Biometric Information Retention and Destruction Policy
Effective Date: 26 June 2026
PersonaShield Technologies Inc. d/b/a PersonaShield (“PersonaShield,” “we,” “us”) publishes this Biometric Information Retention and Destruction Policy in compliance with the Illinois Biometric Information Privacy Act, 740 ILCS 14/15(a) (“BIPA”). This Policy describes our retention schedule for biometric identifiers and biometric information, and our guidelines for permanently destroying that data.
This Policy is publicly available and applies to all individuals whose biometric data PersonaShield processes, including but not limited to residents of Illinois.
Table of Contents
- 1. Scope
- 2. Retention Schedule
- 3. Destruction Triggers
- 4. Destruction Methodology
- 5. Exceptions
- 6. Requests and Contact
- 7. Updates to This Policy
1. Scope
This Policy applies to:
- Biometric identifiers: facial reference media (photos or video containing a face) that you upload or capture in the PersonaShield service; and
- Biometric information: derived facial data generated from that media for identity verification and content matching.
Together, “biometric data.”
The collection and use of biometric data is separately governed by PersonaShield’s Biometric Consent & Authorization, which you must agree to before any biometric data is collected. This Policy describes only the retention and destruction of that data.
2. Retention Schedule
PersonaShield retains biometric data only as long as reasonably necessary to provide the purposes described in the Biometric Consent & Authorization (identity verification, deepfake or manipulated content matching, takedown support, and AI image generation condition).
Biometric data is retained until the earliest of the following:
- (a) the purpose for which the biometric data was collected has been satisfied — for example, you stop using the service, close your account, or withdraw consent;
- (b) thirty (30) days after your account is closed or your consent is withdrawn; or
- (c) three (3) years after your last interaction with PersonaShield.
“Last interaction” includes actions such as logging in, changing safeguards, uploading or managing reference media, completing identity verification, or otherwise using the service to maintain protection.
3. Destruction Triggers
Permanent destruction of biometric data is triggered by any of the following events:
- Account closure. You close your PersonaShield account through in-product controls or by contacting support.
- Consent withdrawal. You withdraw your Biometric Consent & Authorization through in-product controls or in writing.
- Verified deletion request. You request deletion of your biometric data through in-product controls (if available) or by contacting support@personashield.com.
- Purpose satisfied. PersonaShield determines that the purpose for which the biometric data was collected has been fulfilled and no other ground for continued processing applies.
- 3-year inactivity. Three years have passed since your last interaction with PersonaShield.
4. Destruction Methodology
When a destruction trigger occurs, PersonaShield permanently destroys the affected biometric data as follows:
- Cessation of processing. PersonaShield immediately stops using the biometric data for identity verification, content matching, and takedown support.
- Deletion from production systems. Within thirty (30) days of the triggering event (or of receipt of a verified request), PersonaShield deletes the biometric reference media and associated derived facial data from production databases, object storage, and active service infrastructure.
- Removal from backups. Residual copies may persist in encrypted backups for up to sixty (60) days as part of routine backup cycles. During that period, those backup copies are not used for matching, takedown support, or any other active purpose, and are accessible only under restricted conditions (e.g., disaster recovery). After sixty (60) days, backup copies are overwritten through standard backup rotation.
- No reidentification. Once biometric data is destroyed under this Policy, PersonaShield does not retain, reconstruct, or attempt to reidentify the data.
5. Exceptions
PersonaShield may retain biometric data beyond the periods described above only where required by applicable law — for example, in response to a valid legal hold, subpoena, court order, or other legal process. Where an exception applies, PersonaShield retains only the data necessary to comply with the legal obligation and destroys the data when the obligation no longer requires its retention.
6. Requests and Contact
To request access to, deletion of, or information about the destruction of your biometric data, contact:
Email: support@personashield.com
Address: PersonaShield Technologies Inc., 7226 Estonian Place, Las Vegas, NV 89113
PersonaShield will respond to verified requests within thirty (30) days of receipt.
7. Updates to This Policy
PersonaShield may update this Policy from time to time. Material changes will be reflected in the “Last Updated” date above and, where required by applicable law, communicated to affected individuals.