Before fresh consent: review and choose
When fresh consent is required, see who requested the check, why, which checks apply, which material processors are disclosed, and the retention boundary. You can accept or decline.
For people completing a Sonavera check
Processing requires a current consent record. When fresh consent is needed, you see who requested the check, what will happen, which material processors are disclosed, and how long Sonavera-held artifacts may remain—then choose whether to continue.
The organization that sent you remains responsible for the account action and any alternative path it offers.
One request · one customer boundary
The ceremony lifecycle
A current consent record carries privacy context through the result and its deletion schedule. When fresh consent is needed, you can review and choose before processing.
When fresh consent is required, see who requested the check, why, which checks apply, which material processors are disclosed, and the retention boundary. You can accept or decline.
Your camera and microphone support the configured checks and guided interaction. Sonavera does not retain raw audio or video unless a tenant configuration explicitly enables retention.
The requesting organization receives a minimized signed result. If this interaction records fresh consent and succeeds, you can save its privacy receipt. Eligible artifacts follow the governing deletion boundary.
Tenant privacy
Matching uses the isolated tenant boundary of the organization that requested your check. Another Sonavera customer does not receive that enrollment or use it as its candidate pool.
What gets shared
The signed result summarizes the ceremony without exposing raw media or biometric templates. The organization that sent you—not Sonavera—decides what action to take from that evidence.
signed resultRetention
When fresh consent is collected, the screen shows the Sonavera-held artifact boundary. A still-current receipt may govern a returning enrollment or verification, and its recorded boundary continues to cap retention. Service providers may have different retention, documented separately in the current notice.
When fresh consent is collected, the screen presents the applicable artifact period or delete-no-later-than time.
The platform records the boundary that applied when your ceremony began.
Eligible biometric, liveness, anti-spoofing, and evidence artifacts are automatically purged.
A minimal consent and deletion record remains separately from the deleted ceremony artifacts.
Your privacy receipt
When an interaction records fresh consent and then succeeds, you can download a receipt with its ID, consent time, purpose, disclosed providers, legal-document versions, and retention information. Repeat ceremonies that reuse a current consent record do not offer a new download. If you later request deletion, give the receipt ID to the organization that sent you.
An AI guide may help explain steps and keep the interaction moving. It does not make the biometric match, decide whether you pass, or tell the requesting organization what action to take. The material processors in the governing consent record are a policy disclosure, not a runtime log showing that every optional provider ran.
Common privacy questions
When fresh consent is required, yes: you can decline on the consent screen and the ceremony will not proceed. A still-current consent receipt may be reused for a returning enrollment or verification interaction, so that interaction may not show a new consent screen. The organization that sent you decides whether it can offer another path.
Not by default. Sonavera does not retain raw audio or video unless a tenant configuration explicitly enables retention. The current notice governs that exception. Disclosed service providers may process live data for their described role, and their retention may differ.
No. Matching stays inside the tenant boundary of the organization that requested the check. Another customer does not receive that enrollment or use it as its candidate pool.
It receives a signed result with ceremony status, normalized check evidence, timestamps, and policy references. It does not receive raw audio or video, face or voice embeddings, biometric vectors, or prior-match identifiers.
If you were offered a privacy receipt at the end of the check, download it and give its receipt ID to the organization that sent you. If no new receipt was offered, contact that organization with the interaction details. It manages the account relationship and can route the request. For questions about Sonavera’s platform privacy practices, email privacy@sonavera.ai.
No. This page explains the design in plain language. When fresh consent is required, the ceremony-specific screen shows the terms for the check. A returning enrollment or verification may instead use a still-current consent receipt. The versioned platform legal documents remain authoritative.
Read the current platform notice at any time. When fresh consent is required, the ceremony-specific screen shows the requester, purpose, disclosed material processors, and retention boundary. A returning enrollment or verification may instead reuse a still-current receipt until its bound legal terms change.