Privacy Policy

Effective date: April 1, 2026

Proof by Webel ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and disclose your personal information — including biometric data — when you use our identity verification platform (the "Service").

1. Information We Collect

1.1 Account Information

When you create an account, we collect your name, email address, organization name, and password (stored as a salted hash). We may also collect billing information if you subscribe to a paid plan.

1.2 Biometric Data

Our Service uses facial recognition technology to verify identity. We collect biometric data in the following manner:

Facial images are captured via your device's camera during enrollment and verification. These images are processed in real-time to extract facial feature embeddings and are never stored on our servers.
Face embeddings are irreversible 512-dimensional mathematical vectors derived from your facial features. These embeddings cannot be used to reconstruct your face or photograph. They are the only biometric data we retain.
Liveness data (blink detection, anti-spoofing signals) is processed in real-time and not retained after the verification session.
Admin face 2FA data: Admin accounts that opt into face-based two-factor authentication undergo the same face-embedding pipeline as end users. A separate, BIPA-compliant biometric consent checkbox is presented before admin face enrollment. Admin biometric consent is captured independently from end-user consent and logged immutably. Admins may alternatively enroll a passkey (WebAuthn) for two-factor authentication, which performs verification entirely on-device and does not transmit biometric data to Proof.

1.3 Usage and Technical Data

IP addresses are hashed using SHA-256 with a unique salt before storage — we never store raw IP addresses.
Device information (browser user agent, screen dimensions, camera resolution) may be collected for device-consistency checks.
Geolocation data at city-level accuracy may be derived from IP addresses for impossible-travel detection. Precise location is never collected.

1.5 Voice Biometric Data (Admin Authentication)

When you enroll in voice-based passwordless authentication, we collect a mathematical representation of your voice (voiceprint). Like face embeddings, raw audio recordings are never stored — only a 192-dimensional numerical embedding. This data is encrypted at rest and used solely for identity verification.

Voice recordings are captured via your device's microphone during enrollment and verification. These recordings are processed in real-time to extract speaker embeddings and are never stored on our servers.
Voice embeddings are irreversible 192-dimensional mathematical vectors derived from your vocal characteristics. These embeddings cannot be used to reconstruct your voice or any audio. They are the only voice biometric data we retain.
Anti-spoof data (replay detection, synthesis detection signals) is processed in real-time and not retained after the verification session.
Admin voice authentication: Admin accounts that opt into voice-based passwordless authentication undergo a speaker-embedding pipeline. A separate, BIPA-compliant biometric consent checkbox is presented before voice enrollment. Admin voice biometric consent is captured independently from face consent and end-user consent and logged immutably.

1.4 Consent Records

We maintain detailed logs of your consent actions (grants and revocations), including timestamps, hashed IP addresses, and the version of the legal documents you accepted. These records are retained for audit and compliance purposes.

2. How We Use Your Information

We use your information exclusively for:

Verifying your identity through facial recognition matching.
Detecting and preventing fraud through liveness and anti-spoofing checks.
Issuing Human Presence Tokens to your authorized AI agents.
Maintaining audit trails for regulatory compliance.
Communicating with you about your account and the Service.
Improving the security and performance of the Service.

3. Biometric Data Protections

We take the protection of biometric data seriously and have implemented the following safeguards:

No sale or rental: We will never sell, lease, trade, rent, or otherwise profit from your biometric data. Period.
No third-party sharing: Your biometric data is never disclosed to third parties except as required by law or with your explicit written consent.
Irreversible storage: Only mathematical face embeddings are stored — never raw images or photographs.
Encryption: All biometric data is encrypted in transit (TLS 1.2+) and at rest using AES-256-GCM authenticated encryption. Each organization has a unique data encryption key (DEK) that is wrapped with a master key using envelope encryption. Keys are provisioned automatically and cached in-memory with a 5-minute TTL for performance.
Access controls: Biometric data is accessible only to automated verification systems — not to human employees except as required for system administration.
Retention limits: Biometric data is retained only as long as the purpose for collection is fulfilled, or within three (3) years of your last interaction with the Service, whichever comes first. Upon account deletion or consent revocation, biometric data is permanently destroyed within 30 days.

4. Data Retention

Data type	Retention period
Face embeddings (end users)	Until account deletion or 3 years of inactivity
Face embeddings (admin 2FA)	Until face 2FA is disabled, admin account deletion, or consent revocation — whichever comes first
Voice embeddings (admin auth)	Until voice authentication is disabled, admin account deletion, or consent revocation — whichever comes first
Verification logs	Configurable per organization (default 90 days)
Consent records	7 years (regulatory compliance)
Audit logs	Configurable per organization (default 90 days)
Account information	Until account deletion

5. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal and biometric data:

Right to know: You may request a copy of the personal data we hold about you, including whether biometric data is being collected or stored.
Right to delete: You may request deletion of your personal data, including biometric embeddings. Organization administrators can delete user accounts through the admin portal.
Right to revoke consent: You may revoke your consent to biometric data collection at any time by contacting us. Revocation will result in the deletion of your biometric data and the inability to use identity verification features. For admin accounts using face 2FA, consent is automatically revoked when face 2FA is disabled, and the associated face embedding is permanently destroyed.
Right to non-discrimination: We will not discriminate against you for exercising any of your privacy rights.

6. Data Security

We implement industry-standard security measures to protect your data, including:

TLS encryption for all data in transit.
Encryption at rest for stored data.
Salted password hashing (bcrypt with cost factor 12).
IP address hashing to prevent raw IP storage.
Role-based access controls for administrative actions.
Comprehensive audit logging of all administrative operations.

7. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information or biometric data from children. If we learn that we have collected information from a child under 18, we will delete that information promptly.

8. International Data Transfers

Your data may be processed in jurisdictions outside your country of residence. We ensure appropriate safeguards are in place for any international transfers of personal data in compliance with applicable data protection laws.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the effective date. Where required by law, we will seek your renewed consent for material changes to biometric data practices.

10. Contact Us

If you have questions about this Privacy Policy, wish to exercise your rights, or want to revoke your consent, please contact us at:

Email: privacy@webel.ai
Legal inquiries: legal@webel.ai

11. Jurisdiction-Specific Disclosures

Illinois Residents (BIPA)

In compliance with the Illinois Biometric Information Privacy Act (740 ILCS 14): We collect biometric identifiers (face geometry, voiceprints) and biometric information for the purpose of identity verification. We obtain your informed written consent before collection. We do not sell, lease, trade, or profit from your biometric data. Biometric data is destroyed when the purpose for collection has been satisfied or within 3 years of your last interaction, whichever comes first.

Admin accounts that enroll in face-based two-factor authentication or voice-based passwordless authentication provide a separate BIPA-compliant consent at the time of enrollment. Face and voice consent are captured and logged independently from each other and from any end-user consent. Admin biometric data (face embeddings and/or voice embeddings) is destroyed immediately upon disabling the respective authentication method or upon consent revocation. Passkey (WebAuthn) authentication is offered as a non-biometric alternative that does not require biometric consent.

California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act, including the right to know, delete, and opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact us at privacy@webel.ai.

EU/EEA Residents (GDPR)

If you are located in the EU/EEA, our legal basis for processing biometric data is your explicit consent (Article 9(2)(a) GDPR). You have the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

Document version: 2026-04-01. Last updated April 1, 2026.