Comment by magicalhippo

The technical specification can be found here[1], with further details here[2].

Well, it's more like a framework, so not a ton of details. I've just glossed over it, but from what I can gather they have thought about it:

No personal data, especially no information from personal identification documents such as national ID card, is stored within an [Age Verification App Instance]. Only the Proof of Age attestation, specifically indicating "older than 18", is utilized for age verification purposes

Stored Verification(8b): [Relying Parties] may optionally store information derived from the Proof of Age attestation in the User's account, allowing the User to bypass repeated verification for future visits or purchases, streamlining the User experience. In this case, authentication methods such as WebAuthN should be utilised to ensure secure access while enabling the User to choose a pseudonym, preserving privacy. Risks in case of the device sharing should be considered.

[1]: https://ageverification.dev/Technical%20Specification/archit...

[2]: https://ageverification.dev/Technical%20Specification/annexe...