Biometrics Policy
By accepting our terms of service and acknowledging our privacy notice, you agree to the collection, processing, usage, and storage of your Biometric Data as described in this Policy.
Biometric Data means any data generated from electronic measurements or scans of an individual's biological characteristics, such as facial geometry, or other unique biological patterns or characteristics that can be used to identify a specific individual.
Kraken’s treatment of any piece of data or information as “Biometric Data,” pursuant to this policy does not necessarily indicate that such items qualify as or fit the definitions of “Biometric Data,” as that term is used in any particular statute, law, or regulation.
You release in favor of Kraken any claims related to collection, processing, usage, and storage your Biometric Data. This includes any past or prior claims as well as any claims that may arise in the future related to your use of Kraken’s services
Biometric Data Collection Purposes
Kraken collects, uses, stores, and processes Biometric Data to verify or confirm your identity, both when you initially open or verify your Kraken account and at any point thereafter as deemed necessary by Kraken or required by law or regulation. This includes comparing “selfie” photos that you submit to other forms of identification, such as a driver’s license or passport or similar identification document.
Consent
Before collecting your Biometric Data, Kraken will inform you that Biometric Data is being collected or stored. In jurisdictions such as the US and Canada we will ask for your consent. In the EU and UK, we rely on the legal basis of compliance with a legal obligation to process your Biometric Data, as it is necessary for us to fulfill our anti-money laundering and counter-terrorist financing obligations, and Know Your Customer obligations under applicable laws and regulations, which are in the substantial public interest.
This Policy sets out the purpose and length of time for which Biometric Data is being collected, stored, and used for.
Retention Schedule
Kraken will permanently destroy an individual's Biometric Data when the lawful purposes for collecting or obtaining such Biometric Data have been satisfied, or within 3 years of the individual's last interaction with Kraken, whichever occurs first. If retention for a longer period is required for account security, regulatory compliance, or as otherwise required by law, Kraken will ensure it has a lawful basis for such processing, including by obtaining your consent for such extended retention where appropriate.
Biometric Data Security
Kraken shall protect Biometric Data using the reasonable standard of care within our industry and in a manner that is the same as or more protective than the manner in which we store, transmit, and protect other confidential and sensitive information, such as personal information, account access credentials, and financial information.
Biometric Data Disclosures
Kraken may disclose an individual's Biometric Data to third-party vendors and/or licensors in order to facilitate the provision of our products and services. This includes third-party identity verification services. Those products and services requiring Biometric Data processing shall include future products and services that Kraken may choose to provide after the initial collection of Biometric Data.
Kraken does not further disclose Biometric Data unless:
- The individual or the individual's legally authorized representative consents to the disclosure;
- The disclosure is required by applicable law or regulation; or
- The disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.
Kraken does not sell, lease, trade, or otherwise profit from Biometric Data.
Your Rights
In certain circumstances, you have the right to access, correct, amend, or delete your Biometric Data.
To exercise these rights or for any questions about our Biometric Data practices, please contact our privacy team at [email protected].