Last Updated: January 13, 2026

Privacy Policy

WorkFace is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your information.

Our Privacy Commitment

WorkFace ("we," "our," or "us") is designed with privacy at its core. We believe your biometric data belongs to you and should never leave your device without your explicit consent.

Key Privacy Guarantee

All face recognition processing happens entirely on your device using Google ML Kit. Your biometric data is never uploaded to our servers or any third-party cloud services.

Information We Collect

1. Face Recognition Data

  • What we collect: Facial feature templates used for attendance tracking
  • How we collect: Through your device's camera when you register your face or punch in/out
  • Storage: All face data is processed and stored locally on your device only, in an encrypted database
  • Never shared: This data never leaves your device and is never transmitted to any server

2. Attendance Records

  • What we collect: Check-in/check-out times, attendance history, and related statistics
  • Storage: Stored locally on your device in an encrypted database
  • Optional sync: If you configure webhook integration, attendance events (not biometric data) may be sent to your designated endpoint

3. Account Information

  • What we collect: Email address (via Google Sign-In), name, and profile photo
  • Purpose: User authentication and account management
  • Provider: This information comes from Google OAuth 2.0

4. Device Information

  • What we collect: Device identifier, operating system version, app version
  • Purpose: App functionality, crash reporting, and technical support
Data Type Storage Location Shared with Third Parties
Face Recognition Data Device Only (Encrypted) Never
Attendance Records Device (+ Optional Webhook) Only via your configured webhook
Account Info Device + Google Google (for authentication)
Device Info Device Crash reporting only

How We Protect Your Data

On-Device Processing

All face recognition is performed locally on your device using Google ML Kit. The face templates are mathematical representations that cannot be reverse-engineered into actual images of your face.

Encryption

All locally stored data is encrypted using Android's built-in security features, including the Android Keystore system for cryptographic key storage.

Secure Authentication

We use Google OAuth 2.0 for authentication, which means we never see or store your Google password.

No Cloud Storage of Biometrics

Your face data never touches any cloud server. Even if our servers were compromised, your biometric data would remain safe on your device.

Webhook Integration

If you choose to configure webhook integration:

  • Attendance event data (employee ID, name, timestamp, punch type) will be sent to your specified endpoint
  • Biometric/face data is never included in webhook payloads
  • You control the endpoint URL and can disable this feature at any time
  • Data is queued locally when offline and sent when connectivity is restored

Your Responsibility

When using webhook integration, you are responsible for the security and privacy practices of your receiving endpoint. We recommend using HTTPS endpoints only.

Third-Party Services

Google Sign-In

We use Google OAuth 2.0 for authentication. When you sign in, Google shares your basic profile information (name, email, profile photo) with us. Google's privacy policy applies to information collected through their service.

View Google's Privacy Policy

Google ML Kit

We use Google ML Kit for on-device face recognition. All processing happens locally on your device - no face data is sent to Google servers.

View ML Kit Terms

Your Rights & Choices

Access Your Data

You can view all your attendance records within the app and export them as CSV files at any time.

Delete Your Data

You can delete your account and all associated data directly from the app settings. This will permanently remove:

  • Your face recognition templates
  • All attendance records
  • Your account information

Update Your Information

You can update your face registration at any time by re-registering through the app.

Export Your Data

You can export your attendance data in CSV format for portability.

Opt-Out of Webhooks

Webhook integration is entirely optional. You can disable it at any time in the app settings.

Data Retention

  • Face Data: Retained on your device until you delete it or uninstall the app
  • Attendance Records: Retained on your device according to your preferences
  • Account Information: Retained until you delete your account

Children's Privacy

WorkFace is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

Legal Compliance

This Privacy Policy is designed to comply with:

  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • Illinois Biometric Information Privacy Act (BIPA)
  • Other applicable data protection laws

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy in the app
  • Updating the "Last Updated" date at the top
  • Sending an in-app notification for significant changes

Your continued use of WorkFace after any changes indicates your acceptance of the updated Privacy Policy.