Privacy Policy

Privacy Policy

Effective Date: 11 July 2025

This Privacy Policy explains how VerifyAge.io ("we", "our", or "us") collects, uses, and protects your information when you use our age verification services.

1. Who We Are

VerifyAge.io is operated by Northland Data Ltd, a company registered in Seychelles:
Business address: 5 Wadsworth Road, Perivale, London, UB6 7JD, United Kingdom
Email: [email protected]
Phone: +44 7458 164092
We provide privacy-first age assurance technology for platforms subject to online safety and content regulation laws, including GDPR, UK DPA, and the UK Online Safety Act.

2. What Data We Collect

We do not collect, store, or process any of the following:

  • ID documents (e.g., passports, driver’s licenses)
  • Photographs, selfies, or biometric scans
  • Videos or audio recordings
  • Names, email addresses, or dates of birth
  • IP addresses or tracking cookies for profiling purposes

We may process the following minimal, non-identifying data:

  • Anonymous session ID (ephemeral, for verification tracking only)
  • Verification outcome (e.g., pass/fail)
  • Browser type and device type (for security diagnostics only)

All data is processed locally in the browser or through secure, encrypted connections to certified third-party verification providers. No data is stored on our servers unless explicitly requested for audit purposes.

Our platform uses go.cam, an open-source, in-browser age estimation tool developed by GSI Développement SAS, which runs entirely on-device go.cam performs all analysis without transmitting or storing any personal data, ensuring full compliance with privacy-by-design and GDPR principles.

3. Legal Basis

We rely on the following legal bases under GDPR and UK DPA:

  • Consent: For optional third-party verification flows
  • Legitimate Interest: For fraud prevention, session validation, and compliance logging (non-personal only)

We do not fall under the scope of GDPR Article 3, as we do not process the personal data of individuals located in the EU or UK.

4. Data Storage and Retention

By default, we store no personal data.
Any verification result is ephemeral and tied only to a technical session token.
Optional integrations may store a secure cookie or localStorage value (age_verified=true) on your device — this remains fully under your control.
We do not retain logs containing personal identifiers.

5. Use of Cookies

We do not use tracking or marketing cookies.
Essential cookies (if used) are limited to:

  • Session validation (e.g., age_verified=true)
  • CSRF protection

No third-party analytics or advertising cookies are present.

6. Your Rights

Since we do not process personal data, GDPR rights (such as access, erasure, or rectification) are not applicable in most cases.
However, if you believe your information has been processed improperly, you may contact us anytime at [email protected].

7. Data Security

We implement the following security measures:

  • In-browser verification (no image uploads)
  • TLS-encrypted communication with third-party verifiers
  • Stateless API option with no persistent logs
  • Strict origin checks and token validation

8. Changes to This Policy

We may update this Privacy Policy from time to time.
All changes will be reflected on this page with a new effective date.

9. Contact

If you have questions about this policy or our privacy practices, please contact us at:
Email: [email protected]
Phone: +44 7458 164092