Biometrics Policy
How we handle fingerprint and facial recognition data in the NurseCenter app.
Last updated: 19 May 2026
Your biometric data never leaves your device.
NurseCenter does not collect, transmit, or store fingerprint or face data on any server. All biometric processing is handled by your device's secure hardware.
Contents
1. Overview
This Biometrics Policy explains how NurseCenter handles biometric data in connection with the NurseCenter mobile application. Biometric information — including fingerprint and facial recognition data — is classified as special personal information under the Protection of Personal Information Act 4 of 2013 (POPIA) and is subject to heightened protections. NurseCenter treats this data with the utmost care and does not collect, store, or process biometric data on its own servers.
2. What Is Biometric Data?
Biometric data refers to unique physical characteristics that can be used to identify an individual. For the purposes of this policy, biometric data includes: (a) fingerprint scan data used for Touch ID / fingerprint authentication; (b) facial geometry or facial scan data used for Face ID authentication. This data is distinct from a photograph — it is a mathematical representation of a physical characteristic, not an image.
3. How Biometrics Are Used
The NurseCenter mobile app offers optional biometric authentication as a convenient and secure alternative to entering your email and password each time you open the app. When enabled, your device's operating system (iOS or Android) uses your biometric data to verify your identity and unlock a securely stored authentication token. This allows you to access your account quickly without re-entering your credentials.
4. Biometric Data Stays on Your Device
NurseCenter does not collect, transmit, or store your biometric data on our servers or any third-party server. Biometric verification is handled entirely by your device's secure hardware (Apple Secure Enclave on iOS, Android Keystore on Android). We never have access to your raw fingerprint or facial recognition data. The only information NurseCenter receives is a success or failure signal from the device indicating whether authentication passed.
5. Consent & Opt-In
Biometric authentication is entirely optional. You will be asked to enable it explicitly within the app settings — it is not enabled by default. By choosing to enable biometric login, you provide informed consent under POPIA for the device to use your biometric data for authentication purposes. You may withdraw this consent and disable biometric login at any time from the app settings or your device's biometric settings, without any impact on your ability to use the platform.
6. Third-Party Biometric SDKs
The NurseCenter mobile app is built with Expo (React Native) and uses the expo-local-authentication library to interface with your device's native biometric APIs. This library does not process, store, or transmit biometric data — it serves only as a bridge to the operating system's built-in biometric hardware. Apple's Face ID and Touch ID are governed by Apple's Privacy Policy. Android biometrics are governed by your device manufacturer's and Google's privacy policies.
7. Security Measures
The authentication token unlocked by biometric verification is stored in your device's secure storage (iOS Keychain / Android Keystore). It is encrypted at rest and is never written to unprotected device storage. The token is automatically invalidated when you log out, when your biometric data on the device changes (e.g. a new fingerprint is enrolled), or when your session expires.
8. Legal Basis Under POPIA
The processing of biometric data (even indirectly via the device OS) constitutes processing of special personal information under section 26 of POPIA. NurseCenter relies on your explicit consent as the lawful basis for offering biometric authentication. As stated above, we do not process raw biometric data ourselves — all such processing occurs within the device's secure hardware — however we disclose this feature in compliance with our transparency obligations under POPIA.
9. Minors
Biometric authentication may not be used by users under the age of 18 without verified parental or guardian consent. If you are under 18, you must use standard password authentication to access your account.
10. Disabling & Deletion
To disable biometric authentication: open the NurseCenter app → Settings → Security → Biometric Login → Toggle off. Disabling biometric login revokes the app's permission to use the device's biometric APIs and removes any stored authentication tokens associated with biometric access. Because NurseCenter does not hold your biometric data, there is nothing to delete from our servers — the data exists solely on your device and is managed by your device's operating system.
11. Changes to This Policy
We may update this Biometrics Policy to reflect changes in technology, legislation, or our practices. Material updates will be communicated at least 14 days before they take effect via email or in-app notification. The "Last updated" date at the top of this page reflects the most recent revision.
12. Contact Us
For questions about biometric data or this policy, contact us at info@nursecenter.co.za or via WhatsApp at +27 70 425 6338. You may also write to us at: 1st Floor, Block B, North Park, Black River Park, 2 Fir Street, Observatory, Cape Town, 7925. If you believe your biometric data has been mishandled, you may also lodge a complaint with the Information Regulator of South Africa at inforeg.org.za.