Is Incode safe with your data?
Incode
Weak disclosure · medium confidence
Incode earns a D (54/100) because it leaves much about its data practices unstated.
Dealbreaker flag
- D1.1: Policy explicitly states biometric and personal data are used to train AI/ML models with no disclosed opt-in or opt-out mechanism
#130
of 177 apps ranked
54
score · Security & compliance avg 67
-13
vs category average
Incode discloses comprehensive data rights and international transfer safeguards, but trains AI/ML models on biometric data without an opt-out mechanism and lacks transparency on output ownership.
What Incode's privacy policy says about your data
Training Data Adverse
Policy explicitly states biometric and personal data are used to train AI/ML models with no opt-out offered.
Data Rights Strong
Explicit CCPA/GDPR-aligned rights for access, deletion, portability, correction, and objection with 45-day response times.
Biometric Governance Gap
Illinois-specific 3-year biometric retention rule disclosed but no comprehensive global biometric protections.
Security Certifications
SOC 2 Type II certification and 256-bit TLS encryption named, providing concrete security commitments.
The area-by-area breakdown for Incode is being prepared and will appear after its next scoring pass on the current rubric. The summary and highlights above reflect the latest assessment.
Details
- Category
- Security & compliance
- Modalities
- text, image
- Processes biometrics
- Yes
- Policy last updated
- 2026-02-13
- Region scored
- Global / US-default
- Assessed
- 2026-06-20
Other security & compliance apps
Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.