Privacy Statement: Government Digital Wallet web verifier

This Government Digital Wallet web verifier is provided for testing and research purposes only. Its purpose is to enable holders of digital wallets to voluntarily test verification scenarios using data from their own Government Digital Wallet.

All verification actions are user‑initiated and are performed only with the consent of the user, which is managed by the user’s Government Digital Wallet.

The Department of Public Expenditure Infrastructure Public Sector Reform and Digitalisation act as a data processor for the processing of personal data on the Government Digital Wallet web verifier.

The portal provides three controlled verification scenarios for testing purposes:

• Secure online verification (using zero‑knowledge proof) – to show whether the Government Digital Wallet user is over 18 or not. No personal data is revealed
• sSecure online registration (using verified attribute sharing) – sharing selected credential attributes (full name, date of birth and PPSN)
• Secure in-person verification (using an in‑person ID check) – sharing the image and proof of age (zero-knowledge proof) to mimic an in‑person check

All verification activities are optional and are undertaken solely at the user’s discretion.Any data sent to the Government Digital Wallet web verifier is deleted once the user closes the session.

Verification sessions

A verification session is a temporary, one‑time interaction between a user’s Government Digital Wallet and the web verifier.

How a session starts

A session begins when the user chooses to initiate a verification. User can initiate verification journey in two ways, on a separate device (cross-device) or on the same device.

• In the cross-device mode, the user opens the web verifier in a browser on the1st device. The web verifier provides the QR code. The user scans it with the Government Digital Wallet app on their phone (2nd device) and the verification results will show up on the 1st device (for example, on their laptop)
• In same device mode, the user starts with opening the web verifier in the browser on their mobile phone. The web verifier provides ‘Verify using the wallet’ button, that opens the Government Digital Wallet app. The user can confirm and accept the request, and the results will then show up on the web verifier on the browser, on that same mobile phone

These actions create a secure, short‑lived connection between the user’s Government Digital Wallet and a dedicated session on the web verifier. As part of this process, the Government Digital Wallet displays the exact credentials or attributes being requested and awaits the user’s explicit consent before any data is shared.

How a session ends

A verification session ends when one of the following occurs:

• the user approves the request, and the selected attributes are shared, completing the verification
• the user declines the request, at which point the session is closed
• the session times out due to inactivity

In all cases, once the session ends, no session data, verification results, images, or personal data are retained by the web verifier.All verification scenarios follow the same privacy‑preserving principles:

• participation is entirely voluntary and user‑initiated; the user must consent to send any of their personal data to the web verifier and can abort the operation if they do not wish to do so
• only the minimum attributes required for a specific scenario are requested
• each verification is single‑use, short‑lived, and transaction‑specific
• no verification outcomes, images, or personal data are retained once a session ends

A verification proceeds only when the user actively chooses to engage (for example, by scanning a QR code or selecting “verify using the wallet”), reviews the exact attributes being requested, and provides clear, affirmative consent within their Government Digital Wallet. No information is shared unless and until consent is given, and only for that specific interaction.

• any personal data shared during a verification is processed solely for the purpose of completing that verification transaction
• the web verifier does not store, reuse, profile, or log personal data
• all data processed during a verification session is cleared immediately once the session ends
• all personal data is processed only within the scope of an active verification session and is cleared immediately once that session ends

The lawful basis for processing personal data via this verifer is consent, in accordance with Article 6(1)(a) of the GDPR.You may withdraw your consent at any time by:

• declining or discontinuing a verification request within your Government Digital Wallet
• closing the session on the Government Digital Wallet web verifer

Withdrawal of consent does not affect the lawfulness of processing carried out before consent was withdrawn.

Your personal data will not be shared with any third parties.

No personal data is retained by this portal.

If you have concerns about how personal data is processed in relation to this verification portal, you may contact the Data Protection Officer:

Data Protection Officer

Department of Public Expenditure, Infrastructure, Public Sector Reform and Digitalisation

Email: dataprotection@per.gov.ie

You also have the right to lodge a complaint with the Data Protection Commission:

Data Protection Commission

6 Pembroke Row, Dublin 2, D02 X963

Email: info@dataprotection.ie

Telephone: 01 765 0100 / 1800 437 737