C

ClockInProof

GPS-Verified Time Tracking

Privacy Policy

Last updated: March 2, 2026

1. Who We Are

ClockInProof ("we", "us", "our") is a GPS-verified employee time-tracking platform operated by Noweis Inc., based in Ontario, Canada. Our service is available at app.clockinproof.com (worker app) and admin.clockinproof.com (employer dashboard).

Contact: support@clockinproof.com

2. Information We Collect

  • Worker data: Name, phone number, PIN, job title, start date, emergency contact, driver's licence (optional)
  • Location data: GPS coordinates at clock-in, clock-out, and periodic pings during active shifts (used solely for fraud prevention and timesheet accuracy)
  • Work session data: Clock-in/out times, hours worked, job location, session type
  • Device data: A randomly-generated browser token stored in your phone's local storage. This is not biometric data — it cannot identify you as a person. It is used solely to verify that clock-in activity originates from the device you registered with. You give explicit informed consent before this token is recorded. You may request a device reset from your employer at any time.
  • Employer/admin data: Business name, email, phone, payroll settings, Twilio and QuickBooks integration credentials

3. How We Use Your Information

  • To record and verify employee clock-in and clock-out times
  • To detect GPS fraud (clocking in from a location different from the job site)
  • To calculate payroll hours and generate payroll reports
  • To send SMS notifications and invite links to workers via Twilio
  • To push time-activity records to QuickBooks Online when the employer enables the integration
  • To email payroll summaries to the employer's designated accountant
  • To improve the reliability and security of the platform

4. QuickBooks Integration

When you connect ClockInProof to QuickBooks Online:

  • We request access only to the com.intuit.quickbooks.accounting scope
  • We use this access solely to create TimeActivity records (employee hours) in your QB company
  • We do not read, modify, or delete any financial records, invoices, bills, or bank data
  • OAuth tokens are stored encrypted in our Cloudflare D1 database and never shared with third parties
  • You can disconnect at any time via Settings → QuickBooks → Disconnect, which immediately revokes our access

5. Data Sharing

We do not sell, rent, or trade your personal information. We share data only with:

  • Cloudflare — infrastructure provider (Workers, D1 database, Pages hosting)
  • Twilio — SMS delivery for worker invitations and notifications
  • Intuit/QuickBooks — only when you explicitly enable the QB integration
  • Resend — email delivery for payroll summaries
  • Your accountant — payroll reports sent at your explicit request

6. Data Retention

We retain your data for as long as you maintain an active account. Session and payroll data is retained for a minimum of 7 years to comply with Canadian employment record requirements. You may request deletion of your account and data by contacting us.

7. Security

All data is transmitted over HTTPS/TLS. Database credentials and API tokens are stored as encrypted environment secrets. GPS data is stored only for active sessions and fraud-check purposes. We do not store raw payment card information.

8. Your Rights (PIPEDA / Canadian Privacy Law)

  • Right to access your personal data
  • Right to correct inaccurate data
  • Right to withdraw consent and request deletion
  • Right to be informed of data breaches

To exercise these rights, email support@clockinproof.com.

8a. Device Verification & Anti-Fraud Technology

What it is: ClockInProof uses a randomly-generated browser token ("device token") stored in your phone's browser local storage to verify that clock-in and clock-out activity originates from your registered device. This prevents "buddy punching" (a third party clocking in on your behalf).

What it is NOT: This is not biometric data. It does not capture fingerprints, facial features, voice patterns, or any physical characteristic. It is a string of random letters and numbers — similar to how a website remembers you are logged in.

Consent: Workers are shown a clear, plain-language consent screen the first time they register on a device. Clock-in is not possible without consent. This satisfies the requirements of:

  • Canada — PIPEDA (Principle 3: Consent; Principle 4.8: Openness)
  • Ontario — Employment Standards Act, Electronic Monitoring Policy requirements
  • Alberta/BC — PIPA — Employer consent for employee personal information collection
  • Quebec — Law 25 — Transparency and consent obligations
  • US — CCPA (California) — Notice at collection; no biometric data is collected
  • Illinois BIPA — Does not apply (no biometric identifiers collected)
  • US Federal — ECPA — Monitoring disclosed to employees in advance

Data minimization: The token is stored only in the database record for the worker. It is never shared with third parties, never used for purposes other than clock-in verification, and never combined with browsing data.

Right to reset: Workers may request a device reset at any time through the worker app ("I have a new phone"). The employer is notified and must manually approve the reset. Workers retain full control of this process.

Retention: The device token is deleted when the worker's account is deleted. Employers may reset it at any time from the admin dashboard.

9. Changes to This Policy

We may update this policy periodically. We will notify users of material changes via the admin dashboard or email. Continued use of ClockInProof after changes constitutes acceptance.

© 2026 ClockInProof / Noweis Inc. — Ontario, Canada Terms of Service