Privacy policy

The Privacy by Design foundation processes personal data with the aim of realizing attribute-based authentication and signatures via the system Yivi, an abbreviation for I Reveal My Attributes. The foundation is responsible for this data processing and in doing so abides by the General Data Protection Regulation (GDPR).

The design of Yivi is such that personal data, attributes in particular, are stored exclusively at the user’s side on his/her own phone or tablet. The foundation has a cooperation agreement and also a data processing agreement with SIDN. As part of this cooperation, SIDN handles the registration of new Yivi users. In this registration process SIDN only stores an arbitrary username (the app ID), a user’s email address, if the user explicitly so chooses, together with a very limited set of historical usage data, as will be explained below.

A user of Yivi is asked to consent (agree) at every data processing step by the foundation, as data controller, or by SIDN as processor. This consent forms the legal basis for the data processing. A user can at any stage terminate the foundation’s (and thereby also SIDN’s) processing of his/her personal data by terminating (blocking) his/her personal Yivi account, via the MyYivi webpage. The Yivi app asks the user to consent whenever attributes are received or revealed, via an OK button. The Yivi app itself is protected via a personal PIN code. This consent forms the legal basis for the processing or the relevant attributes by these (third) parties, providing or receiving attributes.

The Privacy by Design foundation and SIDN process personal data in three different ways.

  1. Continuously. At registration an arbitrary username (the app ID) is automatically created for a new user of Yivi. The user can choose to associate a self-chosen email address with this Yivi account. This is not necessary, but optional. The email address is stored and protected by SIDN, until the user changes or removes or cancels his/her account, in the MyYivi environment.

    The app ID is a pseudonym that identifies an account at the foundation. The (optionally added) email address can be used for communication with the user, for instance for logging into MyYivi. SIDN keeps the email address secret and does not share it with others, unless there is a legal obligation to do so. The foundation and SIDN uses the address exclusively for Yivi functionality.

    The foundation and SIDN record usage data (“logs”) per account. The sole purpose is providing an Yivi user with insight in the usage of his/her own account, associated with the user’s email address, in order to detect possible abuse and to (subsequently) block the account. With this access to a user’s own log data the foundation and SIDN fulfill their obligation to provide users insight in their own data. These log data are stored and protected until they are deleted by the user. The logs contain only time stamps of actions, together with the kind of action that happened, such as PIN verified or Yivi session performed. In particular, these logs do not contain personal data, such as attributes, or information about the party to which attributes are revealed, or fromm which attributes are received. These log data are not shared with others, unless there is a legal obligation to do so. When an Yivi account is terminated, or when its data are removed, all these log data are immediately removed by the foundation.

  2. Incidentally. When the Yivi app crashes or encounters a serious problem, an error report is made and sent to the foundation, if you as Yivi app user provided consent for that. This consent can be provided by enabling the “Send error reports to Yivi” toggle in the settings of the Yivi app. If this toggle is not enabled, then error reports are not sent. These error reports are a critical instrument for the foundation in fixing problems and improving the Yivi app. An error report never contains user attributes, or data about previous usage of the Yivi app, but only technical data about what went wrong and about your phone (for example, IP address, the app version number, and the version number of Android or iOS). The foundation removes these reports when they are no longer necessary, or at least within three months.

  3. One time, only temporarily. At issuance of attributes by the Privacy by Design foundation, the foundation attaches its own digital signature to these attributes; subsequently, the signed attributes are placed in the Yivi app of the user. Immediately afterwards, these data are removed from the systems of the foundation. The foundation does not keep a record of attribute issuance.

    For some forms of issuance, as well as for some demos, the user is asked to first authenticate with attributes. These attributes are also deleted immediately after usage.

    The foundation also has to process the IP address of your computer or phone in the following cases:

    • You visit this website or one of the other ones of the foundation.
    • You scan a QR code with your Yivi app of one of the issuers or demos of the foundation (on desktop), or when (on mobile) the Yivi app is opened by one of these issuers or demos.
    • When, after the previous step, you receive or disclose data in the Yivi app from or to one of the Yivi applications of the foundation.

    In these cases your IP address is not stored, unless a technical error occurs. In that case your IP address is stored for two weeks, after which it is automatically deleted.

In addition, during the last step (the receiving or disclosing of data) your IP address is also processed and logged by SIDN, a partner of the foundation that runs the Yivi keyshare server. This also happens when you receive or disclose data to or from other parties than the foundation.

The foundation publishes via its own dashboard how many Yivi users are registered in which country at any point in time. This only involves the number of registered usernames (pseudonyms) and the number of credentials (sets of attributes) per country, issued by the foundation. The foundation also reserves the right to publish statistical data about the registered logs, such as for instance the total number of transactions per unit of time (day, month or year).

The privacybydesign.foundation website is controlled and maintained by the Privacy by Design foundation. The foundation does not collect data about its website visitors and does not use cookies. Also, the foundation does not collect contact data (such as IP-addresses) of Yivi apps that connect to the foundation.

Technical changes in the Yivi system, or possible new services of the foundation, may lead to adaptation of this privacy policy. The foundation reserves the right to make such changes and will publish the adapted privacy policy via this website as soon as possible.

For questions, remarks, or complaints about this data processing by the Privacy by Design foundation for Yivi functionality, please contact the foundation. For complaints about the foundation’s data processing one can also contact the Data Protection Authority of the Netherlands.

Date: March 12, 2020.