Guidelines on the Use of Biometric Data

Biometric Data User refers to any person who collects or use biometric data utilizing ZKTeco’s device, hardware and software.

1. The purpose of biometric data collection

It is used to refer to any computer data that is created during a biometric process. The collected biometric data must inform to the user and are only used for time attendance and access control process.

• Lawful and fair means

Biometric templates collected from the users should be on a legal and fair basis.

• Adequate but not excessive

ZKTeco’s devices and all biometric templates stored in its management software are built with precise algorithms and may be in various methods encrypted, in order to prevent data leakage of users to the greatest extent.

2. Accuracy and Duration of Retention

ZKTeco ensures that all biometric data and personal data are stored accurately, in order to provide customers best user experience.

• Personal data not being kept longer than is necessary

ZKTeco’s hardware applies different biometric templates during operation, but all templates are not remained in the CPU of the hardware, and after users’ biometric templates are deleted in ZKTeco’s hardware and software (according to actual situation), the templates are permanently deleted and not remained in any format.

3. Use of Personal Data

Not being used for a new purpose without prescribed consent.

If data user wishes to apply the collected biometric templates to any purpose other than any use authorized, they are responsible for reintroducing to the users and obtain their consents before doing so.

4. Practicable steps being taken to ensure no unauthorized or accidental access, processing, erasure, loss, use and transfer

ZKTeco’s applied biometric algorithms do not collect complete biometric features of the collected persons, instead only 10 to 50 feature points are collected for calculation. Even if biometric templates are illegally obtained, it is not possible to reorganize them into complete biometric features. In ZKTeco’s software and hardware, various advanced electronic encryption techniques have been applied for the greatest extent of protection to data security.

5. Openness – Information be Generally Available

• Data User should provide policies and practices in relation to personal data.
• Data User should publicize the kinds of biometric data held.
• Data User should inform the main purposes for which biometric data are used.

6. Access to Personal Data

Data user should know that, all data subjects have the rights to access and correct his or her personal data.

Frequently ask question of biometric data:

I. What is Biometric Data?

Physiological data born with an individual

• DNA samples, fingerprint, palm veins, iris, retina
• Facial images and hand geometries

Behavioural data developed by an individual

• Hand writing pattern, typing rhythm, gait, voice

II. Is Biometric Data Personal Data?

Biometric data alone is not regarded as personal data according to law, as it may not reveal identities. However, if biometric data is stored in a database that links customers/staff members, they are personal data.

III. What computation speeds are required by a biometric authentication system?

Generally, computation speeds adequate for pattern recognition are required. This is about 100 million operations per second, which have been attained by affordable hardware since about 1998.