Identro is a product of Syrol Technologies Limited. This policy explains the operational rules we apply to personal data, sensitive identifiers and verification records.
Purpose limitation
Identro processes personal data for account management, verification, wallet, security, support, audit and compliance purposes only.
Consent and lawful basis
Users, agents and merchants must collect proper consent before initiating identity verification requests.
Data minimisation
Only information required to deliver a service should be collected. Sensitive values are masked where possible.
Access control
Dashboard and API access are scoped by user role, merchant, agent and account status.
Security safeguards
Identro uses secure transport, credential protection, audit logging, queue-based notifications and operational review for sensitive workflows.
Retention and deletion
Records are retained for service, audit, compliance, fraud prevention and dispute purposes. Deletion requests are reviewed against legal obligations.
Third-party processors
Data may be processed by verification providers, payment providers, hosting infrastructure and communications providers where necessary.
Incident response
Suspected data incidents are investigated, contained and escalated according to severity and applicable legal duties.