Data Deletion & Retention Policy

Customer administrators may request deletion, export, or access removal for organization data by contacting PHELTIX support from an authorized company email address.

Employee users should normally contact their employer first because the employer usually controls employment and attendance records. PHELTIX will support employee privacy requests routed through the customer organization or required by applicable law.

• Employee user accounts and profile information.
• Device binding records and device identifiers.
• Attendance punch records and related audit metadata, where deletion is permitted.
• Optional selfie verification images or metadata, where enabled and where deletion is permitted.
• Organization configuration such as locations, geofences, and beacon settings.

Some records may need to be retained for legitimate business, security, payroll, accounting, audit, dispute, or legal reasons. For example, a customer may need to retain attendance records for payroll, HR, or labor-law purposes.

When full deletion is not immediately possible, PHELTIX may restrict access, deactivate the account, remove unnecessary identifiers, or anonymize data where appropriate and technically feasible.

Deleted data may remain in encrypted backups or operational logs for a limited period until those backups or logs are rotated, overwritten, or securely removed. Backup data is not used for normal production access.

Send deletion, export, or access-removal requests to support@pheltix.com.

Include the organization name, requester name, role, contact email, and the specific data or users involved. PHELTIX may verify authorization before processing the request.