PHELTIX

Legal & trust

Privacy Policy

This Privacy Policy explains how PHELTIX Technologies, L.L.C S.O.C (“PHELTIX”, “we”, “us”) collects, uses, shares, and protects information when you visit our website or use the PHELTIX workforce attendance services.

PHELTIX provides attendance verification using mobile punch records, GPS geofences, optional BLE/iBeacon proximity checks, optional random selfie verification, dashboards, audit trails, and exports.

Last reviewed: 11 June 2026

Trust notes

No sale of workforce data
Customer-controlled employee records
Support access disclosed

1. Who we are

Company: PHELTIX Technologies, L.L.C S.O.C
Location: Dubai, United Arab Emirates
Privacy and support contact: support@pheltix.com

2. Controller and processor roles

When a company uses PHELTIX for employee attendance, that company is normally the controller of employee attendance data. PHELTIX normally acts as a processor or service provider and handles that data according to the customer’s instructions, selected product configuration, and applicable agreement.

For the PHELTIX website, sales enquiries, support communications, security administration, and our own business operations, PHELTIX acts as a controller.

3. Information we may process

  • Account data: name, email, role, organization, employee number, job number, and login metadata.
  • Attendance data: punch in/out records, timestamps, source, location/site, manual correction notes, audit events, and export metadata.
  • Location verification data: GPS coordinates and geofence evaluation used for punch validation. PHELTIX does not store continuous employee route history by default.
  • BLE/iBeacon data: beacon UUID, major/minor, signal metadata, and observation time where Pro BLE verification is enabled.
  • Selfie verification data: optional selfie images or verification metadata where enabled by the customer. Selfie images are retained for 90 days by default unless a customer-specific written agreement requires a different retention period. PHELTIX does not provide facial-recognition identity matching unless separately agreed in writing.
  • Device and technical data: device identifier, app version, operating system, IP address for web access, diagnostic logs, and security events.
  • Support data: messages, screenshots, ticket details, and communication history you send to us.

4. How we use information

  • Provide, operate, and secure the PHELTIX services.
  • Verify attendance punches and reduce misuse such as buddy punching.
  • Support timesheets, payroll exports, audit review, and customer administration.
  • Provide customer support, troubleshoot issues, and improve reliability.
  • Detect abuse, investigate security incidents, and comply with legal obligations.
  • Communicate about demos, onboarding, product updates, billing, and support.

5. Super-admin and support access disclosure

Authorized PHELTIX personnel may access customer data only where necessary to provide, support, secure, troubleshoot, maintain, or improve the services; respond to support requests; investigate abuse or security incidents; comply with legal obligations; or manage billing and account administration.

Super-admin access is not for casual browsing. Access should be role-restricted, limited to authorized personnel, and may be logged or reviewed. PHELTIX does not sell employee attendance, location, device, or selfie data.

6. Customer administrator access

Customer owners, administrators, and managers may access employee attendance data inside their own organization according to the role permissions configured in PHELTIX. Customer organizations are responsible for providing employee notices and obtaining permissions or consents where required.

7. Sharing and subprocessors

We may use trusted service providers to host, secure, deliver, and support the services, such as infrastructure, authentication, service delivery, operational communication, security, and support providers. These providers process data only for the purposes needed to operate PHELTIX.

View our Subprocessors page.

8. Retention and deletion

Retention periods are normally controlled by the customer organization and may depend on HR, payroll, audit, accounting, or legal requirements. Selfie verification images are retained for 90 days by default unless a customer-specific written agreement requires a different retention period. PHELTIX also retains limited security and operational logs for platform protection and troubleshooting.

Read the Data Deletion & Retention Policy.

9. International transfers

Depending on the customer configuration, hosting region, and service providers used, information may be processed in countries other than your own. Where required, we use appropriate contractual, technical, and organizational safeguards.

10. Security

We apply technical and organizational measures designed to protect information from unauthorized access, loss, misuse, or alteration, including role-based access controls, organization separation, secure authentication, and audit-oriented logging.

Learn more on our Security page.

11. Your privacy rights

Depending on your location and relationship with PHELTIX, you may have rights to access, correct, delete, restrict, object to, or receive a copy of certain personal data.

If you use PHELTIX through your employer, please contact your employer first because it usually controls employee attendance records. PHELTIX will support requests routed through the organization or required by applicable law.

12. Cookies and website analytics

The PHELTIX marketing website is designed to work without advertising cookies. If we add analytics or tracking technologies in the future, we will update this policy and provide choices where required.

13. Changes to this policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a new effective or review date.

14. Contact

For privacy questions, deletion requests, or security concerns, contact support@pheltix.com.