Biometric Data Notice
Last updated: February 2026
IMPORTANT: HOA PostWatch collects, processes, and stores biometric identifiers (facial recognition data). This notice explains what biometric data we collect, how we use it, and your rights.
1. What Biometric Data We Collect
When you upload a photo to PostWatch, our system:
- Detects faces using RetinaFace deep learning models
- Extracts face crops from detected regions
- Generates 512-dimensional facial recognition embeddings using ArcFace and FaceNet512 models
- Computes centroid vectors for multi-sighting averaging
These embeddings are mathematical representations of facial geometry and constitute biometric identifiers under applicable law.
2. Purpose of Collection
Biometric data is collected and processed solely to:
- Cross-reference faces across photos within your HOA community
- Generate color-coded threat assessments (Red, Yellow, Green)
- Improve matching accuracy through centroid averaging
3. Consent
Your use of PostWatch requires explicit, informed consent for biometric data processing. This consent is obtained:
- At account creation (biometric consent checkbox)
- At each photo upload (upload terms checkbox)
Each consent event is logged with a timestamp, IP address, and T&C version number.
4. Data Isolation
Biometric data is isolated to your HOA community. Face matching only occurs within your community's dataset. No cross-community biometric comparisons are performed.
5. Storage & Security
- Biometric embeddings are stored in a PostgreSQL database with pgvector extension
- Face crop images are stored on encrypted server storage
- All data resides on our private infrastructure — no third-party cloud processing
- Database access requires authenticated connections with connection pooling
6. Retention & Deletion
Biometric data is retained for the duration of your community's active use of the platform. Upon request, biometric data associated with specific photos or your entire account can be permanently deleted.
7. Accuracy Limitations & Fairness
PostWatch uses automated facial recognition technology. No facial recognition system is 100% accurate. You should be aware of the following limitations:
- Match results are probabilistic indicators, not definitive identifications. A "match" means two faces appear similar to the algorithm — it does not confirm they are the same person.
- Accuracy may vary based on image quality, lighting conditions, camera angle, facial obstructions, and demographic factors including skin tone, age, and gender.
- Independent research (including NIST Face Recognition Vendor Tests) has documented measurable accuracy differences across demographic groups in facial recognition systems.
- False matches (incorrectly linking different people) and missed matches (failing to link the same person) can both occur.
Do not use PostWatch results to personally identify, confront, or take action against any individual. PostWatch is a community awareness tool — not a law enforcement or identification system. If you observe suspicious activity, contact local authorities.
8. Blocked Jurisdictions
PostWatch is not available in the following states due to biometric privacy legislation:
- Illinois — Biometric Information Privacy Act (BIPA)
- Texas — Capture or Use of Biometric Identifier (CUBI)
- Washington — HB 1493 (Biometric Identifiers)
Residents of these states are blocked from creating accounts.
9. Your Rights
You have the right to:
- Withdraw consent at any time (this will disable your account)
- Request deletion of your biometric data
- Access information about what biometric data is stored
10. Contact
For questions about biometric data processing or to exercise your rights, contact your HOA board administrator.