MOBILE-ID is an authentication and authorization service, enabling the end-users to authenticate themselves to multiple Internet services in a secure manner. A USB peripheral (“RSSP key”) or a client software program, activated by a user and device specific PIN code, is used by end-users to manage their accounts in a centralized but secure manner.

No disclosure of personal data of any kind (such as name, age, location, face data) is necessary to use MOBILE-ID when the service is only used to manage end-user’s access credentials for Internet services. The end-user’s username and password information related to an Internet service are not stored in MOBILE-ID although a list of the Internet services accessible by certain RSSP account is stored. When MOBILE-ID is used in the manner described above, the information concerning RSSP keys or accounts cannot be directly linked to any particular person.

MOBILE-ID provides end-users an option to store personal data in their RSSP keys and software clients. End-users may store personal data that may be necessary for using some Internet services, for example to verify to an Internet service that the end-user is of a certain age. All personal data disclosed by an end-user is stored permanently only in the end-user’s RSSP key or software client and is disclosed to an Internet service only upon a query from the service and only with an express consent of the end-user for each query separately. Temporary processing of the end-user’s personal data by MOBILE-ID is necessary when the end-user discloses or edits the personal data stored in the RSSP key or software client, or when end-user data is disclosed to an Internet service. The data is always discarded without delay after being processed and is not stored by MOBILE-ID in any other place than the end-user’s RSSP key or software client.

An end-user may choose to disclose optional personal data (such as an e-mail address or a phone number) to be used by MOBILE-ID for the purposes of communication between the end-user and MOBILE-ID.

Any data concerning the use by a specific end-user of different Internet services via MOBILE-ID may only be stored in and used by MOBILE-ID or MOBILE-ID™ for the purpose of fraud detection or other similar purposes, and to compile an end-user specific trust index which it may provide to third parties upon their request without obtaining a separate consent from the end-user. The trust index is only a technical attribute which cannot be reduced to personal information relating to any private person.

Personal end-user data stored in MOBILE-ID may be transferred within MOBILE-ID to any server in any country worldwide. MOBILE-ID™ always protects any personal data by using adequate data security procedures and technologies. The core principle of MOBILE-ID is to store all personal data (except of the above mentioned optional contact information) in a decentralized manner into the RSSP keys and/or software clients, which are at the sole possession and control of the end-users themselves. Thus the protection by each end-user of the RSSP key or software client and the associated PIN code is the key aspect of the protection of the personal data stored in MOBILE-ID. If a RSSP key or a device with RSSP client software is lost by an end-user, the end-user’s personal data may be at risk, and cannot be recovered by MOBILE-ID™. It is essential that end-user has a copy of her unlock code, which can be used to revoke and lock lost RSSP key or software client. MOBILE-ID™ is not responsible for end-users’ data or the authenticity thereof in any way, except that MOBILE-ID™ undertakes to use adequate data security procedures and technologies during the processing of the end-users’ data. MOBILE-ID™ shall not be liable for any damages caused by inaccurate end-user data or the loss of any end-user data.

MOBILE-ID™ shall not use, store or disclose the end-user’s personal data in any other manner than what has been described herein without the consent of the end-user. Any personal data disclosed to MOBILE-ID that is not automatically destroyed immediately after processing shall be destroyed without undue delay after the end-user finally ceases to use MOBILE-ID. The end-user is responsible for destroying data stored in the RSSP key or software clients.

An end-user shall hereby expressly consent to the collection and processing of personal data before using MOBILE-ID. Consent to collect and process personal data may be revoked by the end-user at any time, but use of MOBILE-ID must be discontinued after such revocation. An end-user may inspect and amend the personal data stored into MOBILE-ID at any time by using tools provided at MOBILE-ID web site or by using the contact information below. Please note that MOBILE-ID™ does not have implicit access to the information stored into the end-users’ RSSP keys or software clients.

MOBILE-ID is operated by MOBILE-ID Digital Signature Certification Service Center (“MOBILE-ID™”),

Address: 19 Dang Tien Dong, An Phu Ward, Thu Duc City, Ho Chi Minh City

Please contact info@mobile-id.vn in any matters relating to this Privacy Policy.