Privacy Statement

This is the Privacy Statement for Noah Facial Recognition Pty Ltd.

This Privacy Statement was last updated: 6th September 2020 and is effective from 6th September 2020.

This Privacy Statement details:

• What information is collected.
• How we use that information.
• How we protect that information.
• When we destroy information.
• How we update this policy.
• How you may contact us regarding privacy.
• How you can escalate any concerns you have over privacy.

What Information is Collected

Business Information

We collect information about organisations that use or may use our services. This includes information such as the organisations:

• Name.
• Location.
• Industry.
• Size.
• Contact Details (eg: Primary Contact, Email, Phone, etc).
• Subscription Details (eg: Selected Plan, Credit Card details, Payment History, etc).

Collecting this information is essential to us doing business with you.

User Information

The NoahFace platform (which is Cloud based, and accessed using a Web browser) allows you to manage information about the users of the NoahFace Apps (eg: your employees, members, students, or customers). This includes information such as their:

• Unique identifier (eg: employee number, member number, etc).
• Name.
• Contact details (ie: email and mobile phone number).

The NoahFace App (which runs on a mounted iPad and is used by many users) allows each users to register - a process which allows users to submit their:

• Profile picture.
• Biometric data (ie: key facial features).

The NoahFace Go App (which runs on an individual user's mobile phone) allows users to submit their:

• A profile picture (this requires the user's explicit consent).

Collecting this information is essential to the operation of the NoahFace Apps and to you doing business.

Biometric Information

Biometric information is a subset of user information, but is a special form of information for which additional privacy protections are offered. NoahFace provides important capabilities to support the responsible collection and use of biometric data, including:

• Requiring users to acknowledge a simple privacy policy and to actively consent to the capture of biometric data.
• Allowing non-consenters to use an alternative means of identification, such as passcodes.
• Allowing users to remove their consent at any time, at which time biometric data is deleted.

Usage Information

The NoahFace platform (which is Cloud based, and accessed using a Web browser) allows you to collect information about each activity (or event) performed using the NoahFace Apps. This includes information such as:

• The date and time.
• The identifier of the user.
• The type of activity (eg: clock in, access, start job, etc.)
• Details of the activity (eg: an entered job number or selected task type).

The NoahFace App (which runs on a mounted iPad and is used by many users) also allows you to collect:

• The user's photo.
• The user's temperature (if an optional temperature sensor is deployed).

The NoahFace Go App (which runs on an individual user's mobile phone) also allows you to collect:

• The user's location (this requires the user's explicit consent).

Collecting this information is essential to the operation of the NoahFace Apps and to you doing business.

How we Use Information

Business Information

We collect information on organisations that use or may use our services so we can keep these organisations informed about relevant and important changes. For example, this allows us to notify organisations of updates to:

• The NoahFace Apps.
• Pricing
• This Privacy Statement.

We may also contact you regarding other related products or services offered by us or our partners. If we do contact you via email, we will provide a mechanism for you to opt out of receiving future email communications.

We do not sell or rent your business information, including your contact details, to others.

User Information

The NoahFace platform (which is Cloud based, and accessed using a Web browser) allows you to manage information on your users so that you can control which users can make use of the NoahFace Apps, and how they can use it. For example, to control which employees:

• Need to record their time and attendance.
• Have access to restricted areas.

Information on your users is only available to you; NoahFace does not use this information at all, nor do we sell or rent it to others.

Biometric Information

The biometric data collected by the NoahFace App (which runs on a mounted iPad and is used by many users) allows users to be recognised automatically after registration.

Usage Information

The NoahFace Apps (both NoahFace and NoahFace Go) allow you to collect information about each activity (or event). If you use the NoahFace Apps stand-alone, the usage data is only retained on your device. If you choose to connect the NoahFace Apps to the NoahFace platform (which is Cloud based, and accessed using a Web browser), then this information is retained in the NoahFace platform so that you can perform queries and reports on it.
‍
A subset of the usage information may also be passed to 3rd party systems used by your organisation. For example, it may be passed:

• To your Payroll System, to automatically populate timesheets, so that employees can be paid.
• To your Access Control System, to evaluate whether a user should have access a restricted area, so that security can be maintained.

Information on the usage of the system is only available to you; NoahFace does not use this information at all, nor do we sell or rent it to others.

How we Protect Information

Business Information

Information on businesses that use or may use our services are stored in our IT systems. We take your privacy seriously, and take responsible measures to secure this information. For example:

• Network transmisions of data are encrypted.
• Biometric data is encrypted while at rest.
• Data is backed up.
• etc.

User/Usage Information

Information on your users and their usage of the NoahFace Apps may be stored on your devices, in our IT systems, or in linked 3rd party systems (eg: your Payroll System or Access Control System). We take responsible measures to protect the information stored in our IT systems. For example:

• Network transmisions of data are encrypted.
• Biometric data is encrypted while at rest.
• Biometric data is not shared with 3rd party systems.
• Biometric data is not exportable.
• Data is backed up.
• etc.

You need to take responsible measures to protect this information while it is stored on your devices or in linked 3rd party systems, such as:

• Ensuring your premises are physically secured.
• Physically securing your devices (using lockable stands/mounts).
• Backing up your devices using iCloud services.
• Not sharing passwords between users.
• Reviewing the privacy policies of any linked 3rd party systems (such as your Payroll System or Access Control System).

When we Destroy Information

User Information

You can delete users from the NoahFace platform at any time.

Biometric Information

You can delete biometric information for any user in the NoahFace platform at any time.

Usage Information

Records of individual transactions (eg: clocking events or door entry events) stored in the NoahFace platform are retained for 90 days, after which time they are automatically deleted.

Changes

The latest version of the Privacy Statement is held at www.noahface.com/privacy

We reserve the right, at our sole discretion, to modify or replace this Privacy Statement at any time. If a revision is material we will try to provide at least 30 days notice prior to any new terms taking effect. What constitutes a material change be determined at aour sole discretion.


Contacting us About Privacy

Should you have any concerns about your privacy, want to update your contact details, or have questions about this privacy statement, you can contact us at:

privacy@noahface.com

Should you want to escalate any concerns you have, you should contact:

The Office of the Australian Information Commissioner

Phone: 1300 363 992

Website: www.oaic.gov.au

Email: enquiries@oaic.gov.au