How do you handle my data?

We use a process called zero-knowledge verification. To power this, we've partnered with Onfido, an Entrust company and global leader in the KYC, identity, and verification industry. Verification takes place directly within Entrust's SDK, meaning your data never passes through PlaySafe ID's systems. We never see, receive, or store any data, documents, or biometrics from your verification.

PlaySafe ID are the data controller: We define the purpose and scope of how your data is processed.

Entrust are the data processor: They handle verification entirely within their own secure infrastructure on our behalf. Under a formal data processing agreement, Entrust are only permitted to process your data in the ways we contractually define. They have no right to use it for any other purpose, and all processing must comply with applicable data protection law, including GDPR.

Once verification is complete, a hashed biometric token is created and Entrust delete your identity document and raw biometric data. Neither Entrust nor PlaySafe ID retain copies of your ID, facial images, or any other personal information submitted during the process.

The only thing kept from the verification is the hashed biometric token - a unique, irreversible string of characters generated from your identity data. It contains no readable or direct source data and cannot be traced back to your original documents or biometrics. This token is what powers PlaySafe ID's ability to identify ban evasion and ensure that the same person cannot verify a second time to obtain a new PlaySafe ID.

You can view the full user privacy policy here: User privacy policy