Privacy Policy

JAM ID Privacy Policy

1. Introduction

Welcome to JAM ID. Your privacy and the control over your personal information are at the core of everything we do. This Privacy Policy explains how JAM ID (“JAM ID,” “we,” “us,” or “our”) handles information in connection with your use of the JAM ID platform, including the JAM ID Wallet, iJAM Coin, our websites, mobile applications, APIs, and all related services (collectively, the “Services”).

This policy is built on the principle of Self-Sovereign Identity (SSI). Our goal is to empower you, the User, to manage your own identity data with maximum security and minimal disclosure.

2. Our Core Privacy Philosophy

  • You Are in Control: You own and control your personal data. Your sensitive identity information is stored encrypted in your JAM ID Wallet, on your device, not on our servers.
  • Data Minimization: We collect only the minimum information necessary to create your verified credential and provide the Services.
  • Privacy by Design: Our systems are engineered to protect your privacy. We use technologies like on-device storage, selective disclosure, and cryptographic hashes to ensure personal data is not exposed unnecessarily.
  • Transparency: We believe in being transparent about how our system works. This policy aims to clearly explain what happens to your data at every step.

3. Information We Collect

We collect information in distinct phases, primarily during the one-time identity verification process.

  • Information You Provide Directly for Verification:
    • Your phone number and email address for account creation and communication.
    • Data extracted from a government-issued identity document you scan, such as a driver's license, passport, birth certificate, or Medicare card. This may include your full name, date of birth, address, and document number.
    • A live facial scan (selfie video) used to match your likeness to the photo on your identity document and to perform a liveness check to prevent fraud.
    This information is processed by our trusted verification partners (e.g., Regular Forensics) for the sole purpose of creating your Verifiable Credential. This data is not permanently stored on our servers.
  • Information Stored in Your JAM ID Wallet: Once verified, your Verifiable Credential, containing the sensitive personal data listed above, is encrypted and stored locally on your device within your JAM ID Wallet. We do not have access to the unencrypted contents of your JAM ID Wallet or your private keys.
  • Information We Collect Automatically:
    • Device type, operating system, and unique device identifiers.
    • Information about your interactions with our Services, such as app features used and timestamps of activity.
    • We record a public, cryptographic hash of your credential and its revocation status on a public blockchain (e.g., Ethereum). This hash is anonymous and does not contain any of your personal information. It is used to prove the validity of your credential without revealing its contents.

4. How We Use Your Information

  • To verify your identity against the documents you provide and issue a secure, reusable Credential to your JAM ID Wallet.
  • To operate our platform, facilitate your requests to share data with Verifiers, authenticate your sessions, and protect against fraud, spam, and abuse.
  • To allow you to interact pseudonymously while maintaining a secure, encrypted link to your real identity, which can only be revealed pursuant to a valid legal order.
  • To send you important service-related notices, security alerts, and support messages.
  • To respond to lawful requests from public authorities, such as subpoenas or court orders.

5. How We Share and Disclose Your Information

  • When You Explicitly Authorize It: The primary way your data is shared is when you choose to present your Credential to a third-party service (a “Verifier”). You will be prompted to approve each sharing request, and you control what specific information is disclosed (e.g., sharing only that you are over 18, without revealing your birthdate).
  • With Verification Partners: During the initial setup, we share your identity documents and biometric data with our verification partners to perform the identity check. These partners are contractually obligated to use the data only for this purpose and to delete it after processing.
  • For Legal Compliance: We may be required to disclose information to law enforcement, public authorities, or other third parties if we are compelled to do so by a subpoena, court order, or other legal process. This is the mechanism that enables "Accountable Anonymity."
  • With Service Providers: We may use third-party companies to help us operate our Services (e.g., cloud hosting, customer support). These providers have access to limited data (like your contact info or usage data, but not your credential data) and are contractually bound to protect it.

We will never sell your personal information.

6. Data Storage, Security, and Retention

  • Storage: Your primary identity data is stored encrypted on your personal device. JAM ID does not hold the keys to decrypt your JAM ID Wallet.
  • Security: We implement robust technical and organizational security measures, including end-to-end encryption, OAuth 2.0 and JWT for authentication, and advanced fraud detection to protect the integrity of the platform and any data we handle.
  • Retention: We retain your account information (e.g., email address) for as long as your account is active. Transactional data and logs are retained as necessary for security, legal, and operational purposes. You control the retention of the Credential on your device.

7. Your Privacy Rights and Choices

  • Right to Control: You have ultimate control over who you share your data with and what data you share.
  • Right to Revoke: You can revoke a Credential’s validity through your JAM ID Wallet. This will update its status on the blockchain, preventing its future use.
  • Right to Deletion: You can delete your JAM ID account and the JAM ID Wallet application from your device. Please note that while this removes the data from your device and our active servers, the anonymized credential hash previously written to the blockchain is immutable and cannot be deleted.
  • Right to Access: You can always access the personal data stored within your JAM ID Wallet on your device.

8. Children's Privacy

The JAM ID Services include features for parents and legal guardians to create and manage profiles for their children. We do not knowingly collect personal information from children without verifiable parental consent. Parents or guardians provide the necessary information (e.g., birth certificate) for verification and have full control over the child's profile and any associated services, such as the JAM ID Visa card.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by updating the "Effective Date" at the top of the policy and, where appropriate, through other communication channels. Your continued use of the Services after any changes constitutes your acceptance of the new policy.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at: johnissamail@gmail.com

© 2025 iJAM Token. All Right Reserved.