I want to understand how companies can have access to our Bio-metrics. I assume that when we go for some service which needs to verify identity through Aadhar, they have some machine which check some biometric (like finger print) and compare it with Aadhar database to verify identity. Data detected by device is just compared with data from Aadhar database, (assuming in secure channels). Where is person verifying identity storing that data?
Just to be more sure, when some person is verifying our identity should give some printed receipt that data was accessed for verification at particular date and time, so person getting verified knows when his/her Aadhar data was accessed.