Last Updated: April 2026
Securero ("we," "our," or "us") builds hardware and software for behavioral biometric identification on robotic platforms. This Privacy Policy explains how we collect, use, disclose, and safeguard information — both from visitors to this website, and (for our integrators and their end-users) the principles that govern how our deployed technology processes biometric data on the robots it runs on.
This policy is structured in two parts. Sections 2–12 describe the website. Section 13 ("Biometric Data Processing") describes the principles that apply to deployed Securero modules; the precise terms for any specific deployment are set in the data-processing agreement with the integrator.
We may collect information that you voluntarily provide to us when you:
This information may include your name, email address, company name, and any other information you choose to provide.
When you visit our website, we may automatically collect certain information about your device and browsing behavior, including:
We use the information we collect to:
We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:
We use cookies and similar tracking technologies to enhance your browsing experience. For detailed information about our use of cookies, please see our Cookie Policy.
We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure.
Depending on your location, you may have certain rights regarding your personal information, including:
To exercise these rights, please contact us at info@securero.io.
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
Our website is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.
Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country.
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.
If you have any questions about this Privacy Policy or our data practices, please contact us at:
Email: info@securero.io
This section applies to behavioral biometric data processed by deployed Securero modules (SR-MOD/01 and successors). It is informational; the binding terms for any deployment are defined in the data-processing agreement (DPA) signed with the deploying customer or integrator.
Behavioral biometric data is the set of features the module derives from a person's movement, body proportions, and voice — including but not limited to standing height, leg-to-torso ratio, stride length, walking cadence, posture and spinal angle, arm swing, foot-strike pattern, and acoustic voice signature. From these features the module computes an encrypted identity vector (a "behavioral fingerprint"). The fingerprint is what is stored and matched; the underlying raw audio, video, and depth frames are not retained by default.
By default configuration, all behavioral biometric processing occurs on the robot itself, on the dedicated neural accelerator inside the SR-MOD module. Raw sensor data does not leave the device. Identity vectors are stored encrypted (XTS-AES 256) on the module's local secure storage. No data is transmitted to Securero servers, to the customer's cloud, or to any third party unless the deploying customer explicitly enables a cloud or fleet-sharing feature in the SDK configuration.
Where deployments fall under the GDPR or comparable regimes, the lawful basis for processing behavioral biometric data is the deploying customer's responsibility to establish — typically explicit consent of the data subject, substantial public interest, or another permitted basis under Article 9 GDPR. Securero provides the technical capability to enforce consent, retention, and access controls; the deploying customer is the data controller for any specific deployment.
Identity-vector retention is a customer-configurable setting in the module, with a hard cap that cannot be exceeded without a signed policy update from the deploying customer. The default retention period is 30 days, after which profiles are securely overwritten on-device. Customers may configure shorter retention; longer retention requires a documented justification recorded in the deployment manifest.
Behavioral biometric data does not leave the device unless the deploying customer explicitly opts in to one of the following, all of which are off by default:
Securero does not under any configuration upload behavioral data to systems we control for our own benefit.
Because the data controller for any deployment is the deploying customer, requests to access, correct, or delete a data subject's behavioral biometric profile must be directed to that customer. Securero provides the deployed module with a standardized "subject lookup and erasure" API the customer is required to expose for compliance with GDPR Articles 15–17 and equivalent regulations in other jurisdictions (CCPA, LGPD, PIPL where applicable, Israeli Privacy Protection Law).
Our SDK requires the integrator to surface a notice mechanism in the host application or environment so that data subjects can be informed they may be observed by a system using behavioral biometrics. Covert deployment without such notice is a violation of our terms of service.
The module flags suspected spoofing attempts (masks, prosthetics, adversarial clothing, synthetic-voice attacks). Such flags, where retained, are kept under the same privacy regime as identity vectors: encrypted, on-device, customer-controlled retention.
Every verification decision the module makes produces a signed, hashable record. Records contain the verdict, confidence score, timestamp, and cryptographic hash of the identity vector — but not the vector itself, and not raw sensor data. Records are intended for compliance review and post-incident audit and are subject to the same retention setting as identity vectors.
Securero is presently in audit for SOC 2 Type II and ISO/IEC 27001. The product is engineered to be deployable in GDPR- and CCPA-aligned configurations. We do not represent ourselves as currently certified under any framework still in audit; ask us for the current attestation status before relying on it for procurement.
Material changes to how a deployed module processes biometric data — additional features extracted, changed retention defaults, new opt-in transfer paths — are released only via signed firmware updates the deploying customer must accept. Customers may pin firmware versions and refuse upgrades.
For questions specific to behavioral biometric processing, integrator obligations, or to request the model DPA, contact info@securero.io with the subject line "Privacy / DPA inquiry".