GDPR (the General Data Protection Regulation) is the European Union’s legal framework for protection of personal information.
Here is how Post Office EasyID puts into practice several key GDPR principles and requirements.
- Privacy by design: EasyID offers out-of-the-box identity verification, authentication and login. It’s a single privacy-by-design solution that allows you to set up your identity once and then only share the relevant aspects of that identity with peers and organisations.
- Data minimisation: EasyID extracts the individual details from your ID document so they are available to share when needed. This means you only share what’s necessary, not the entire contents of your ID document.
- Security: EasyID’s security-by-design stores data in Yoti's Tier 3 data centres so your data isn’t at risk if you lose your phone. Each data type (such as name, date of birth, photo) is held separately and encrypted in secure servers which means that there is no way of combining the data to build a full profile. It also means no one has any access to your details except you, as only you have the decryption key to bring your data together. As long as you set up the ‘recovery’ step, you can still recover your account and your data even if you lose your phone.
- Transparency: As you set up and use the app, we set out what information we’re asking for and why. Also, when you use EasyID to share identity details with a third party, we clearly present you with the details requested, and you choose whether to share them. Both you and the third party get a receipt showing what data was shared and when. The setup for an organisation to request details from you using EasyID allows them to provide you with their privacy information.
- Your rights: All the information in your EasyID is added by you so you can see it at any time. You can also download your identity details and the receipts provide an audit trail of what information you shared, with who, and when. You can delete your account at any time in the account settings, which you can find in the ‘More’ tab.
- EasyID provides a quick, online, privacy friendly and secure identity verification solution without requiring the collection and storage of copies of ID and other personal documents.
If you have more questions, you can check our dedicated GDPR page here. Or you can contact customer support.