Biometrics Policy
Last Updated: July 6, 2026
Download PDFWhat is the purpose of this policy?
This biometrics policy (“Biometrics Policy”) explains how Ropes AI Inc. (“Ropes,” “we,” or “our,” and/or “us”) collects, uses, shares, retains, and destroys your Biometric Data in connection with our identity verification and assessment-integrity processes. “Biometric Data” includes: (i) “Biometric Identifiers,” which are data generated by measurements of your biological characteristics, such as your retina or iris scan, fingerprint, voiceprint, or a scan of your hand or face geometry; and (ii) “Biometric Information,” which is information based on a Biometric Identifier that can be used to identify you.
Please review this policy carefully. By agreeing to our collection of your Biometric Data, you consent to the collection, use, sharing, and retention of your Biometric Data as described in this Biometrics Policy.
What Biometric Data is processed, and by whom?
Two types of Biometric Data are processed, in two separate contexts:
- Identity verification (processed by Veriff, not us). Face geometry, derived from your government-issued identification and a photo of you, used to confirm your identity. This Biometric Data is collected and processed by our service provider, Veriff. We receive only the verification result.
- Assessment-integrity monitoring (processed by us). Facial and eye geometry, derived from your webcam, used to estimate where you are looking on screen during your assessment.
How do we collect it?
Identity verification. We use a service provider, Veriff, to assist with identity verification. Veriff extracts your face geometry from the government-issued identification document and photo that you provide when you undergo identity verification with Ropes. This Biometric Data is collected directly by Veriff, and we receive only the verification result.
Assessment-integrity monitoring. During your assessment, we use your webcam to estimate where you are looking on screen. To do this, our systems briefly process your facial and eye geometry to calculate a gaze position. We delete the facial and eye geometry as soon as a gaze position is calculated and retain only the resulting gaze positions.
How do we use and share it?
Identity verification. Your Biometric Data is directly collected and used by our third-party service provider, Veriff, to confirm your identity. Veriff’s collection and use of your Biometric Data is described in Veriff’s Privacy Notice, which you can find here: https://www.veriff.com/privacy-notice.
Assessment-integrity monitoring. We use the facial and eye geometry described above solely to calculate gaze positions for the purpose of confirming assessment integrity. We do not use this Biometric Data to identify you for any other purpose, and do not sell your Biometric Data. We may share gaze positions and related assessment-integrity information with the customer on whose behalf the assessment is administered, and with service providers acting on our behalf, consistent with our Privacy Policy.
How long do we retain your Biometric Data?
Identity Verification. We do not receive or store the face geometry used for identity verification. Our service provider, Veriff, retains that Biometric Data in accordance with its own retention policy.
Assessment-Integrity Monitoring. We delete the facial and eye geometry used to calculate gaze immediately after a gaze position is calculated. Ropes retains the resulting gaze positions for 1 year. We will permanently destroy your Biometric Data when the initial purpose for collecting it has been satisfied or within 3 years of your last interaction, whichever occurs first.
Webcam Video. Separately from the gaze processing described above, we record and store your webcam video for up to one year so that human reviewers can review your assessment session. This video is used only for human review and is not used to generate a Biometric Identifier or to identify you biometrically.
What happens to your Biometric Data at the end of the retention period?
Ropes (and, for identity verification, Veriff) performs a permanent deletion of Biometric Data at the end of the applicable retention period such that it cannot be recovered or reconstructed.
Additional Privacy Disclosures
For more information about how we collect, use, and share your personal information, please review our Privacy Policy available at https://www.ropes.ai/privacy.