A Letter From Our CEO
Protecting identity requires more than strong technology — it requires principled governance. At Nametag, our commitments around privacy, transparency, and responsible data handling are longstanding and embedded in how we design and operate our platform.
Recent public discussions have raised broader questions about how identity verification providers handle data and whether such systems are connected to undisclosed government reporting pipelines. We believe it is important to clearly state our position and our practices.
Our Mission
Nametag exists to protect every human identity.
As impersonation, social engineering, and AI-generated deepfakes increase, responsible identity verification is one of the most effective ways to protect people and the organizations they depend on. It prevents account takeovers, stops fraudulent helpdesk resets, protects financial assets, and safeguards personal information.
Our role is to protect. We build systems that confirm a real human is present and authorized — not systems that monitor, profile, or surveil. Protecting individual privacy is fundamental to that commitment.
Identity verification through Nametag occurs only when an individual is explicitly prompted within a defined relationship — such as with an employer, financial institution, or service provider — and affirmatively chooses to proceed. Each verification requires active participation and consent by the individual.
Our Commitments
Our published Privacy Policy and Trust Principles outline how we handle data and the boundaries we will not cross. These principles are reflected in our architecture, operational controls, and customer agreements.
We Are Stewards of Data, Not Owners
Nametag processes identity data strictly to complete verification events requested by our enterprise customers. We do not collect data for unrelated purposes, do not sell data, and do not operate as a data broker.
We do not repurpose identity information for surveillance, profiling, advertising, or intelligence monitoring.
We Ensure Informed and Explicit Consent
Identity verification through Nametag requires active participation. End-users are clearly informed that verification is taking place, what information is being requested, and the specific purpose of the verification before proceeding.
The process requires an explicit opt-in action — it is not automatic, background, or hidden. Individuals choose whether to continue with verification, and the verification is limited to the purpose disclosed at that time.
We Do Not Store Biometric Data
Nametag does not maintain a persistent biometric database.
Facial comparison and liveness checks are performed as part of a verification transaction. We do not store facial templates for tracking individuals across services, and we do not build biometric watchlists. Any data retained is limited, purpose-bound, and governed by clear retention policies disclosed in our Privacy Policy.
Data Minimization by Design
Nametag collects only the information necessary to complete a specific identity verification request initiated by an enterprise relationship. We do not perform background checks, query credit bureaus, aggregate utility records, or enrich identity data for secondary purposes. Verification is limited to confirming authenticity and authorization for the defined transaction.
Right to Deletion and Data Control
Individuals may request deletion of their data at any time through the Nametag app or by contacting privacy@nametag.co. Where applicable, consent may be withdrawn, subject to legal or contractual retention obligations.
When we process data on behalf of an enterprise customer, they retain primary governance authority over retention and lifecycle policies, consistent with applicable law, which may be more restrictive than our default policy.
No Surveillance Pipelines or Backdoor Reporting
Nametag does not operate undisclosed watchlists, intelligence-tagging systems, or automated reporting pipelines to government agencies. We do not file Suspicious Activity Reports (SARs) on behalf of customers, and we do not provide continuous biometric or identity data feeds to any government entity.
If we receive a lawful government request, we carefully review its scope and validity, and respond only as required under applicable law. Where legally permitted, we notify the affected enterprise customer. We do not provide voluntary bulk access, standing data feeds, or backdoor access to any authority.
Transparent Third-Party Validation
When required for fraud prevention, we may validate identity attributes against authoritative sources — such as government document validation services or trusted commercial identity databases — solely to confirm authenticity during the verification event.
Where such validation involves checking information against a government source, it occurs only as part of the verification process initiated by the end-user and with their explicit participation and consent. These checks are transactional and purpose-bound. They do not create a persistent surveillance record, intelligence profile, or ongoing monitoring relationship.
Validation is performed strictly to confirm the authenticity of identity information for the specific verification request at hand.
Privacy and Transparency
Our Privacy Policy publicly details:
- What information we collect
- How it is used
- Where it is stored
- How long it is retained
- How individuals can request deletion
If our practices were ever to materially change, we would update our public documentation and notify customers accordingly.
Our Responsibility
Identity verification is a powerful capability. Used improperly, it can undermine trust. Used correctly, it protects people.
Nametag was built to strengthen digital trust. When someone requests access to an account, there must be high assurance they are who they claim to be. That mission guides our technology decisions, our data governance, and our privacy commitment.
We welcome engagement from customers, partners, regulators, and researchers who want to better understand our architecture and privacy safeguards.
Sincerely,
Aaron Painter
CEO, Nametag
