Quick Links
BIOMETRIC DATA HANDLING & PROTECTION
Last Updated: February 7, 2026
What Is Biometric Data?
Biometric data refers to unique physical characteristics that identify you. On Fleet, we collect:
- Selfie (Live Photo): A photograph of your face taken during registration for identity verification
- Government ID Images: Scanned or photographed copies of your driver's license or national ID
Why Do We Collect Biometric Data?
Purpose: To verify your identity and ensure you meet age requirements (21+) to rent a vehicle.
This process protects both you and vehicle owners by:
- β Confirming you are the person named on your government ID
- β Verifying your driver's license is valid and not suspended
- β Preventing fraudulent accounts and identity theft
- β Complying with Trinidad and Tobago anti-money laundering regulations
How We Protect Your Biometric Data
π Encryption
Your biometric data is protected with AES-256 encryption (military-grade security) both:
- In Transit: When you upload your selfie and ID, data is encrypted during transfer
- At Rest: When stored in our servers, data remains encrypted
π« Access Restrictions
Only authorized personnel can access your biometric data:
- Data Protection Officer (for compliance)
- Security team (for fraud investigation)
- System administrators (for maintenance)
All access is logged and audited for compliance.
β±οΈ Automatic Deletion
Your biometric data (selfie and ID images) is automatically deleted within 14 days of successful verification.
Exception: If you have a dispute (e.g., chargeback, rental damage claim), we retain your biometric data until the dispute is resolved.
π Separate Storage
Biometric data is stored separately from your other personal information with enhanced access controls.
What We Use Biometric Data For
- β Identity verification during registration
- β Fraud detection and prevention
- β Verification of age requirements (21+)
We do NOT use your biometric data for:
- β Training artificial intelligence or machine learning models
- β Tracking or monitoring your location
- β Selling to third parties
- β Marketing or analytics
- β Government/law enforcement (without warrant)
Your Rights Regarding Biometric Data
Right to Access
You can request to see all biometric data we hold about you. Contact our Data Protection Officer: [email protected]
Right to Deletion
You can request deletion of your biometric data at any time, even if your account is active. Once deleted, you will need to re-verify your identity if you want to make future bookings.
Right to Know About Automated Processing
Your selfie is matched against your ID using automated facial recognition technology. If this automated match rejects your verification, you can request human review.
Facial Recognition Bias & Fairness
We use a facial recognition algorithm that has been independently tested for bias. This ensures fair treatment across demographic groups (race, gender, age).
If you believe the automated verification rejected you unfairly, please contact us at [email protected] to request manual human review.
Third-Party Processors
If we use a third-party identity verification vendor, they must:
- β Comply with data protection regulations
- β Have security certifications (ISO 27001, SOC 2)
- β Sign a Data Processing Agreement (DPA)
- β Delete biometric data after verification
- β Never use your biometric data for secondary purposes
International Data Transfers
Biometric data is stored on Amazon Web Services (AWS) servers located in the United States. We ensure this transfer is protected by:
- β Your explicit consent (disclosed in our privacy policy)
- β Encryption (your data is encrypted before transfer)
- β AWS security certifications (SOC 2 Type II, ISO 27001)
- β Standard Contractual Clauses (SCCs) with AWS
Questions About Your Biometric Data?
Contact our Data Protection Officer:
- π§ Email: [email protected]
- π Trinidad and Tobago Information Commissioner: [email protected] | (868) 622-3684
Last Updated: February 7, 2026
Trinidad and Tobago Data Protection Act Compliant