Privacy Policy

Last updated : august 1, 2025

The Coffid application is developed and operated by Bluelocker SAS, a French company registered with the Paris Trade and Companies Register under number 918 979 113 00019, with its registered office at 23 avenue Robert Schuman, 13090 Aix-en-Provence, France.

For any questions regarding privacy or the application, you can contact us at contact@coffid.com.

1. Introduction

Protecting your privacy is fundamental to Coffid. This privacy policy explains how we collect, use, store, and protect your personal data when you use our identity verification application.

2. Data collected

We collect the following types of data:

2.1 Identity Data

  • Information extracted from your identity documents (name, surname, date of birth, etc.)

  • Photos of your official documents

  • Biometric data (facial recognition)

  • Verification videos

2.2 Technical Data

  • Device identifiers

  • IP address

  • Usage logs

3. Use of Data

Your data is used to :

  • Verify your identity

  • Provide our verification services

  • Prevent fraud and ensure security

  • Improve our services

  • Comply with our legal obligations

4. Legal Basis for Processing

We process your data based on :

  • Consent : For biometric and geolocation data

  • Contract performance : To provide our verification services

  • Legitimate interest : For fraud prevention and security

  • Legal Obligation : To comply with applicable regulations

5. Data Sharing

We only share your data under the following conditions :

  • With your explicit consent: Through QR codes you scan, which clearly specify which data will be shared

  • With service providers: Bound by strict confidentiality agreements

  • With legal authorities: Only when required by law

We never transmit your data without your explicit consent through the application.

6. Data Security

We protect your data through :

  • Encryption: AES-256 for storage and TLS for transmission

  • Restricted access: Multi-factor authentication for our teams

  • Regular audits: Security testing and external assessments

  • Minimization: Collecting only the data necessary for the service

7. Data Retention

We retain your data as follows :

  • Identity data: For the duration of service use + 5 years

  • Biometric data: Automatically deleted after verification

  • Technical logs: Up to 2 years

  • Anonymized data: May be kept to improve the service

8. Vos droits

In accordance with the GDPR, you have the right to:

  • Access: View your personal data

  • Rectification: Correct inaccurate data

  • Erasure: Delete your data (right to be forgotten)

  • Portability: Obtain your data in a standard format

  • Objection: Object to the processing of your data

  • Restriction: Request limitation of processing

9. International Data Transfers

Your data is primarily stored in Europe. In case of transfers to third countries, we use appropriate safeguards (standard contractual clauses, adequacy decisions).

10. Cookies and Similar Technologies

Our website uses essential cookies for service operation. The mobile application does not use cookies but may use device identifiers for technical purposes.

11. Policy Updates

We may update this privacy policy. Any significant changes will be notified to you by email or within the application, with a 30-day notice period.

12. Contact and Complaints

To exercise your rights or for any questions :

  • DPO : contact@coffid.com

You may also file a complaint with the CNIL (Commission Nationale de l’Informatique et des Libertés).

13. Data of Minors

Our service is not intended for individuals under 18 years of age. If you are under 18, you must obtain permission from your parents or legal guardians before using Coffid.