Privacy Policy

Company: PHELTIX Technologies L. L. C
Location: Dubai, UAE

Contact: support@pheltix.com

When PHELTIX is used by a company for employee attendance, that company is typically the data controller for employee personal data, and PHELTIX acts as a data processor on the company’s instructions.

For our marketing website and direct business communications, PHELTIX acts as a data controller.

Enterprise customers can request a Data Processing Addendum (DPA) for contractual details.

Depending on how you use PHELTIX, we may collect:

• Account & identity data: name, email, user ID, role (employee/admin), organization and location identifiers.
• Attendance & job data: punch timestamps, punch type (in/out), job number (optional), and audit metadata (e.g., source: manual/auto).
• Location data: GPS coordinates used to evaluate whether a device is inside a geofence.
• Proximity data: iBeacon/BLE identifiers (UUID/major/minor), RSSI, and the time the beacon was observed.
• Selfie / image data (optional): selfie images captured for liveness verification (when enabled by the customer).
• Device & technical data: device identifiers, OS version, app version, IP address (for web), and diagnostic logs for security and debugging.
• Support & communications: messages you send us and related metadata.

Note: If your employer enables selfie checks, the purpose is attendance verification. Unless explicitly stated in a signed agreement, PHELTIX does not provide facial recognition identity matching.

• Provide and operate the Services (attendance, reporting, exports, admin tools).
• Detect fraud, prevent misuse, and protect accounts and organizations.
• Improve reliability, performance, and user experience.
• Provide customer support and respond to inquiries.
• Comply with applicable laws, requests, and regulatory obligations.

Where applicable law requires a legal basis, we rely on one or more of: performance of a contract, legitimate interests (security and service improvement), compliance with legal obligations, and consent (e.g., device permissions for location/camera).

Employers/customers are responsible for providing any required employee notices and obtaining consents where required by local law.

We may share information with service providers that help us run the Services (for example: hosting, databases, authentication, notifications, email, customer support). These providers are typically bound by confidentiality and data protection obligations.

For transparency, we maintain an overview of key service providers on our Subprocessors page.

View our Subprocessors

Retention periods are typically configured by the customer/organization (e.g., to match HR/payroll requirements). We also retain limited security logs for a reasonable period to protect the platform and investigate issues.

Depending on the customer configuration and hosting location, information may be processed in countries other than your own. Where required, we use appropriate safeguards for cross-border transfers.

We apply technical and organizational measures designed to protect information from unauthorized access, loss, misuse, or alteration.

Learn more on our Security page

Depending on your location and relationship to PHELTIX (visitor, customer admin, employee user), you may have rights such as access, correction, deletion, and objection.

If you use PHELTIX through an employer, please contact your employer first. We will also support requests routed through the organization.

Our marketing website is designed to work without advertising cookies. If we add analytics or tracking technologies in the future, we will update this policy and, where required, provide choices.

We may update this Privacy Policy from time to time. We will post the updated version on this page with a new effective date.

For privacy questions or requests, contact:
support@pheltix.com