Menu

Sign In Get Started
Legal

Privacy Policy

Last updated: November 21, 2025  ·  Brooks & Keitt Sarl  ·  1950 Sion, Switzerland

Contents
  1. 1. Introduction
  2. 2. Information We Collect
  3. 3. How We Use Your Information
  4. 4. How We Share Your Information
  5. 5. Data Security & Retention
  6. 6. Your Data Protection Rights
  7. 7. International Data Transfers
  8. 8. Children's Privacy
  9. 9. Changes to This Policy
  10. 10. Contact Us

1 Introduction

Welcome to ProntoID. This Privacy Policy explains how ProntoID, a service by Brooks & Keitt Sarl ("we," "us," or "our"), collects, uses, shares, and protects information about you when you use our website and services (collectively, the "Service"). We are committed to protecting your privacy and handling your data in an open and transparent manner.

Our registered address is Place du Midi 30, 1950 Sion, Switzerland.

2 Information We Collect

We collect information to provide and improve our Service. The type of information we collect depends on how you interact with us.

2.1. Information You Provide to Us Directly

  • Account Information: When you register for an account, we collect information such as your name, email address, and password.
  • Identity Verification Data: To use services like Pronto Verify or Pronto Passport, we may ask you to provide sensitive personally identifiable information (PII), including your full name, date of birth, address, and images of your government-issued identification documents. We may also collect a selfie image for biometric verification purposes.
  • Document and Signature Data: When using Pronto Sign or Pronto Share, we process the documents you upload and the cryptographic signatures you create.
  • Model Release and KYP Data: When using our model release management or 'Know-Your-Pal' (KYP) verification services, we process the documents and information you provide, which may include your name, signature, and PII of other parties.
  • Communications: When you contact us via email or our contact form, we collect your name, email address, and the content of your message.

2.2. Information We Collect Automatically

  • Usage Data: We collect information about your interactions with our Service, such as the pages you visit, the features you use, and the date and time of your visit.
  • Device and Connection Information: We collect information about the device you use to access our Service, including your IP address, browser type, and operating system.
  • Cookies and Tracking Technologies: We use cookies and similar technologies to operate and analyze our Service.

2.3. Third-Party Age Verification Sessions

If you are redirected to ProntoID by a third-party platform specifically for an age verification session, we apply strict data minimization principles:

Privacy Guarantee: The initiating third-party platform receives only a secure confirmation flag (e.g., "Verified" or "Not Verified"). We do not return, share, or transmit your name, address, date of birth, or ID images to that platform. Upon completion of the check, all verification data is immediately deleted from our active systems.

  • Purpose Limitation: Information collected during these sessions is used exclusively for the purpose of verifying your age.
  • No PII Returned: Your personal private information is never transmitted to the initiating third-party platform.
  • Verified Flag Only: The platform receives only a secure status flag indicating whether you meet the required age threshold.
  • Immediate Deletion: Age verification data is permanently deleted upon completion of the check.

2.4. "Know Your Pal" (KYP) Services

When you complete a KYP verification at the request of another user (the "Requester"), we apply the same data minimization and privacy principles. We do not share your raw identification documents, specific date of birth, home address, or biometric data with the Requester. By completing a KYP verification, you explicitly consent to sharing the verification status — and only the status — with the Requester.

3 How We Use Your Information

  • To Provide and Maintain Our Service: We use your information to perform our core services, such as verifying your identity, facilitating digital signatures, and enabling secure logins.
  • For Security and Fraud Prevention: We use information to protect the security of our Service, prevent fraud, and enforce our Terms and Conditions.
  • To Communicate with You: We may use your contact information to send you service-related updates, respond to your inquiries, and provide customer support.
  • To Comply with Legal Obligations: We may process your data to comply with applicable laws and regulations, such as record-keeping requirements for 2257 compliance.
  • To Improve Our Service: We analyze usage data to understand how our Service is used and to make improvements.

4 How We Share Your Information

We do not sell your personal data. We may share your information in the following limited circumstances:

  • With Our Clients: When you use our verification services at the request of a client, we share the result of that verification (e.g., "age verified: yes") with that client — never the underlying identification documents, unless it is a required part of the service and explicitly consented to by you.
  • Service Providers: We may share information with third-party vendors who provide services on our behalf, such as cloud hosting and payment processing. These providers are contractually obligated to protect your data.
  • Biometric Processing: The biometric comparison between your selfie and your ID document is performed by our proprietary, in-house technology and is not shared with external third-party processors for this purpose.
  • For Legal Reasons: We may disclose your information if required to do so by law or in response to valid requests by public authorities.
  • With Your Consent: We may share your information for other purposes with your explicit consent.

5 Data Security & Retention

We implement robust technical and organizational measures to protect your personal data, including encryption of data in transit and at rest, and strict access controls. No method of transmission over the Internet is 100% secure, but we continuously update our security practices to maintain the highest possible standard.

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected. Our retention policies differ by data type:

  • Identity Verification Data: Sensitive data such as images of ID documents and biometric selfie images are permanently deleted from our active systems as soon as the verification process is complete and the result is generated.
  • Executed Documents: Data relating to documents executed through our service (e.g., signed model release forms) is retained for the period specified in your agreement with us and to comply with legal obligations such as 18 U.S.C. 2257 record-keeping requirements.

6 Your Data Protection Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right to Access: You have the right to request copies of your personal data.
  • Right to Rectification: You have the right to request that we correct inaccurate or incomplete information.
  • Right to Erasure: You have the right to request that we erase your personal data, under certain conditions. This right is not absolute and may be subject to legal retention obligations.
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain conditions.
  • Right to Object to Processing: You have the right to object to our processing of your personal data under certain conditions.
  • Right to Data Portability: You have the right to request that we transfer your data to another organization, or directly to you, under certain conditions.

To exercise any of these rights, please contact us at info@prontoid.com.

7 International Data Transfers

Your information may be transferred to and maintained on computers located outside of your state, province, or country where data protection laws may differ. As a Swiss company, we comply with the Swiss Federal Act on Data Protection (FADP) and are aligned with the principles of the GDPR. We ensure that any international transfers are conducted with appropriate safeguards in place.

8 Children's Privacy

Our Service is intended for and directed to individuals 18 years of age or older. A primary function of our Service is to verify that individuals meet this age requirement. We do not knowingly create accounts for, market to, or otherwise solicit information from individuals under 18. If we become aware that we have inadvertently collected such data, we will take steps to delete it promptly.

9 Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically for any changes.

10 Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact our Privacy Officer:

By Mail
Brooks & Keitt Sarl
Attn: Privacy Officer
Place du Midi 30
1950 Sion, Switzerland