PRIVACY POLICY

Privacy Policy

Last updated: July 11, 2026

1. Who we are

ClockTrue is operated by Examin AI Inc., 447 Broadway, 2nd Floor, #2874, New York, NY 10013, United States. This Privacy Policy explains what data we process when you use ClockTrue or visit our website, and what rights you have. For employee data processed on behalf of an employer, the employer is the data controller and Examin AI acts as a data processor.

2. Data we process

Depending on how you use the Service, we process:

  • Account data: name, email, company, role.
  • Attendance data: clock-ins and clock-outs, lateness, shifts and positions.
  • Biometric templates: encrypted mathematical representations of a face, used only for verification.
  • Technical data: device information, system logs, access events.
  • Communications: messages you send to support.

3. How we handle biometric data

Faces are converted into encrypted mathematical templates. We do not store photographs for matching, and templates cannot be reversed into images. Matching happens on the clocking device. Employees are enrolled only after being informed and, where required by law, after giving explicit consent. Biometric templates are deleted when an employee is removed, when the retention period expires, or on request.

4. Why we process data

We process data to provide and secure the Service, generate punctuality, attendance, and shift reports, provide support, handle billing, and meet legal obligations. Under GDPR our legal bases are performance of a contract, legitimate interests, consent (for biometrics), and legal obligation.

5. Retention

Attendance records are kept for as long as your employer's retention policy requires, typically driven by payroll and labor law. Account data is kept while the contract is active and deleted or anonymized within 90 days after termination, except where the law requires a longer period.

6. Sharing

We do not sell personal data. We share data only with subprocessors that help us run the Service (such as cloud hosting providers), under contracts that require equivalent protection, and with authorities when the law requires it.

7. Security

We use encryption in transit and at rest, strict access controls, and periodic security reviews. No system is perfect, but biometric data is held to our highest standard of protection.

8. Your rights

Under GDPR you have the right of access, rectification, erasure, restriction, portability, and objection, and the right to lodge a complaint with a supervisory authority. California residents have equivalent rights under the CCPA. If you are an employee whose employer uses ClockTrue, please direct requests to your employer first; we will support them in responding.

9. International transfers

Where data is transferred outside the EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses.

10. Children

ClockTrue is a workplace tool and is not directed at children.

11. Changes to this policy

We may update this policy from time to time. New versions are published on this page, and we notify you of significant changes.

12. Contact

For any question about your data: contact@examin.ai, +40 750 270 818, or in writing at the address above.