NEW! Read our updated Privacy Policy and Biometrics Policy
Our Promise: Providing Secure, Equitable Access. Learn More
Version: 6.4.0
Last updated: 2022-03-14
ID.me will not sell, rent, or trade your Personal Information. ID.me will only transfer your Personal Information at your request, and with your consent, for use by third parties to verify your identity or group eligibility, and as required for the prevention of fraud. ID.me has built rigorous security and privacy requirements into our technology from inception. We are an ethical steward of your Personal Information and are committed to supporting the following principles:
This Privacy Policy describes how ID.me and its affiliates (collectively “ID.me”) collect, use and disclose certain information, including your Personal Information, both online and offline, and the choices you can make about that information. We respect your concerns about privacy, and value our relationship with each of our users – it is for this reason that ID.me will never sell, rent, or trade your Personal Information, and why we take measures to safeguard your Personal Information as we work to become the identity verification layer of the internet.
When you verify yourself using ID.me, through our mobile and online applications, use our in-person verification tools or other products and services, visit our websites, view our content, or contact our customer service (collectively, the “Services”), we may collect information from or about you. There may be additional notices about our information practices and choices for certain ID.me levels of verification, including our Biometric Information Privacy Policy. By using any of the Services, you acknowledge the data collection practices and purposes outlined in this Privacy Policy. You can learn more about ID.me and our affiliates by visiting the About ID.me section of our website, or by reviewing any of our whitepapers.
Click on each header below for more information or scroll down to read the full policy.
We collect information from and about you in connection with your use of the Services. Some of this information may be considered “Personal Information” which is information that identifies you or your device, or is reasonably associated with you. The categories of Personal Information we may collect will vary depending on the nature of the Service you choose.
We also collect, use, and disclose aggregated or de-identified information that does not reasonably identify you or your device, and is not considered Personal Information.
Information You Provide
We Collect Information You Provide to Us Which Includes:
Verification information. When you verify yourself, either individually or as part of a group, with ID.me you provide us with Personal Information that may include your name, date of birth, social security number and/or other government issued identification numbers, copies of your government issued identification card (e.g., license or passport), email address, phone number, mailing address, and certain photographic images, and biometric data. You may also be asked to provide group affiliations (e.g., Military, First Responder, Student, Veteran, etc.), memberships, educational degrees, and professional certifications.
Please note, ID.me asks that you not provide physical documentation, via mail service or otherwise, to ID.me. All documentation to be collected should be provided either through the ID.me app or website portal, or presented to a trusted referee where applicable.
Your correspondence and your feedback about our Services. We collect information you provide when you contact us directly or provide feedback, comments, or suggestions on our Services directly to us.
Information you provide when you do business with ID.me. If you are a vendor, service provider, or business partner of ID.me, we may collect information about you and the services you provide, including your or your employees’ business contact information and other information you or your employees provide to us as part of the services you may provide and our agreement with you.
Information you provide offline. You may also provide information to us in person and offline. You may be recorded if you visit our offices (including by security surveillance of our premises, including CCTV).
Other information. We also collect information that relates to or is capable of being associated with you, such as age, gender, and any other information you choose to provide.
Information Collected Automatically
When using our Services we may automatically collect or receive certain information associated with you or your network device(s), such as your computer or mobile devices. This includes information about your use of our Services and your preferences. Such information may be automatically collected through device-based tracking technologies such as cookies, pixels, tags, beacons, scripts, or other technologies. For more information about cookies or other tracking technologies and the choices you have regarding the use of them, please visit our ID.me Cookie Policy.
The information we automatically collect may also include geolocation information, such as information that identifies the approximate location of your device and your IP address, which may be used to estimate your approximate location.
Information from our partners. We acquire information from other trusted sources. These business partners might include companies, such as your mobile phone carriers, certain government agencies, licensing bodies, etc. We may also collect information about you from other sources, including service providers, data licensors and aggregators, marketing companies, programming distributors, and public databases.
Information you provide through social media
If you connect to us through a social media platform or navigate to a social media platform from one of our sites, the social media platform will collect your information separately from us. You should review the social media platforms’ privacy policies to understand how they are using your information and your rights in relation to such information.
Information We Derive
We may derive additional information or draw inferences about you based on the information we have collected from you directly, passively, or through third parties.
ID.me will not sell, rent, or trade your Personal Information. ID.me will only transfer your Personal Information at your request, and with your consent, for use by third parties to verify your identity or group eligibility, or as required for the prevention of fraud or otherwise permitted by law.
We may use information to provide you with our Services. We may use the information collected from or about you to authenticate and manage your identity when you create an ID.me account, including to verify attributes of your identity including, but not limited to, group affiliations (e.g., military status, first responder, student, veteran status, etc.), memberships, social media accounts, educational degrees, and professional certifications, as well as to provide you with customer support and account updates. We may use this information to verify your identity with ID.me partners in both the public and private sector at your request and perform our contractual obligations with you or to ensure that our Services function properly.
We may use information to perform our contracts with you. If ID.me enters into a contract with you, including in instances where you may be a vendor or service provider to ID.me or our business partner, we may use your information to fulfill our contractual obligations.
We may use information for marketing purposes. If you have opted into receiving marketing communications, then we may use your information to send promotional messages and newsletters via email, or otherwise alert you to products or Services we think might be of interest to you, including for the ID.me Shop. You may unsubscribe from receiving marketing communications from us at any time by logging in to your account and navigating to “My Preferences” to manage your subscriptions.
Please note, if you are using ID.me Services in connection with legal identity verification for a state or federal government agency we will not use any Personal Information provided as part of your verification for any type of marketing or promotional purposes.
We may use information to improve our Services. We use your information to monitor and improve the operation, delivery, and general accessibility of our Services. This may also include conducting internal research and development of our Services.
We may use information to maintain the safety and security of our Services. We may use your information to protect the rights and property of ID.me and others, and to comply with our legal obligations including to detect, investigate, and prevent fraud and other illegal activities and to enforce our agreements.
We may use information as otherwise permitted by law. We may use your information to resolve disputes, enforce our agreements, and as otherwise permitted or required by law.
We may use your Biometric Information. We may use your Biometric Information to verify your identity for certain partners, such as the Internal Revenue Service (IRS) or various other federal or state agencies (e.g., Department of Labor or Division of Unemployment Benefits), as well as to detect and help prevent fraud. We also may use the information in other ways with your consent, such as when you choose to use a Service or participate in a program we may offer jointly with another entity. We will never sell, rent, or trade your Biometric Information.
For additional information on how ID.me collects an, uses, and protects your Biometric Information, please see our Biometric Information Privacy Policy.
Additional Information regarding the Service Member Civil Relief Act (SCRA). In order to better serve members of America’s Armed Forces and other personnel covered by the Service Members Civil Relief Act (SCRA) (50 U.S.C. App. 501 et. seq.), ID.me provides services to Financial Services companies and third party websites in order to facilitate their compliance with the provisions of SCRA. By joining ID.me, you agree that ID.me may use your Personal Information in order to assist Financial Services companies and third party websites so they may determine your eligibility or your family member’s eligibility for SCRA benefits and protections. ID.me may periodically use your Personal Information to confirm your SCRA eligibility or your family member’s eligibility at a later point in time to inform third parties of any changes so they may determine continued eligibility for SCRA benefits and protections. Sources of this information may include, but are not limited to, publicly available websites, physical documentation, financial information, ID.me’s network or third parties that have a relationship with ID.me.
The scope of ID.me’s SCRA services includes all individuals protected by the SCRA (i.e. personnel serving in the United States Armed Forces, commissioned officers of the Public Health Service and the National Oceanic and Atmospheric Administration, U.S. citizens serving with the armed forces of nations allied with the United States, and, where applicable according to federal or state laws and regulations, dependents and family members of an individual protected under the SCRA.
ID.me will not sell, rent, or trade your Personal Information. ID.me will only transfer your Personal Information at your request, and with your consent, for use by third parties to verify your identity or group eligibility, or as required for the prevention of fraud or otherwise permitted by law.
We may share your Personal Information with entities necessary to validate your ID.me Account and provide our Services to you. In order to verify your identity and eligibility to receive discounts and other benefits from our partners and other service providers, we may provide your Personal Information to third parties such as government agencies, telecommunications networks, financial institutions or other trusted and reliable sources of information. Our provision of your Personal Information to the foregoing parties is solely to verify your identity and eligibility for ID.me Services. We have established relationships with Registration Authorities similar to the entities described above whereby the Personal Information you provide to us will be transmitted to them using industry standard encryption tools, designed to protect such information from unauthorized access.
We may share your information in connection with a corporate transaction. We may disclose or transfer your information as part of, or during negotiations for, any purchase, sale, lease, merger, or any other type of acquisition, disposal, or financing involving our brands.
We may share information with third parties who perform services on our behalf. We may share your information with unaffiliated companies or individuals we hire or work with that provide us with professional advice, business support, or perform services on our behalf, including customer support, web hosting, information technology, payment processing, direct mail and email distribution, and administration, and analytics services. These Service Providers are allowed to use your information to help us provide our Services and not for any other purpose.
We may share information as needed in order to comply with legal processes, to protect ourselves, or improve our Services. For example, we will share information when it is necessary for us to comply with applicable law or legal process, to respond to legal claims, to prevent fraud, or to protect our rights or the property or personal safety of our users, employees, or the public.
We also use third party service providers to track and analyze website usage and volume statistical information to administer our Website and constantly improve its quality.
We may share information as required with the United States federal government and certain state governments. ID.me does not provide any government with direct and unfettered access to our user’s data, and we do not provide any government with our encryption keys or the ability to break our encryption. We may share certain Personal Information associated with an ID.me account with government entities where we reasonably believe that account may be engaging in fraud.
If a government entity requires additional information related to an ID.me account, whether related to a suspected instance of fraud or otherwise, it must follow applicable legal processes. It must serve us with a subpoena, warrant, or present other legally compelling justification for the additional information associated with the account, the request must be targeted and specific in nature.
Our legal and compliance teams review all requests to ensure they are valid, reject those that are not valid, and only provide the data specified in the subpoena or similar court order.
You have certain choices about how we use your information, including how your Personal Information is shared.
Close your ID.me Account. You may close your ID.me account at any time, by choosing to close your ID.me account you are directing ID.me to deactivate your identity credential and to purge the associated data from active use in our databases. Please note, however, that ID.me does retain account history (e.g., events, logins, and transactions) as well as verification history (e.g., group, vaccine, or identity details including documentation and data elements used for verification) for up to three (3) years.
Deleting your selfie image and Biometric Information. Users who have created an account requiring submission of a selfie image, and who consented to the collection of the associated Biometric Information, may request the deletion of both the selfie image and Biometric Information by submitting a request through the ID.me “Privacy Rights Center” which is accessible via a link at the bottom of our Website, or under the “Privacy” setting in your account. Deletion of the selfie image and associated Biometric Information may take up to seven (7) days and will not impact the validity of your credential or verified status. ID.me reserves the right to retain this information as needed to comply with our legal obligations or to help prevent fraud.
Opt out from receiving marketing emails. To stop receiving our promotional emails, follow the instructions in any marketing email you get from us. When applicable, you can also change your preferences in your account. Even if you opt out of getting marketing emails, we are permitted to send you transactional messages. For example, we may still contact you about your use of our Services or any changes to our policies or Terms of Service.
Change or update the information you have given us. If you have verified yourself and created an ID.me account, then you can correct or delete certain information or update your verification information by logging into your account and following the instructions or by contacting the member support team.
Control cookies and tracking tools. To learn how we—and our vendors—use cookies and other tracking tools, please visit the ID.me Cookie Policy.
Ad Choices. We, our affiliates, and any associated third parties may collect information on our Services to help alert you to products and Services that may be relevant to your interests. This is known as interest-based advertising. We rely on third parties who collect information on the Services to provide opt-outs or other controls to you. For more information on how to opt-out of receiving interest-based advertising on desktop and mobile websites, please visit:
Accessing and updating your Personal Information. We believe that you should have the ability to access and edit the Personal Information you provide us. You may change any of your Personal Information by logging into your account and accessing the “My Account” section of the site.
You may update your Personal Information by sending us an email at help@id.me. Please indicate your name, address and email address, and what information you would like to update when you contact us.
We encourage you to promptly update your Personal Information if it changes. You may also ask to have the information on your account deleted or removed from active use in our databases; however, we may retain certain information if required by law or by certain credential providers (e.g., the National Institute for Standards and Technology), contractual obligation, or for internal use by ID.me in the prevention of fraud.
This Privacy Policy applies only to ID.me and our Services. This Privacy Policy only addresses the use and disclosure of information we collect from you on www.ID.me. Other websites, including third party websites, may be accessible through this Website have their own privacy policies and data collection, use and disclosure practices. If you link to any such website, we urge you to review such website’s Privacy Policy. We are not responsible for the policies or practices of third parties.
We use reasonable security measures. We are committed to protecting your information. We have adopted technical, administrative, and physical security procedures to help protect your information from loss, misuse, unauthorized access, and alteration. Please note that no data transmission or storage can be guaranteed to be 100% secure.
To safeguard certain sensitive information (such as biometric information and government-issued identification information), we implement security measures such as encryption, firewalls, and intrusion detection and prevention systems.
In addition, the following are examples of security measures that are used to safeguard all types of Personal Information we maintain about our consumers:Personal Information will be retained until we have fulfilled our legal, contractual and policy obligations. ID.me stores your Personal Information for as long as needed, or permitted, based on the reason why we obtained it (consistent with applicable law and contractual obligations). This means we may retain your Personal Information even after you close your account with us, for up to three (3) years. Users may request that ID.me delete certain Personal Information at any time at account.ID.me or through our Privacy Rights Center, where applicable. We acknowledge all such requests, however we reserve the right to retain data tied to certain high-risk transactions, particularly in government and healthcare settings, exclusively for fraud prevention and government audit purposes.
ID.me aligns to the National Archives recommended guidelines for data retention when supporting government agencies. Personal Information provided by users in connection with a public sector agency as part of their verification may be retained for up to three (3) years after account closure, unless applicable regulations require a shorter retention period.
Selfie Image and Associated Biometric Information. Certain pieces of Personal Information, such as a selfie image and the associated Biometric Information submitted by users for certain types of verification Services, are retained in line with ID.me’s obligations to our partners, with the specific retention periods determined by the first partner with whom a user first verifies their identity (e.g., IRS, Dept. of Veterans Affairs, etc.) Certain partners may require this information to be purged within twenty-four (24) hours following a successful verification, other partners may require a longer retention period, but under no circumstances will ID.me this retain information for longer than thirty-six (36) months absent a subpoena, warrant, or other legally compelling justification.
While we store your Personal Information, we use approved industry-recognized encryption methods to protect it from unauthorized access. Likewise, when we destroy your Personal Information, we use industry-recognized methods to affect such destruction.
We do not knowingly collect information from minors. Minors under the age of 18 may not use the Website. We do not knowingly collect Personal Information from anyone under the age of 18, and no part of the Website is designed to attract anyone under the age of 18. Because we do not intentionally collect any information from children under the age of 18, we also do not knowingly distribute such information to third parties. If you have reason to believe that a child under 18 years of age has provided us with information, please contact us at support@id.me and we will immediately delete such information, subject to and in compliance with applicable law.
Residents of California. Pursuant to the California Consumer Privacy Act of 2018 (CCPA), residents of California are entitled to additional rights and disclosures regarding their Personal Information. Please see our Notice to California Residents for additional information regarding these disclosures and how to exercise your rights.
This Website is hosted in the United States. If you are a User accessing our Website from Europe, Australia, Asia, or any other region with laws or regulations governing personal data collection, use, and disclosure, that differ from United States’ laws, you are transferring your Personal Information to the United States which does not have the same data protection laws as such other regions. By providing your information to the Website, you are consenting to the transfer of your information to the United States for processing and maintenance in accordance with this Privacy Policy and our Terms of Service. You are also consenting to the application of Delaware law and controlling U.S. Federal law in all matters concerning the Website and ID.me Service.
ID.me will not sell, rent, or trade your Personal Information. ID.me will only transfer your Personal Information at your request, and with your consent, for use by third parties to verify your identity or group eligibility, or as required for the prevention of fraud or otherwise permitted by law.
ID.me may collect Biometric Information from some users as required by the National Institute of Standards and Technology verification standards. Some ID.me partners, such as the IRS and certain state agencies, may require ID.me to verify the identity of an individual to a higher level of certainty as required by the National Institute of Standards and Technology (NIST) guidelines. For additional information regarding what Biometric Information we collect, and how this information may be used, please see our Biometric Information Privacy Policy.
This Privacy Policy may be periodically updated. This Privacy Policy may be updated periodically to reflect new ID.me features or changes in our Personal Information practices. We will post a notice for consumers at the top of this Privacy Policy of any significant changes. We will indicate at the top of the Privacy Policy when the policy was most recently updated.
Whether you’re a new or loyal customer, marketer, publisher, media member or job seeker we’d like to stay connected and want to hear from you!
Corporate Address. ID.me, Inc. 8280 Greensboro Drive, Suite 800 McLean, VA 22102
For Users and Customers. Member Service Inquiries may be directed to help@id.me.
For Legal Notices. Legal notices may be directed to legal@id.me.
Copyright © 2022 ID.me, Inc. All rights reserved.
This site uses cookies to store information on your computer, which provides functionality to our site and assists in providing our service. For more information see our Cookie Policy here. Please click "I Accept" to agree to our use of cookies.