Incode Workforce Data Handling and Security Overview
Your Information and How It’s Protected
As part of your company’s identity verification process with Incode, you will be asked to take a selfie and upload your government-issued ID.
We understand that your personal information is sensitive. Here’s what happens to it and how we keep it safe.
What Happens to Your Data
| What data is collected | What data is retained | What data is deleted and when |
|---|---|---|
| Selfie (used for onboarding and verification) | Basic account details — name, work email, and employee ID from your company’s IAM system (like Okta or Microsoft Entra). | Original ID images and selfies — deleted immediately after verification is complete. |
| Government-issued ID (driver’s license, passport, or similar document) | Key ID information — limited data such as name and date of birth, used to confirm who you are. | Temporary system data — purged automatically once the verification session ends. |
| Employee details (provided by your company) | Expiration date from your ID — used to remind your company when it’s time to reverify your identity. | Non-essential data — deleted automatically after the default retention period (45 days, unless adjusted by your company). Immediate deletion is supported upon request. |
| Onboarding selfie — securely stored as an encrypted copy to maintain accuracy and ensure continuity when technology is updated. | ||
| Face template — a secure, encrypted mathematical representation of your face used for authentication. It cannot be reverse engineered into the original image. |
Why We Retain Limited Data
We only keep what is needed to:
- Allow you to authenticate quickly without re-verifying each time
- Help your company meet compliance and fraud-prevention standards
- Ensure consistent performance and reduce verification errors
How Your Data Is Protected
Your information is encrypted and stored in secure, access-controlled environments.
Incode follows and exceeds industry standards for data security and privacy, including:
- 🔒 Encryption at rest and in transit
- 👤 Strict access controls for authorized personnel only
- ✅ Regular security audits and compliance with privacy regulations
Your personal data is never shared, sold, or used for marketing purposes.
It is used only to verify your identity and maintain secure access to your company’s systems.
How Long Your Data Is Retained
Your company determines how long we retain your information based on its security and compliance needs.
The default period is 45 days, but your company may adjust this.
- Immediate deletion is also supported upon request.
- After that, all non-essential data is automatically deleted.
Questions
If you would like to know more about how your data is handled, you can reach out to your company’s HR or IT administrator, or visit Incode’s Privacy Policy for full details.
© 2025 Incode Technologies, Inc. All rights reserved.
Updated 2 months ago