Privacy Policy - Attendify
This Privacy Policy describes how Attendify (“we”, “our”, “us”) collects, processes, stores, and protects personal data processed through our platform and website www.attendify.ai in accordance with the Digital Personal Data Protection (DPDP) Act, 2023 and applicable Indian laws.
We are committed to lawful, transparent, and secure handling of personal data.
1. Types of Data We Collect
Depending on organization setup, we may process:
- a) Employee / User Information
- name & employee ID
- department / designation
- contact details (if provided by organization)
- b) Attendance & Access Records
- check-in / check-out timestamps
- shift & schedule details
- device & terminal logs
- c) Biometric / Face Recognition Data (Where Enabled)
- encrypted facial templates
- verification logs & confidence values
Biometric data is processed only for identity verification & attendance automation.
- d) Visitor Management Data
- visitor name & contact
- purpose of visit
- entry / exit logs
- e) Technical Metadata
- IP address
- device identifiers
- application / browser metadata
We do not collect financial, banking, or unrelated personal data.
2. Purpose of Data Processing
Data is processed strictly for:
- attendance & workforce management
- identity verification & premises security
- reporting & authorized analytics
- system maintenance & security monitoring
- compliance with organizational policies
Personal data is not sold or shared for advertising.
3. Role Under DPDP Act (India)
In most cases:
- The organization / employer acts as the Data Fiduciary
- Attendify acts as a Data Processor / Data Processor-Service Provider
We process data only as per written instructions of the organization.
Organizations are responsible for:
- obtaining consent where required
- displaying biometric processing notices
- defining lawful grounds for processing
4. Lawful Basis & Consent
Processing may be based on:
- employment / contractual requirement.
- legitimate business purpose
- user or visitor consent (where applicable)
- compliance with legal obligations
Consent may be collected:
- by the organization, or
- through the platform (where implemented)
5. Data Security & Protection
We apply industry-standard safeguards including:
- encryption at rest & in transit
- secure cloud infrastructure or on premise infrastructure (Edge server)
- access controls & authentication policies
- audit logs & restricted admin access
- regular security reviews
Biometric templates are stored in encrypted form and are never disclosed for external purposes.
6. Data Sharing & Disclosure
Data may be shared with:
- authorized organizational administrators
- system partners & infrastructure providers
- regulatory authorities, when legally required
We do not share data with advertisers or unrelated third parties.
7. Data Retention
Data is retained for:
- duration determined by the organization, or
- statutory retention requirements
Upon request from the organization, records may be deleted subject to legal obligations.
8. User Rights Under Indian Law
Subject to applicable law, individuals may request:
- access to personal data
- correction or update of inaccurate records
- deletion of data (where applicable)
- withdrawal of biometric processing consent (where feasible)
Requests may be routed via the organization’s admin or by contacting us.
9. Cross-Border Data Storage (If Applicable)
If data is stored or processed outside India, it is done in compliance with applicable Indian laws and contractual safeguards.
10. Children’s Data
Attendify is not intended for minors below 18 years, unless permitted by the organization.
11. Updates to This Policy
We may update this Privacy Policy periodically. Revisions will be published on this page with an updated “Last Updated” date.
12. Contact Data Protection & Privacy
For privacy-related queries or requests:
- Techkshetra Info Solutions Pvt Ltd
- Email: contact@techkshetrainfo.com