menuMistho

Mistho Passport — Privacy Policy

Last updated: 2nd June 2026.

This policy is a supplement to our main Privacy Policy. It describes only what is specific to the Mistho Passport browser extension. The main Privacy Policy governs our sub-processors, international transfers, retention schedules and your rights in full.

Speed Read

  • What it is: Mistho Passport lets you verify your own employment or income by reading it directly from the official government portal you sign in to yourself — so you never share your password with anyone.
  • Our role: for the data you verify, Mistho is a processor acting on the instructions of the customer who asked you to verify (the Partner, who is the controller) — and your authorised agent for retrieving it. We do not use your verification data for our own purposes, and we never sell it.
  • What we never see: the extension never reads your password, PIN or one-time codes, never reads your other tabs or browsing history, and only reads the specific employment/income fields needed for the verification you started.
  • Read-only: it never fills, clicks, submits or changes anything on your record — you do all of that yourself.
  • Only when you ask: the extension runs only during a verification you initiate.

Contents

  1. What Mistho Passport is
  2. Our role — we are a processor for our customers
  3. What the extension never sees
  4. What the extension accesses, and why
  5. How the data is used and shared
  6. Browser permissions, explained
  7. Legal bases
  8. Security
  9. Retention
  10. Your rights
  11. Children
  12. Changes
  13. Contact us

1) What Mistho Passport is

Mistho Passport is a Chrome extension that lets you verify your own employment or income directly from an official government portal, without sharing your sign-in credentials. When you start a verification — typically from a Mistho customer's website or app that has asked you to verify your employment — the extension opens the government site in a new tab; you sign in yourself; and the extension reads only the specific employment/income fields needed for that verification and sends them securely to Mistho.

2) Our role — we are a processor for our customers

Mistho operates in clearly separated roles, consistent with our main Privacy Policy.

ActivityMistho's roleWho is the controller
Reading and transmitting the declared employment/income data for a verification you requestedProcessor — and your authorised agent for retrieving it from the portalThe customer (Partner) who asked you to verify (e.g. an employer, lender, landlord or background-check provider)
The local signing key stored on your deviceWe never receive it — it stays in your browser— (it is not shared with Mistho)
Minimal technical diagnostics and security / fraud prevention for the extensionController (narrow, for reliability and security only)Mistho

In short: for the personal data you verify through Passport, Mistho acts on the Partner's instructions and does not decide the purposes of the processing — the Partner does. If you want to know how your verified data is used after it reaches the organisation that requested it, please see that organisation's own privacy notice. We do not sell your personal data.

3) What the extension never sees

By design, the extension never reads and never transmits:

  • your password, passphrase, PIN, or one-time/2FA codes — sign-in fields are hard-excluded in the extension's code and can never be read;
  • anything on your other tabs, or your wider browsing history;
  • any content outside the specific declared employment/income fields for the verification you started.

You authenticate on the official government website yourself; your credentials stay on your device. The extension is also read-only on your data: it reads the declared fields and never fills, clicks, submits, or changes anything on the government site or your record. (Chrome's permission prompt says “read and change” because Chrome offers no read-only option; what the extension actually does is read-only, as described here — enforced in code and by audit.)

4) What the extension accesses, and why

During an active verification only:

DataExampleWhy
Employment / income detailsname, national identifier (e.g. National Insurance number), employer name/reference, employment dates, income, taxThe data being verified — the purpose of the verification you requested
A page image (“proof”)a picture of the official record as shown to youTamper-evident proof of what the government site displayed
A cryptographic attestationan Ed25519 signature over the aboveLets Mistho confirm the data was read by your installed extension and not altered
Technical diagnosticspage-type identifiers, URL paths, field counts, timing, error codesReliability and troubleshooting — never the values of your fields or your proof image

The extension also stores, locally on your device (Chrome extension storage), a per-installation signing key pair used to sign attestations. This key never leaves your browser and is removed when you remove the extension.

5) How the data is used and shared

The employment/income data, proof image and attestation are sent over an encrypted (TLS) connection to Mistho, which — as processor — uses them solely to fulfil the verification you initiated and to make the result available to the organisation that requested it.

We do not sell your data, and we do not use it for advertising or for any purpose unrelated to the verification you requested. We do not disclose it to third parties except (a) the Partner that requested the verification, and (b) Mistho's infrastructure sub-processors acting under our documented instructions. Mistho's current sub-processors, lawful bases, international transfer safeguards and retention periods are set out in the main Privacy Policy, which this policy supplements.

6) Browser permissions, explained

  • Access to the government site you're verifying on — granted only for the specific official portal for your verification, and only to read the declared employment fields on it. (Requested when you start a verification.)
  • Access to the Mistho site — to connect the Mistho verification page to the extension and to send the result to Mistho.
  • Scripting / active tab — to place the read-only reader into the government tab during your verification, and to capture the proof image of the record you're viewing.
  • Storage — to keep your local signing key on your device.

7) Legal bases (UK/EU GDPR)

Where Mistho acts as processor, processing is carried out on the Partner's instructions and on the lawful basis the Partner relies on as controller (commonly consent and/or performance of a contract / steps taken at your request). You choose to verify through Mistho Passport, and you can withdraw at any time by not completing, or by cancelling, a verification. Where Mistho acts as controller for narrow diagnostics and security, our lawful basis is our legitimate interest in operating the extension securely and reliably.

8) Security

Data in transit is protected with TLS. Each extraction is cryptographically signed (Ed25519) and integrity-checked (SHA-256) so it cannot be altered between your browser and Mistho. The per-installation signing key never leaves your device. The extension contains no remotely-hosted or downloaded code; its behaviour is fixed in the published package, with only signed configuration data (cryptographically verified before use) fetched at runtime.

9) Retention

Verification results are retained according to the Partner's instructions and the retention schedule in the main Privacy Policy; where Mistho holds data only as processor, it is deleted or returned when the Partner's instructions require. The technical diagnostics described above are retained only as long as needed for reliability and security. The local signing key exists only in your browser and is removed when you remove the extension.

10) Your rights

Subject to applicable law, you have rights to access, rectify, erase, restrict, object to and port your personal data, and to withdraw consent where it is relied upon.

Because Mistho is the processor for your verification data, requests about that data are usually best directed to the Partner who asked you to verify (the controller); we will assist them as needed. For anything concerning the extension itself, or to reach Mistho's Data Protection Officer, use the contact details below. You may also complain to the UK Information Commissioner's Office (ICO) or your local supervisory authority.

11) Children

Mistho Passport is not intended for use by children and is not directed to them.

12) Changes

We may update this policy; material changes will be reflected by the “Last updated” date above and, where appropriate, communicated through Mistho.

13) Contact us

Data Protection Officer (via Evalian Limited)

Email: dpo@evalian.co.uk

Post: Evalian Limited, West Lodge, Leylands Farm, 1 Nobs Crook, Colden Common, Winchester, Hampshire, SO21 1TH

You may also complain to the Information Commissioner's Office (ICO) at http://www.ico.org.uk. We would appreciate the chance to deal with your concerns first, so please contact us initially.

Mistho Services Limited — registered in England and Wales (company 13636487), ICO registration ZB253263, registered office 27 Old Gloucester Street, London, WC1N 3AX.