Is Veriff safe with your data?
Veriff
Weak disclosure · medium confidence
Veriff earns a D (38/100) because it leaves much about its data practices unstated.
#157
of 211 apps ranked
38
score · Security & compliance avg 51
-13
vs category average
Veriff discloses automated identity verification with human-review rights, biometric retention limits (3 years for Illinois), and does not sell identity verification data for ads, but lacks explicit opt-out mechanisms for model training and synthetic-output marking.
What Veriff's privacy policy and terms of service say about your data
Biometric retention (D6.3)
For Illinois residents, we will permanently destroy their biometric identifiers and biometric information when the initial purpose for collecting or obtaining such identifiers or information has been satisfied or within 3 years of the individual's last interaction with Veriff, whichever occurs first.
No-sell for ads (D4.3)
Our 'sale,' 'sharing' and 'targeted advertising' activities do not apply to personal information that we collect in the course of providing identity verification services to our Customers.
Automated decision rights (D6.1)
Fully automated verification process... you will have the right to request human intervention or object to the decision made on grounds relating to your particular situation.
Data minimization (D3.4)
Veriff aims to delete/blur or make in other ways unreadable any data or documents presented in the session that are not necessary for Veriff's service provision.
What the policy is silent or vague on
- Not stated: keeping user inputs out of model training
- Not stated: a way to opt out of training
- Not stated: whether training use differs by plan
- Not stated: your ownership of generated outputs
Veriff privacy rating
Details
- Category
- Security & compliance
- Modalities
- text, image
- Processes biometrics
- Yes
- Policy last updated
- 2026-04-16
- Region scored
- Global / US-default
- Last assessed
- 2026-07-08
Documents examined
Other security & compliance apps
Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.