LAST UPDATED: 10/16/2025

Privacy Policy

a bee watching a watch

Privacy Policy

Welcome to ZipID! We offer automated Form I-9 software as a service and are committed to protecting the privacy and security of your data. This Privacy Policy explains how we collect, use, share, and protect information in connection with our services, which are accessible via our zipidapp.com.

1. Information We Collect
We may collect the following types of information:

Personal Information: Information that you provide directly, such as your name, email address, and contact details, when you register for our services, contact customer support, or participate in surveys and promotions, and information legally required to comply with federal law for the duration set by federal law.

Biometric Data: Face images and attending metadata that optimize the protection of identity.

Usage Data: Information on how you use our services, including interaction times, features used, and pages visited within our application.

Technical Data: Information such as your IP address, device type, operating system, and browser type, which helps us diagnose technical and legal issues and optimize our service delivery.

Cookies and Tracking Technologies: We use cookies and similar technologies to track the activity on our service and hold certain information, enhancing your experience and understanding usage patterns.

2. How We Use Your Information
Your information is used to:
  • Comply with legal requirements;
  • Provide, maintain, and improve services,  including customer support as well as enhance security of our services,
  • Communicate with you about your account or our services, including to send you updates or other essential communications;
  • Conduct research and analysis to understand our user base more effectively;
  • Comply with legal obligations.
3. Sharing Your Information
We may share your information with:

Customers: Employers and any third-party services they engage to support employee onboarding or related HR functions, including to verify identity.

Service Providers: Third-party companies who perform tasks on our behalf like authenticating information, hosting, data analytics, marketing, and customer service.

Legal Obligations: If required by law or when we believe it's necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Business Transfers: In connection with a merger, acquisition, or sale of assets. We ensure that these third parties respect the confidentiality of your data and comply with all applicable data protection laws.

4. Data Security

We implement a range of security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. We regularly review our security practices to adapt to new risks.

5. Data Retention and Use

We retain your personal information for as long as necessary to provide you with our services, comply with our legal obligations, resolve disputes, and enforce our agreements.
However, we do not have access to employer I-9 consoles, or expose any I-9 data to anyone but those required to have it by law.

Privacy retention and use specific to employees:
  • Employees provide explicit consent before the Form I-9 automated process begins.
  • Employees provide consent that their personal information and biometric data is shared with employers and any third-party services they engage to support employee onboarding or related HR functions, including to verify identity.
  • Employees approve that all fields from chosen documents are correct; employers are alerted if an employee changes from data derived directly from an ID.
  • Employers are passed information collected in a fully encrypted manner, and such data is not shared but retained only for legal compliance purposes for three years from date of hire, as required by federal law. It is thereafter deleted.
  • ZipID, Inc will not sell, rent, or trade Personal Information other than that required to support employer.
  • ZipID collects data required by federal law.
  • Our third parties, Innovatrics, who extracts ID data, and Regula, who read data that is auto-populated into the Form I-9, never retain personal or biometric data.
  • We encrypt your data end-to-end, both at rest and in transit, as recommended by the National Institute of Science and Technology.
Privacy retention and use specific to employers:
  • ZipID only retains the employee data as necessary to comply with federal law. We strongly encourage employers to hold such data locally for compliance purposes. See here for more information on what a compliant paper or digital retention system is for Form I-9s.
  • ZipID will retain an audit trail of your users that adjudicated a Form I-9 for audit purposes.
  • ZipID uses encryption for data at standards recommended by the National Institute of Science and Technology.
6. Your Rights
Depending on your location, you may have certain rights under data protection laws, including:
  • The right to access, update, or delete the information we have on you.
  • The right to object to processing of your personal data.
  • The right to request that we restrict the processing of your personal information.
  • The right to data portability.
  • To exercise these rights, please contact us at zipidnfo@zipidapp.com.
7. Changes to This Privacy Policy
Depending on your location, you may have certain rights under data protection laws, including:

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and, where appropriate, through other means.

Contact Us
ZipID, Inc
zipidinfo@zipidapp.com

Frequently Asked Questions

COMPLIANCE and LEGAL

Is ZipID ICE-compliant I-9 software?

Yes. ZipID satisfies all five federal electronic I-9 system requirements under 8 CFR § 274a.2 — including compliant audit trails, electronic signature protocols, and secure storage standards. It is specifically designed to meet the March 2026 ICE reclassification that elevated common errors to substantive violations.

What are the fines for I-9 violations in 2026?

As of January 2025, I-9 paperwork violations carry fines of $288 to $2,861 per form under 8 CFR § 274a.10(b)(2). Knowingly hiring unauthorized workers carries fines up to $28,619 per worker for repeat offenses. ICE audit rates in 2025 ran at least ten times higher than the prior year.

Is ZipID integrated with E-Verify?

ZipID is pursuing certified E-Verify third-party agent status by August 2026. Currently, after the employer signs the I-9, ZipID redirects to E-Verify and automatically populates the resulting case data into the Additional Information field — preserving the complete record for audit purposes.

Still Got Questions on Your Mind ?
Ask a Question
TECHNOLOGY and ACCURACY

What is NIST and why does it matter for I-9 verification?

NIST — the National Institute of Standards and Technology — is the federal agency that sets accuracy benchmarks for biometric identity technologies. For I-9 compliance, NIST validation matters because it provides an independent government-verified measure of whether a facial recognition system is reliable enough to trust. ZipID uses NIST-tested algorithms rated at 99.998% accuracy.

What is ZipID's biometric accuracy for 1:1 selfie-to-ID matching?

ZipID's 1:1 facial recognition is rated at 99.998% accuracy using NIST-validated algorithms — fewer than 2 mismatches per 100,000 verifications. Liveness detection is built in to confirm the selfie is from a real, present person rather than a photo or deepfake.

What is OCR and how does ZipID use AI-powered OCR for I-9 verification?

OCR — Optical Character Recognition — reads and extracts text from government-issued IDs. ZipID uses AI-powered OCR to instantly capture a new hire's ID data and automatically populate the required Form I-9 fields, eliminating manual entry and typos. The AI layer also cross-checks extracted data for logical consistency and flags tampered, synthetic, or spoofed documents.

How does ZipID verify a new hire?

ZipID uses NIST-validated biometric facial recognition to match a live selfie to the photo on the new hire's government-issued ID. AI-powered OCR extracts and autofills document data. Fraud detection runs in the background checking for tampered, synthetic, or spoofed documents.

Do you recommend using face recognition?

Facial authentication is entirely the employer's choice. It confirms that the new hire is who they say they are and that the ID they present matches their live self — especially valuable for remote hires, high-security roles, or industries with elevated identity fraud risk.

USING ZipID

How long does it take to complete an I-9 with ZipID?

ZipID completes the entire Form I-9 process — including identity verification, document capture, and E-Verify redirect — in under 8 minutes, for both remote and in-person new hires.

What is ZipID?

ZipID is an I-9 compliance and identity verification platform that combines facial recognition, OCR document capture, and fraud detection to verify new hire identities and complete Form I-9 in under 8 minutes — with a legally compliant audit trail built in. It is the only I-9 platform built by the person who helped write the federal identity doctrine behind the law.

ABOUT

Who built ZipID?

ZipID was founded by Janice Kephart, former counsel to the 9/11 Commission and a national security identity expert with 25 years of federal and private sector experience, including designing border biometric workflows at MorphoTrak, now Idemia. Kephart authored the federal identity doctrine and biometric entry-exit recommendations underlying today's I-9 compliance framework, and has testified before Congress 19 times.