Data security & privacy is essential for any digital business and is even more so when sensitive information such as biometric data is involved. Our organization will focus on implementing best practices for our users and to ensure full GDPR compliance. We will minimize data retention, only retain analysis insights from biometric data, and use strong encryption throughout our data flows. Furthermore, our company will minimize the number of parties and locations touching differently types of data. We specifically plan to use all data internally and store it with our cloud provider in the EU. The only externally stored data is for payments which is only handled by the payment processor, another EU company. Below is a graphic indicating the key points of our data handling.