Privacy Protocol.
Last Updated: March 17, 2026. This policy outlines how SmartStaff protects your identity and location data with enterprise-grade security.
Data Collection
We collect essential information to facilitate secure attendance, including your name, corporate email, and employment details assigned by your administrator.
Biometric Data
Your face data is encrypted and stored as a mathematical hash. We do not store raw images in a way that can be reconstructed into your likeness outside of our verification engine.
Geolocation Tracking
GPS data is only captured at the exact moment of check-in and check-out to verify you are within a designated work zone. We do not track your movement in real-time.
Security & Encryption
All data transmitted between your device and our servers is protected by industry-standard SSL/TLS encryption and stored on secure, SOC2-compliant cloud infrastructure.
Data Retention & Deletion
We retain attendance records for as long as your account is active or as mandated by local labor laws. When a company account is terminated, all associated biometric hashes and employee records are purged from our production databases within 30 days.
Third-Party Disclosure
SmartStaff does not sell, trade, or rent your personal data to third parties. We only share data with essential service providers strictly to provide our services.
Your Rights
As a user, you have the right to request a copy of your attendance data, correct inaccuracies, or request the deletion of your account.
GDPR & CCPA COMPLIANT