Version: 7.1.6
Last updated: 2024-07-30
ID.me will not sell, rent, or trade your Personal Information. ID.me will only transfer your Personal Information with your consent, to third parties in order to assist in verifying your identity or community eligibility, and as required for the prevention of fraud. ID.me has built rigorous security and privacy requirements into our technology from inception. We are an ethical steward of your Personal Information and are committed to supporting the following principles:
This Privacy Policy describes how ID.me and its affiliates (collectively "ID.me") collect, use and disclose certain information, including your Personal Information, both online and offline, and the choices you can make about that information. We respect your concerns about privacy, and value our relationship with each of our users, it is for this reason that ID.me will never sell, rent, or trade your Personal Information, and why we take measures to safeguard your Personal Information as we work to become the identity verification layer of the internet.
When you verify yourself using ID.me, through our mobile and online applications, use our in-person verification tools or other products and services, visit our websites, view our content, or contact our customer service (collectively, the "Services"), we may collect information from or about you. There may be additional notices about our information practices and choices for certain ID.me levels of verification, including our Biometric Information Privacy Policy. By using any of the Services, you acknowledge the data collection practices and purposes outlined in this Privacy Policy. You can learn more about ID.me and our affiliates by visiting the About ID.me section of our website, or by reviewing any of our whitepapers.
Click on each header below for more information or scroll down to read the full policy.
We collect information from and about you in connection with your use of the Services. Some of this information may be considered "Personal Information" which is information that identifies you or your device, or is reasonably associated with you. The categories of Personal Information we may collect will vary depending on the nature of the Service you choose.
We also collect, use, and disclose aggregated or de-identified information that does not reasonably identify you or your device, and is not considered Personal Information.
Information You Provide
We Collect Information You Provide to Us Which Includes:
Verification information. When you verify yourself, either individually or as part of a community, with ID.me you provide us with Personal Information that may include your name, date of birth, social security number and/or other government issued identification numbers, copies of your government issued identification card (e.g., license or passport), email address, phone number, mailing address, and certain photographic images, and biometric data. You may also be asked to provide community affiliations (e.g., Military, First Responder, Student, Veteran, etc.), memberships, educational degrees, and professional certifications.
Please note, ID.me asks that you not provide physical documentation, via mail service or otherwise, to ID.me. All documentation to be collected should be provided either through the ID.me app or website portal, or presented to a trusted referee where applicable.
Your correspondence and your feedback about our Services. We collect information you provide when you contact us directly or provide feedback, comments, or suggestions on our Services directly to us.
Information you provide when you do business with ID.me. If you are a vendor, service provider, or business partner of ID.me, we may collect information about you and the services you provide, including your or your employees' business contact information and other information you or your employees provide to us as part of the services you may provide and our agreement with you.
Information you provide offline. You may also provide information to us in person and offline. You may be recorded if you visit our offices (including by security surveillance of our premises, including CCTV).
Other information. We also collect information that relates to or is capable of being associated with you, such as age, gender, and any other information you choose to provide.
Information Collected Automatically
When using our Services we may automatically collect or receive certain information associated with you or your network device(s), such as your computer or mobile devices. This includes information about your use of our Services and your preferences. Such information may be automatically collected through device-based tracking technologies such as cookies, pixels, tags, beacons, scripts, or other technologies. For more information about cookies or other tracking technologies and the choices you have regarding the use of them, please visit our ID.me Cookie Policy.
The information we automatically collect may also include geolocation information, such as information that identifies the approximate location of your device and your IP address, which may be used to estimate your approximate location.
Information from our partners. We acquire information from other trusted sources. These business partners might include companies, such as your mobile phone carriers, certain government agencies, licensing bodies, etc. We may also collect information about you from other sources, including service providers, data licensors and aggregators, marketing companies, programming distributors, and public databases.
Information you provide through social media
If you connect to us through a social media platform or navigate to a social media platform from one of our sites, the social media platform will collect your information separately from us. You should review the social media platforms' privacy policies to understand how they are using your information and your rights in relation to such information.
Information We Derive
We may derive additional information or draw inferences about you based on the information we have collected from you directly, passively, or through third parties.
ID.me will not sell, rent, or trade your Personal Information. ID.me will only transfer your Personal Information at your request, and with your consent, for use by third parties to verify your identity or community eligibility, or as required for the prevention of fraud or otherwise permitted by law.
We may use information to provide you with our Services. We may use the information collected from or about you to authenticate and manage your identity when you create an ID.me account, including to verify attributes of your identity including, but not limited to, community affiliations (e.g., military status, first responder, student, veteran status, etc.), memberships, social media accounts, educational degrees, and professional certifications, as well as to provide you with customer support and account updates. We may use this information to verify your identity with ID.me partners in both the public and private sector at your request and perform our contractual obligations with you or to ensure that our Services function properly.
We may use Personal Information to perform reporting with our public sector customers. In order to better serve our users, and to facilitate the identity verification process, ID.me may share a limited set of Personal Information - including first name, last name, date of birth, phone number, email address, and physical address as requested by a specific state or federal government agency - on behalf of users undergoing legal identity verification for a given government agency. The reporting may result in the transfer of User Personal Information between ID.me and the originating state or federal government agency, Personal Information transferred as part of this reporting function will be in service of agency outreach to individual users concerning their status along the identity verification process, as well as to facilitate agency reporting or other administrative functions required of a given state or federal agency. Your use of ID.me for legal identity verification with a state or federal government agency constitutes consent for the use of your Personal Information in reporting between ID.me and the originating state or federal agency.
We may use information to perform our contracts with you. If ID.me enters into a contract with you, including in instances where you may be a vendor or service provider to ID.me or our business partner, we may use your information to fulfill our contractual obligations.
We may use information for marketing purposes. We may use your information to send promotional messages and newsletters via email, or otherwise alert you to products or Services we think might be of interest to you, including for ID.me Shop. You may unsubscribe from receiving marketing communications from us at any time by logging in to your account and navigating to "My Preferences" to manage your subscriptions.
Please note, if you are using ID.me Services in connection with legal identity verification for a state or federal government agency, or in association with Electronic Prescriptions for Controlled Substance Services, we will not use any Personal Information provided as part of your verification for any type of marketing or promotional purposes related to ID.me Shop without your consent, or unless you otherwise use your ID.me credential for verification with any ID.me customer who is not a state or federal government agency customer, use your ID.me account in connection with ID.me Shop, ID.me Jobs, or ID.me Rx, or otherwise opt-in to receiving marketing communications from ID.me.
We may use information to improve our Services. We use your information to monitor and improve the operation, delivery, and general accessibility of our Services. This may also include conducting internal research and development of our Services.
We may use information to maintain the safety and security of our Services. We may use your information to protect the rights and property of ID.me and others, and to comply with our legal obligations including to detect, investigate, and prevent fraud and other illegal activities and to enforce our agreements.
We may use information as otherwise permitted by law. We may use your information to resolve disputes, enforce our agreements, and as otherwise permitted or required by law.
We may use your Biometric Information. We may use your Biometric Information to verify your identity for certain partners, such as the Internal Revenue Service (IRS) or various other federal or state agencies (e.g., Department of Labor or Division of Unemployment Benefits), as well as to detect and help prevent fraud. We also may use the information in other ways with your consent, such as when you choose to use a Service or participate in a program we may offer jointly with another entity. We will never sell, rent, or trade your Biometric Information.
For additional information on how ID.me collects an, uses, and protects your Biometric Information, please see our Biometric Information Privacy Policy.
Additional Information regarding the Service Member Civil Relief Act (SCRA). In order to better serve members of America's Armed Forces and other personnel covered by the Service Members Civil Relief Act (SCRA) (50 U.S.C. App. 501 et. seq.), ID.me provides services to Financial Services companies and third party websites in order to facilitate their compliance with the provisions of SCRA. By joining ID.me, you agree that ID.me may use your Personal Information in order to assist Financial Services companies and third party websites so they may determine your eligibility or your family member's eligibility for SCRA benefits and protections. ID.me may periodically use your Personal Information to confirm your SCRA eligibility or your family member's eligibility at a later point in time to inform third parties of any changes so they may determine continued eligibility for SCRA benefits and protections. Sources of this information may include, but are not limited to, publicly available websites, physical documentation, financial information, ID.me's network or third parties that have a relationship with ID.me.
The scope of ID.me's SCRA services includes all individuals protected by the SCRA (i.e. personnel serving in the United States Armed Forces, commissioned officers of the Public Health Service and the National Oceanic and Atmospheric Administration, U.S. citizens serving with the armed forces of nations allied with the United States, and, where applicable according to federal or state laws and regulations, dependents and family members of an individual protected under the SCRA.
ID.me will not sell, rent, or trade your Personal Information. ID.me will only transfer your Personal Information at your request, and with your consent, for use by third parties to verify your identity or community eligibility, or as required for the prevention of fraud or otherwise permitted by law.
We may share your Personal Information with entities necessary to validate your ID.me Account and provide our Services to you. In order to verify your identity and eligibility to receive discounts and other benefits from our partners and other service providers, we may provide your Personal Information to third parties such as government agencies, telecommunications networks, financial institutions or other trusted and reliable sources of information. Our provision of your Personal Information to the foregoing parties is solely to verify your identity and eligibility for ID.me Services. We have established relationships with Registration Authorities similar to the entities described above whereby the Personal Information you provide to us will be transmitted to them using industry standard encryption tools, designed to protect such information from unauthorized access.
We may share your information in connection with a corporate transaction. We may disclose or transfer your information as part of, or during negotiations for, any purchase, sale, lease, merger, or any other type of acquisition, disposal, or financing involving our brands.
We may share information with third parties who perform services on our behalf. We may share your information with unaffiliated companies or individuals we hire or work with that provide us with professional advice, business support, or perform services on our behalf, including customer support, web hosting, information technology, payment processing, direct mail and email distribution, and administration, and analytics services. These Service Providers are allowed to use your information to help us provide our Services and not for any other purpose.
We may share information as needed in order to comply with legal processes, to protect ourselves, or improve our Services. For example, we will share information when it is necessary for us to comply with applicable law or legal process, to respond to legal claims, to prevent fraud, or to protect our rights or the property or personal safety of our users, employees, or the public.
We also use third party service providers to track and analyze website usage and volume statistical information to administer our Website and constantly improve its quality.
We may share information as required with the United States federal government and certain state governments. ID.me does not provide any government with direct and unfettered access to our user's data, and we do not provide any government with our encryption keys or the ability to break our encryption. We may share certain Personal Information associated with an ID.me account with government entities where we reasonably believe that account may be engaging in fraud.
If a government entity requires additional information related to an ID.me account, whether related to a suspected instance of fraud or otherwise, it must follow applicable legal processes. It must serve us with a subpoena, warrant, or present other legally compelling justification for the additional information associated with the account, the request must be targeted and specific in nature.
Our legal and compliance teams review all requests to ensure they are valid, reject those that are not valid, and only provide the data specified in the subpoena or similar court order.
You have certain choices about how we use your information, including how your Personal Information is shared.
Close your ID.me Account. You may close your ID.me account at any time, by choosing to close your ID.me account you are directing ID.me to deactivate your identity credential and to purge the associated data from active use in our databases. Please note, however, that ID.me does retain account history (e.g., events, logins, and transactions) as well as verification history (e.g., community, vaccine, or identity details including documentation and data elements used for verification) for up to three (3) years.
Deleting your selfie image and Biometric Information. Users who have created an account requiring submission of a selfie image, and who consented to the collection of the associated Biometric Information, may request the deletion of both the selfie image and Biometric Information by submitting a request through the ID.me "Privacy Rights Center" which is accessible via a link at the bottom of our Website, or under the "Privacy" setting in your account. Deletion of the selfie image and associated Biometric Information may take up to seven (7) days and will not impact the validity of your credential or verified status. ID.me reserves the right to retain this information as needed to comply with our legal obligations or to help prevent fraud.
Opt out from receiving marketing emails. To stop receiving our promotional emails, follow the instructions in any marketing email you get from us. When applicable, you can also change your preferences in your account. Even if you opt out of getting marketing emails, we are permitted to send you transactional messages. For example, we may still contact you about your use of our Services or any changes to our policies or Terms of Service.
Change or update the information you have given us. If you have verified yourself and created an ID.me account, then you can correct or delete certain information or update your verification information by logging into your account and following the instructions or by contacting the member support team.
Control cookies and tracking tools. To learn how we‚ and our vendors‚ use cookies and other tracking tools, please visit the ID.me Cookie Policy.
Ad Choices. We, our affiliates, and any associated third parties may collect information on our Services to help alert you to products and Services that may be relevant to your interests. This is known as interest-based advertising. We rely on third parties who collect information on the Services to provide opt-outs or other controls to you. For more information on how to opt-out of receiving interest-based advertising on desktop and mobile websites, please visit:
Accessing and updating your Personal Information. We believe that you should have the ability to access and edit the Personal Information you provide us. You may change any of your Personal Information by logging into your account and accessing the "My Account" section of the site.
You may update your Personal Information by sending us an email at [email protected]. Please indicate your name, address and email address, and what information you would like to update when you contact us.
We encourage you to promptly update your Personal Information if it changes. You may also ask to have the information on your account deleted or removed from active use in our databases; however, we may retain certain information if required by law or by certain credential providers (e.g., the National Institute for Standards and Technology), contractual obligation, or for internal use by ID.me in the prevention of fraud.
This Privacy Policy applies only to ID.me and our Services. This Privacy Policy only addresses the use and disclosure of information we collect from you on www.ID.me. Other websites, including third party websites, may be accessible through this Website have their own privacy policies and data collection, use and disclosure practices. If you link to any such website, we urge you to review such website's Privacy Policy. We are not responsible for the policies or practices of third parties.
We use reasonable security measures. We are committed to protecting your information. We have adopted technical, administrative, and physical security procedures to help protect your information from loss, misuse, unauthorized access, and alteration. Please note that no data transmission or storage can be guaranteed to be 100% secure.
To safeguard certain sensitive information (such as biometric information and government-issued identification information), we implement security measures such as encryption, firewalls, and intrusion detection and prevention systems.
In addition, the following are examples of security measures that are used to safeguard all types of Personal Information we maintain about our consumers:Personal Information will be retained until we have fulfilled our legal, contractual and policy obligations. ID.me stores your Personal Information for as long as needed, or permitted, based on the reason why we obtained it (consistent with applicable law and contractual obligations). This means we may retain your Personal Information even after you close your account with us, for up to three (3) years. Users may request that ID.me delete certain Personal Information at any time at account.ID.me or through our Privacy Rights Center, where applicable. We acknowledge all such requests, however we reserve the right to retain data tied to certain high-risk transactions, particularly in government and healthcare settings, exclusively for fraud prevention and government audit purposes.
ID.me aligns to the National Archives recommended guidelines for data retention when supporting government agencies. Personal Information provided by users in connection with a public sector agency as part of their verification may be retained for up to three (3) years after account closure, unless applicable regulations require a shorter retention period.
Selfie Image and Associated Biometric Information. Certain pieces of Personal Information, such as a selfie image and the associated Biometric Information submitted by users for certain types of verification Services, are retained in line with ID.me's obligations to our partners, with the specific retention periods determined by the first partner with whom a user first verifies their identity (e.g., IRS, Dept. of Veterans Affairs, etc.) Certain partners may require this information to be purged within twenty-four (24) hours following a successful verification, other partners may require a longer retention period, but under no circumstances will ID.me retain this information for longer than thirty-six (36) months absent a subpoena, warrant, or other legally compelling justification.
While we store your Personal Information, we use approved industry-recognized encryption methods to protect it from unauthorized access. Likewise, when we destroy your Personal Information, we use industry-recognized methods to affect such destruction.
We do not knowingly collect information from minors. Minors under the age of 18 may not use the Website. We do not knowingly collect Personal Information from anyone under the age of 18, and no part of the Website is designed to attract anyone under the age of 18. Because we do not intentionally collect any information from children under the age of 18, we also do not knowingly distribute such information to third parties. If you have reason to believe that a child under 18 years of age has provided us with information, please contact us at [email protected] and we will immediately delete such information, subject to and in compliance with applicable law.
Residents of California, Connecticut, Colorado, Utah, or Virginia. Pursuant to the respective regulations in the abovementioned states, residents of the above-mentioned states may be entitled to additional rights and disclosures regarding their Personal Information. Please see our Notice Regarding US State Privacy Rights for additional information regarding these disclosures and how to exercise your rights.
This Website is hosted in the United States. If you are a User accessing our Website from Europe, please review the ID.me Notice to Residents of the EU and UK. For Users from Australia, Asia, or any other region with laws or regulations governing personal data collection, use, and disclosure, that differ from law in the United States, you are transferring your Personal Information to the United States which may not have the same data protection protections as other regions. By providing your information to ID.me or visiting the Website, you are consenting to the transfer of your information to the United States for processing and maintenance in accordance with this Privacy Policy and our Terms of Service. You are also consenting to the application of Delaware law and controlling U.S. Federal law in all matters concerning your use of the Website and ID.me Service.
ID.me will not sell, rent, or trade your Personal Information. ID.me will only transfer your Personal Information at your request, and with your consent, for use by third parties to verify your identity or community eligibility, or as required for the prevention of fraud or otherwise permitted by law.
ID.me may collect Biometric Information from some users as required by the National Institute of Standards and Technology verification standards. Some ID.me partners, such as the IRS and certain state agencies, may require ID.me to verify the identity of an individual to a higher level of certainty as required by the National Institute of Standards and Technology (NIST) guidelines. For additional information regarding what Biometric Information we collect, and how this information may be used, please see our Biometric Information Privacy Policy.
Certificates of Confidentiality. If you are a User who verified your identity as part of your Participation in the All of Us Research Program, or other eligible NIH-supported research programs, certain of your Personal information may be protected under Certificates of Confidentiality. Please find additional information here.
This Privacy Policy may be periodically updated. This Privacy Policy may be updated periodically to reflect new ID.me features or changes in our Personal Information practices. We will post a notice for consumers at the top of this Privacy Policy of any significant changes. We will indicate at the top of the Privacy Policy when the policy was most recently updated.
ID.me, including ID.me Rx, will not sell, rent, or trade your Personal Information. ID.me will only transfer your Personal Information at your request, and with your consent, for use by third parties to verify your identity or community eligibility, or as required for the prevention of fraud or otherwise permitted by law.
Use of this Service requires the creation of an ID.me Rx Account. To understand more about ID.me Rx, please review the ID.me Rx Terms of Service. Through your use of ID.me Rx you consent to ID.me collecting your health information and you understand that ID.me Rx is not subject to the Health Insurance Portability and Accountability Act (HIPAA) when it collects and processes this information.
Information collected through ID.me Rx. We may collect information from or about you in several ways through your use of ID.me Rx and other ID.me Services, including when you choose to share information with us by entering it through our Services, through the postings that you may make, through healthcare providers, through data partners and ID.me Rx Plan Administrators, through your pharmaceutical purchases when using the Services, through pharmacy benefit managers, and by using automated processes. This information includes health information about you relating to your use of ID.me Rx, such as the prescriptions purchased, pricing and discounts obtained, the prescribing physician, the location of the pharmacy at which the prescriptions are purchased, and details about how you use and interact with ID.me Rx.
We may use information to provide you with our ID.me Rx Services. We may use the information collected from or about you to provide you with the services requested, to facilitate your obtaining discount pricing on prescriptions, and to provide you information that may be of interest to you, such as services information, newsletters, and special offers. We may also use the information that we collect to customize your experience on our Services, to provide customer support, and to enforce the ID.me Rx Terms of Service.
We may share information with third parties who perform services on our behalf. We may share your information with unaffiliated companies or individuals we hire or work with that provide us with professional advice, business support, or perform services on our behalf, including customer support, web hosting, information technology, payment processing, direct mail and email distribution, and administration, and analytics services. These Service Providers are allowed to use your information to help us provide our Services and not for any other purpose. When using ID.me Rx you will share, directly with your pharmacy or other third parties at your discretion, your ID.me Rx Card details in order to obtain applicable discounts. The information you share in your use of ID.me Rx will be subject to the applicable policies and terms provided by those third-parties.
Close your ID.me Rx Account. You may close your ID.me Rx account at any time By choosing to close your ID.me Rx account you are directing ID.me to deactivate your ID.me Rx member ID and to de-identify the data stored in ID.me Rx relating to your use of the Services. Closing your ID.me Rx account does not require the closure of your ID.me account. To the extent that you shared your ID.me Rx Card details with a pharmacy or third-party and they were integrated into your profile and/or account with that third-party, you are responsible for updating and removing any ID.me Rx Card information.
Whether you're a new or loyal customer, marketer, publisher, media member or job seeker we'd like to stay connected and want to hear from you!
Corporate Address. ID.me, Inc. 8280 Greensboro Drive, Suite 800 McLean, VA 22102
For Users and Customers. Member Service Inquiries may be directed to our support team.
For Legal Notices. Legal notices may be directed to [email protected].
Copyright © 2023 ID.me, Inc. All rights reserved.