Privacy Policy - Attendify

This Privacy Policy describes how Attendify (“we”, “our”, “us”) collects, processes, stores, and protects personal data processed through our platform and website www.attendify.ai in accordance with the Digital Personal Data Protection (DPDP) Act, 2023 and applicable Indian laws.

We are committed to lawful, transparent, and secure handling of personal data.

1. Types of Data We Collect

Depending on organization setup, we may process:

• a) Employee / User Information
  • name & employee ID
  • department / designation
  • contact details (if provided by organization)
• b) Attendance & Access Records
  • check-in / check-out timestamps
  • shift & schedule details
  • device & terminal logs
• c) Biometric / Face Recognition Data (Where Enabled)
  • encrypted facial templates
  • verification logs & confidence values

  Biometric data is processed only for identity verification & attendance automation.

• d) Visitor Management Data
  • visitor name & contact
  • purpose of visit
  • entry / exit logs
• e) Technical Metadata
  • IP address
  • device identifiers
  • application / browser metadata

We do not collect financial, banking, or unrelated personal data.

2. Purpose of Data Processing

Data is processed strictly for:

• attendance & workforce management
• identity verification & premises security
• reporting & authorized analytics
• system maintenance & security monitoring
• compliance with organizational policies

Personal data is not sold or shared for advertising.

3. Role Under DPDP Act (India)

In most cases:

• The organization / employer acts as the Data Fiduciary
• Attendify acts as a Data Processor / Data Processor-Service Provider

We process data only as per written instructions of the organization.

Organizations are responsible for:

• obtaining consent where required
• displaying biometric processing notices
• defining lawful grounds for processing

4. Lawful Basis & Consent

Processing may be based on:

• employment / contractual requirement.
• legitimate business purpose
• user or visitor consent (where applicable)
• compliance with legal obligations

Consent may be collected:

• by the organization, or
• through the platform (where implemented)

5. Data Security & Protection

We apply industry-standard safeguards including:

• encryption at rest & in transit
• secure cloud infrastructure or on premise infrastructure (Edge server)
• access controls & authentication policies
• audit logs & restricted admin access
• regular security reviews

Biometric templates are stored in encrypted form and are never disclosed for external purposes.

6. Data Sharing & Disclosure

Data may be shared with:

• authorized organizational administrators
• system partners & infrastructure providers
• regulatory authorities, when legally required

We do not share data with advertisers or unrelated third parties.

7. Data Retention

Data is retained for:

• duration determined by the organization, or
• statutory retention requirements

Upon request from the organization, records may be deleted subject to legal obligations.

8. User Rights Under Indian Law

Subject to applicable law, individuals may request:

• access to personal data
• correction or update of inaccurate records
• deletion of data (where applicable)
• withdrawal of biometric processing consent (where feasible)

Requests may be routed via the organization’s admin or by contacting us.

9. Cross-Border Data Storage (If Applicable)

If data is stored or processed outside India, it is done in compliance with applicable Indian laws and contractual safeguards.

10. Children’s Data

Attendify is not intended for minors below 18 years, unless permitted by the organization.

11. Updates to This Policy

We may update this Privacy Policy periodically. Revisions will be published on this page with an updated “Last Updated” date.

12. Contact Data Protection & Privacy

For privacy-related queries or requests:

• Techkshetra Info Solutions Pvt Ltd
• Email: contact@techkshetrainfo.com