Privacy Policy — Guardix

1. Introduction

Guardix ("we," "us," or "our") operates the Guardix security guard management platform, including the website at guardix.com, the web application, and the Guardix mobile application (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use the Service.

2. Information We Collect

We collect the following types of information:

2.1 Personal Information

Name, email address, and phone number
Profile photo (selfie taken during clock-in for verification)
Employment information (role, assigned post sites, shift schedules)
Account credentials (managed through our authentication provider)

2.2 Location Data

GPS coordinates collected during active shifts for geofence verification
Location data is only collected while a guard is clocked in to an active shift
Location accuracy and timestamp information

2.3 Device Information

Device type, operating system, and version
Push notification tokens for delivering shift alerts and messages
App version and crash diagnostic data

2.4 Usage Data

Clock-in and clock-out timestamps
Break start and end times
Report submissions and incident logs
Feature usage patterns to improve the Service

3. How We Use Your Information

We use the information we collect to:

Provide, operate, and maintain the Service
Verify guard attendance and location at assigned post sites
Process time tracking, scheduling, and payroll-related features
Send shift reminders, notifications, and important updates
Generate reports for security operations management
Improve and personalize your experience with the Service
Comply with legal obligations and enforce our terms

4. Location Data

Location data is a critical component of our security guard management service. We want to be transparent about how it is used:

When collected: GPS data is only collected while a guard is clocked in to an active shift. We do not track location when the guard is off-duty.
Why collected: To verify that guards are present at their assigned post sites, to detect geofence entry and exit events, and to provide real-time tracking for security operations managers.
How stored: Location data is stored securely on our servers with encryption in transit and at rest. Data is retained according to our data retention policy and applicable regulations.
Your control: You can disable location services on your device, though this may prevent clock-in functionality at geofence-enabled post sites.

5. Camera and Photo Usage

The Guardix mobile app uses the device camera for:

Clock-in selfies: A verification photo is taken during clock-in to confirm guard identity and uniform compliance. These photos include a GPS-stamped watermark.
Site photos: Guards may take photos of their post site as part of incident reports or routine documentation.
Report attachments: Photos can be attached to custom reports and incident submissions.

Photos are stored securely and are only accessible to authorized personnel within your organization.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

Within your organization: Your employer (the security company) and their authorized managers can access your work-related data including clock times, location data during shifts, and reports.
Service providers: We use third-party services for hosting (AWS), authentication (Logto), email delivery, and analytics. These providers process data on our behalf under strict contractual obligations.
Legal requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
Business transfers: In connection with a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction.

7. Data Security

We implement industry-standard security measures to protect your data:

All data transmitted between your device and our servers is encrypted using TLS/SSL
Data at rest is encrypted using AES-256 encryption
Multi-tenant architecture with Row-Level Security (RLS) ensures data isolation between organizations
Regular security audits and penetration testing
Access controls and authentication for all system components

8. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. Work-related data (time logs, reports, location history) is retained according to your organization's settings and applicable labor regulations. You may request deletion of your data by contacting us.

9. Your Rights

Depending on your jurisdiction, you may have the following rights:

Access: Request a copy of the personal data we hold about you
Correction: Request correction of inaccurate or incomplete data
Deletion: Request deletion of your personal data (subject to legal retention requirements)
Portability: Request your data in a machine-readable format
Objection: Object to certain types of data processing
Withdrawal of consent: Withdraw consent where processing is based on consent

To exercise any of these rights, please contact us at privacy@guardix.com.

10. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. Our servers are located in the United States (AWS us-east-1). We ensure appropriate safeguards are in place for international data transfers in compliance with applicable data protection laws.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Effective Date" above. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: