Privacy Policy for VFM ATTENDANCE
1. Introduction
This Privacy Policy explains how the VFM ATTENDANCE ("App", "we", "us", or "our") collects, uses, processes, and protects your personal information. We are committed to protecting your privacy and ensuring the security of your data.
Important: This app is designed exclusively for employee attendance management within organizations. By using this app, you acknowledge that you are an authorized employee and consent to the collection and processing of your data as described in this policy.
2. Information We Collect and Process
Important Distinction: This app collects only facial images, location data, voice recordings, and session IDs. Employee personal information (name, number, role) is NOT collected by the app - it is retrieved from our backend server after facial recognition and only displayed to you for confirmation.
2.1 Biometric Data
- Facial Images: The app captures your facial photograph during check-in and check-out for identity verification purposes.
- Face Detection Data: We use Google ML Kit for face detection to automatically capture your photo when your face is detected.
- Purpose: To verify employee identity and maintain accurate attendance records.
- Storage: Facial images are transmitted to our secure backend server and are not stored permanently on your device.
2.2 Location Data
- GPS Coordinates: We collect your precise location (latitude and longitude) during check-in and check-out.
- Purpose: To verify that attendance is recorded from authorized work locations.
- Frequency: Location is collected only when you perform check-in or check-out actions.
- No Location: If location services are disabled, the app will still function but will record attendance without location data.
2.3 Audio Recordings
- Voice Commands: The app records your voice when you say "Check-in" or "Check-out" for multi-check-in scenarios.
- Early Checkout Reasons: Voice recordings (up to 8 seconds) are captured when you state your reason for early checkout.
- Purpose: To process voice commands and maintain records of early checkout justifications.
- Storage: Audio files are temporarily stored on your device and transmitted to our backend server, then deleted from your device.
2.4 Personal Information (Received from Server, Not Collected by App)
- What the app receives: After facial recognition by our backend server, the app displays employee information (name, employee number, role, work location) that is already stored in our database.
- Important: The app does NOT collect or send this personal information. It only displays what the server sends back after verifying your face.
- Purpose: To show you confirmation of successful attendance recording with your employee details.
2.5 Attendance Records (Received from Server for Display)
- What the app receives: Check-in time, check-out time, and total working hours are calculated and stored by the backend server, then sent to the app for display.
- What the app sends: Early checkout reasons (voice recordings) are collected by the app and sent to the server for record-keeping.
- Purpose: To display your attendance history and confirm successful check-in/out. Attendance records are maintained by our backend server for payroll and HR management.
2.6 Technical Data
- Session IDs: Unique randomly-generated identifiers (UUIDs) to link facial recognition and voice data during a single attendance transaction. These are NOT device identifiers.
- Network Status: The app checks internet connectivity locally on your device to display alerts when offline. This information is NOT collected or sent to the server.
Important: The app does NOT collect device information such as device model, manufacturer, OS version, or device unique identifiers. Platform detection (Android) is used only locally to configure camera settings and is not transmitted to the server.
3. Permissions Required
| Permission |
Purpose |
When Used |
| Camera |
Capture facial photos for attendance verification |
During check-in and check-out |
| Location |
Record GPS coordinates to verify work location |
During check-in and check-out |
| Microphone |
Record voice commands and early checkout reasons |
During voice input scenarios |
| Storage |
Temporarily store captured images and audio files |
During data transmission to server |
| Internet |
Send attendance data to backend server |
Continuously during app usage |
4. How Your Information Is Used
4.1 By the App:
- Attendance Capture: To capture and transmit your facial image to the backend server for identity verification.
- Location Capture: To capture and transmit your GPS coordinates for location verification.
- Voice Command Processing: To record and transmit voice commands for multi-check-in scenarios and early checkout reasons.
- Display Confirmation: To show you confirmation of successful attendance recording with your details.
4.2 By Our Backend Server:
- Identity Verification: To recognize your face and ensure the correct employee is recording attendance.
- Location Verification: To verify that attendance is recorded from authorized work locations.
- Attendance Recording: To record check-in and check-out times in the organizational database.
- Record Keeping: To maintain attendance records for HR and payroll purposes, including:
- Calculating working hours for payroll processing
- Tracking attendance for HR management
- Managing leave balances and overtime
- Compliance with labor laws and regulations
- Generating attendance reports for management
- Early Checkout Documentation: To record and store reasons for early departures for HR review.
- Multi-Check-in Handling: To process scenarios where employees check in/out multiple times in a day.
Important: The app itself does not store or maintain attendance records. All record-keeping is performed by our backend server. The app is only a capture and display tool.
5. Data Transmission and Storage
5.1 Backend Server
- Primary Server: Data is transmitted to our backend server.
- Transmission: All data is transmitted via HTTPS protocols.
- Authentication: API key authentication is used to secure data transmission.
5.2 Local Storage and Auto-Deletion
- Temporary Files: Images and audio are temporarily stored on your device during transmission to the backend server.
- Automatic Deletion: All captured files (photos and voice recordings) are automatically deleted from your device immediately after successful transmission to the server.
- Privacy Protection: This ensures your biometric data (facial images and voice) is not left on your device unnecessarily.
- No Permanent Storage: The app does not permanently store any biometric data on your device.
- Storage Duration: Files exist on your device only during the upload process (typically 5-30 seconds), then are automatically removed.
6. Data Sharing and Third Parties
6.1 Google ML Kit
- Purpose: Face detection to automatically trigger photo capture.
- Processing: Face detection is performed on-device; no data is sent to Google.
- Privacy: Google ML Kit processes images locally and does not store or transmit your facial data.
6.2 No Third-Party Sharing
- We DO NOT sell, rent, or share your personal information with third parties for marketing purposes.
- Data is used internally for attendance management purposes.
- We do not share your data with advertising networks or data brokers.
7. Data Retention
- Attendance Records: Retained as per our organizational policy (typically for payroll and compliance purposes).
- Facial Images: Retained on the backend server as per organizational requirements.
- Audio Recordings: Retained for record-keeping purposes related to early checkouts.
- Session Data: Temporary session IDs are deleted after the attendance transaction is complete.
8. Data Security
- Encryption: Data transmission uses secure protocols (HTTPS where available).
- Authentication: API key authentication prevents unauthorized access.
- Access Control: Only authorized personnel can access the backend server and attendance data.
- Regular Audits: We conduct regular security audits to protect your data.
9. Your Rights
As an employee user, you have the right to:
- Access: Request access to your attendance data and personal information.
- Correction: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your data (subject to legal and organizational requirements).
- Withdraw Consent: Withdraw your consent for data processing (may affect app functionality).
- Data Portability: Request a copy of your data in a portable format.
10. Children's Privacy
This app is NOT intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. This app is designed exclusively for employee attendance tracking in workplace settings.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by:
- Posting the updated policy in the app
- Updating the "Last Updated" date below
- Notifying users through the email or organizational communication channels
12. Legal Compliance
This Privacy Policy is designed to comply with:
- Google Play Store Developer Program Policies
- Android Privacy Best Practices
- GDPR (General Data Protection Regulation) - if applicable in the EU
- CCPA (California Consumer Privacy Act) - if applicable in California, USA
- Local Data Protection Laws in your jurisdiction
13. Acknowledgment and Consent
By downloading, installing, or using the VFM ATTENDANCE, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.
If you are using this App on behalf of your employer, you confirm that you have the authority to agree to this Privacy Policy on behalf of your organization.
14. Governing Law
This Privacy Policy is governed by the laws of India and the State of Tamil Nadu, without regard to its conflict of law provisions.
Any disputes arising from this policy will be resolved in the courts of Tamil Nadu, India.
15. Contact Us