top of page

Privacy Policy

 

Last updated: August 31, 2025

This Privacy Policy explains how Biometric Witness LLC (Reg. No. 10292804, registered address State of Delaware is 8 The Green, Suite A, in the City of Dover, Zip code 19901), hereinafter “we,” “us,” or the “Controller”) processes personal data when you visit https://bio-witness.com and/or use our services. We comply with the EU General Data Protection Regulation (EU) 2016/679 (GDPR) and other applicable laws.

1) Controller & Contact

  • Controller: Biometric Witness LLC, Reg. No. 10292804

  • Registered address: State of Delaware is 8 The Green, Suite A, in the City of Dover. Zip code 19901.

  • Privacy contact email: info@bio-witness.com

  • Data Protection Officer (if required): not appointed

  • Privacy lead: Aleksejs Bankovskis (info@bio-witness.com)

EU/UK representative (GDPR Art. 27): if required in the future, we will appoint a representative and update this policy accordingly.

2) Scope

This policy applies to website visitors, account users, customers, suppliers, and other business partners whose personal data we process while operating our website and services, performing contracts, providing support, and conducting lawful marketing.

3) Personal data we collect

Depending on your interaction with us, we may process the following categories of data:

3.1 Identity & contact – name, surname, email, phone, country/region; account credentials (if you sign up).

3.2 Transactions & delivery – billing and shipping details, order information, delivery status, payment status/identifiers. (Payments are typically processed by payment providers such as Stripe.)

3.3 Communications – emails, contact‑form submissions, chat messages, support requests.

3.4 Technical & usage – IP address, device and browser information, language settings, pages viewed, events, server logs; cookie and similar technology data (see Section 10).

3.5 Marketing preferences – newsletter opt‑in/opt‑out, interests, campaign metrics.

3.6 Special categories – we do not intentionally process special categories of data (e.g., health or biometric data) on our website. If specific products/apps require processing of biometrics or other sensitive data, we will provide a separate notice and obtain an appropriate legal basis.

4) Purposes & legal bases

We process personal data only as necessary for the purposes below:

PurposeData categoriesLegal basis (GDPR Art. 6)

Provide the website, accounts, products/services; customer support; pre‑contract stepsIdentity/contact, transactions, communications(b) contract/performance of pre‑contractual steps

Billing, accounting, and tax complianceIdentity/contact, transactions(c) legal obligation

Website operation, security, fraud preventionTechnical/usage, logs(f) legitimate interests

Direct marketing (newsletters, offers)Identity/contact, marketing prefs(a) consent (you can withdraw at any time)

Analytics and service improvementTechnical/usage, cookies(a) consent via cookie banner (or (f) for strictly necessary cookies)

Establish, exercise, or defend legal claimsRelevant data(f) legitimate interests

If processing is based on consent, you can withdraw it at any time without affecting the lawfulness of processing before withdrawal.

5) Retention

We keep data only as long as needed for the stated purposes or as required by law:

  • Account/customer data: until account deletion + up to 3 years for limitation periods;

  • Accounting records: as required by law (typically 10 years);

  • Communications/support tickets: up to 2 years;

  • Marketing consents: until withdrawn or up to 2 years since last interaction;

  • Server logs (security): up to 1 year (longer if needed to investigate incidents).

6) Recipients & service providers

We share personal data strictly on a need‑to‑know basis with:

  • IT/hosting and infrastructure providers (website hosting, email delivery, cloud storage);

  • E‑commerce platform (if applicable);

  • Delivery and logistics;

  • Payment services;

  • Marketing and analytics tools (e.g., analytics, advertising pixels);

  • Professional advisers and authorities (where necessary).

Named providers (key processors / independent service providers):

  • Omniva (postal/courier services). For last‑mile delivery, Omniva typically acts as an independent controller; we share only what is necessary to fulfil delivery.

  • Stripe (online payments). Stripe commonly acts as an independent controller for payment processing; we receive limited payment status/identifiers.

Where a vendor acts as our processor, we sign a Data Processing Agreement (DPA) under GDPR Art. 28. Where a vendor acts as an independent controller, it determines its own purposes/means and provides its own privacy notice.

7) International transfers

If data are transferred outside the EEA/UK, we use appropriate safeguards such as the EU Standard Contractual Clauses (SCCs) and additional measures (encryption, access controls) to ensure an essentially equivalent level of protection.

8) Security

We implement technical and organisational measures appropriate to the risk, including access controls, encryption in transit, logging/monitoring, backups, staff training, and periodic risk assessments.

9) Your rights

Under the GDPR, you may have the right to: access your data, request rectification or erasure, request restriction of processing, object to processing based on legitimate interests, and data portability. If processing is based on consent, you may withdraw consent at any time. You can exercise your rights by contacting us at info@bio-witness.com.

You also have the right to complain with your local supervisory authority in the EEA/UK.

10) Cookies & similar technologies

We use cookies to operate the site and improve user experience.

Categories:

  • Strictly necessary – required for the site to function (legal basis: legitimate interests/necessity);

  • Analytics – to understand usage and improve our services (consent via cookie banner);

  • Marketing – to personalise offers and enable remarketing (consent via cookie banner).

On the first visit, we display a cookie banner where you can accept or manage settings. You can change/withdraw your choices at any time via the “Cookie settings” link on our site.
Examples (to be confirmed and documented in your cookie list): Google Analytics (GA4), Meta Pixel, Hotjar.

11) Children’s privacy

Our services are not intended for children under 16 (or the minimum age allowed by local law, not below 13). If we learn that we collected data from a child without parental consent, we will delete it.

12) Automated decision‑making

We do not engage in automated decision‑making that produces legal or similarly significant effects. Any audience segmentation for marketing is based on your consent and does not have such effects.

13) Third‑party links

Our website may contain links to third‑party websites/services we do not control. Please review their privacy notices.

14) Changes to this policy

We may update this policy from time to time. If changes are material, we will notify you on the website and/or by email. The “Last updated” date above reflects the latest version.

15) Contact

For any privacy questions or requests, email info@bio-witness.com. If you believe your rights have been infringed, you can lodge a complaint with your local data protection authority.

 

Biometric witness

info@bio-witness.com

8 The Green, Suite A, Dover, DE 19901, USA

SUBSCRIPTION

 

Subscribe to our newsletter • Don’t miss out!

© 2025 Biometric Witness

 
  • X
  • LinkedIn
  • TikTok
  • Facebook
  • Instagram
bottom of page