No biometric data is transmitted to Apple or processed through Apple's biometric frameworks (Face ID / Touch ID) for BIOPIA's core authentication function.

7 Contact Information

For all matters relating to biometric consent, data deletion, access requests, or complaints under this Policy, please contact BIOPIA's privacy team: