Privacy Policy

We collect information you provide directly to us, including:

• Account information: name, email address, phone number, and organization details when you register.
• Employee data: attendance records, punch timestamps, device identifiers, GPS coordinates (when GPS or geofence punch is enabled), biometric templates (when face recognition or fingerprint punch is enabled), and shift information.
• Billing information: subscription plan and payment status. Payment card details are processed by our payment provider and never stored on our servers.
• Usage data: log data, IP addresses, browser type, pages visited, and actions taken within the application.
• Communications: messages you send us via support channels or the contact form.

We use the information we collect to:

• Provide, maintain, and improve the MAttendance platform.
• Process attendance records and generate payroll calculations.
• Run AI anomaly detection on attendance data to detect fraud.
• Send transactional notifications (alerts, punch confirmations, payroll reports).
• Respond to your support requests and inquiries.
• Send product updates and announcements (you may opt out at any time).
• Comply with legal obligations.

We do not sell your personal data to third parties.

Your data is stored on secure servers. We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, access controls, and regular security reviews.

Each organization's data is logically isolated within our multi-tenant architecture. Organization administrators can only access data belonging to their own organization.

While we take reasonable steps to protect your data, no system is completely secure. We encourage you to use strong passwords and to contact us immediately if you suspect any unauthorized access.

If your organization uses face recognition or fingerprint punch methods, biometric data (facial embeddings or fingerprint templates) is collected and stored. This data is used exclusively for attendance verification and is never shared with third parties for any other purpose.

Organization administrators are responsible for obtaining appropriate consent from employees before enabling biometric punch methods, in accordance with applicable local laws.

GPS and geofence punch methods collect location coordinates at the time of punch. Location data is used solely to verify that the punch occurred within an authorized location. We do not continuously track employee location outside of punch events.

We may share your information with:

• Service providers: infrastructure providers (hosting, storage, email delivery, push notifications) who process data on our behalf under strict confidentiality agreements.
• Legal requirements: when required by law, court order, or governmental authority.
• Business transfers: in connection with a merger, acquisition, or sale of assets, in which case your data would remain subject to this policy.

We retain your data for as long as your account is active or as needed to provide services. Upon account termination, we will delete or anonymize your data within 90 days, unless a longer retention period is required by law or requested by you for compliance purposes.

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your data.
• Object to or restrict certain processing.
• Data portability — receive your data in a machine-readable format.

To exercise any of these rights, contact us at [email protected].

We use cookies and similar tracking technologies to maintain your session, remember your preferences, and analyze how the platform is used. You can control cookies through your browser settings, though disabling certain cookies may affect platform functionality.

Our platform integrates with third-party services including Google (for OAuth authentication) and Firebase (for push notifications). Your use of these features is subject to the respective providers' privacy policies.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the platform. Continued use of MAttendance after changes are posted constitutes your acceptance of the updated policy.

If you have questions about this Privacy Policy or how we handle your data, contact us at: [email protected]