Privacy Policy

1. Introduction

Byond Bytes Pty Ltd ("Timeki", "we", "our", "us") operates the Timeki mobile application and website at timeki.app (the "Service"). We are committed to protecting your privacy and handling your personal information in accordance with the Australian Privacy Principles under the Privacy Act 1988 (Cth) and other applicable privacy laws.

This Privacy Policy explains what information we collect, how we use it, who we share it with, and your rights regarding your personal data.

2. Information We Collect

2.1 Information You Provide

• Account Information: When you create an account, we collect your name, email address, and phone number (if provided).
• Time Tracking Data: Information about your time entries, work hours, breaks, and punch in/out records.
• Project and Task Information: Details about job sites, projects, tasks, and schedules you create or are assigned to.
• Team Information: When you invite team members, we collect their email addresses and names.
• Photos and Media: In future versions, we may collect photos for proof of work or other purposes (with your consent).
• Communications: Messages you send to us for support or feedback.

2.2 Information Collected Automatically

• Location Data: When you use punch in/out features, we collect your GPS location to verify you are within designated geofence areas. Location tracking only occurs when you actively use the time tracking features.
• Device Information: We may collect information about your device, including device type, operating system, unique device identifiers, and mobile network information.
• Usage Data: Information about how you use the app, including features accessed, time spent, and interactions.
• Log Data: Technical information such as IP address, browser type, and app crash reports.

2.3 Information from Third Parties

• Payment Information: Payment and subscription data is processed through Apple App Store and Google Play Store. We do not store your credit card details.
• Authentication Services: If you sign in using third-party services (like Google), we receive basic profile information from those services.

3. How We Use Your Information

We use your personal information for the following purposes:

• Provide the Service: To enable time tracking, geofencing, scheduling, team management, and reporting features.
• Account Management: To create and manage your account, authenticate users, and provide customer support.
• Process Payments: To manage subscriptions and billing through app store platforms.
• Geofencing: To verify that punch in/out occurs within designated job site locations.
• Communications: To send you service updates, notifications about shifts, time approvals, and respond to your inquiries.
• Improve the Service: To analyze usage patterns, fix bugs, and develop new features.
• Security: To detect and prevent fraud, abuse, and security incidents.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Within Your Organization

• Managers and supervisors in your organization can view time entries, schedules, and location data for team members they manage.
• Team members can see shared project and schedule information.

4.2 Service Providers

We share information with trusted third-party service providers who help us operate the Service:

• Firebase (Google): For authentication, database hosting, analytics, and app infrastructure.
• Apple and Google: For payment processing and subscription management through their app stores.
• RevenueCat: For subscription management and analytics (when implemented).
• Cloud Hosting: For secure data storage and backup.

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (subpoenas, court orders)
• Requests from government or law enforcement agencies
• Protection of our rights, property, or safety, or that of others
• Emergency situations involving danger to persons

4.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred to the new owner.

5. Data Storage and Security

5.1 Where We Store Data

Your data is primarily stored on servers provided by Firebase (Google Cloud) which may be located in various countries including Australia, the United States, and other regions. These providers maintain robust security measures and comply with applicable data protection laws.

5.2 How We Protect Your Data

We implement industry-standard security measures to protect your information, including:

• Encryption of data in transit and at rest
• Secure authentication protocols
• Regular security audits and updates
• Access controls and monitoring
• Secure backup procedures

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

5.3 Data Retention

We retain your personal information for as long as necessary to:

• Provide the Service to you
• Comply with legal obligations (such as payroll records retention requirements)
• Resolve disputes and enforce our agreements

When you delete your account, we will delete or anonymize your personal information within a reasonable timeframe, except where we are required to retain it by law.

6. Your Privacy Rights

6.1 Australian Privacy Rights

Under Australian privacy law, you have the right to:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Object: Object to certain processing of your information
• Complain: Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

6.2 European Users (GDPR)

If you are located in the European Economic Area, you have additional rights including:

• Right to data portability
• Right to restrict processing
• Right to withdraw consent
• Right to lodge a complaint with your local data protection authority

6.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at support@timeki.app. We will respond to your request within 30 days.

You can also update your account information directly within the app settings.

7. Children's Privacy

Timeki is not intended for use by children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us immediately at support@timeki.app, and we will promptly delete such information.

8. Third-Party Links and Services

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing them with your information.

9. International Data Transfers

Your information may be transferred to and processed in countries other than Australia, including the United States, where our service providers are located. These countries may have different data protection laws than Australia. We ensure that appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable laws.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will notify you by:

• Displaying a prominent notice within the app
• Sending you an email notification
• Updating the "Last updated" date at the top of this policy

Your continued use of the Service after such changes constitutes your acceptance of the updated Privacy Policy.

11. Contact Us