Privacy Policy — AlertCheckin by Computer Guardians

Effective Date: 27 April 2026 | Last Updated: 27 April 2026

Summary: AlertCheckin collects only the data needed to deliver workforce management services to businesses. We do not sell personal data, we do not use data for advertising, and we do not share data with third parties except as required to operate the service or as required by law.

Contents

Who We Are
Who This Policy Applies To
Data We Collect
How We Collect Data
Why We Collect Data (Purposes)
Legal Basis for Processing
Location Data
Selfie & Biometric Data
Data Sharing & Disclosure
International Data Transfers
Data Retention
Your Rights
Security
Children's Privacy
Third-Party Links
Changes to This Policy
Contact & Complaints

1. Who We Are

Computer Guardians Pty Ltd (ABN 93 675 153 009) ("Computer Guardians", "we", "us", "our") is an Australian company and the developer and operator of AlertCheckin — a business workforce management and geo check-in platform.

AlertCheckin is accessible via the web platform at app.alertcheckin.com and the AlertCheckin mobile application available on the Apple App Store and Google Play Store.

Computer Guardians acts as a data processor on behalf of subscribing Business clients (who are the data controllers) when processing the personal data of their employees and contractors.

2. Who This Policy Applies To

This Privacy Policy applies to:

Business Administrators & Managers — individuals who register and manage an AlertCheckin business account via the web dashboard
Field Users (Employees & Contractors) — individuals who use the AlertCheckin mobile App to check in and out of work sites, having been provisioned by their employer's AlertCheckin account

AlertCheckin is an enterprise-only, internal business tool. It is not a consumer application and is not available for use by the general public. All users access the platform in a professional capacity through their employing organisation.

3. Data We Collect

Category	Data Points	Who It Applies To
Account & Identity	Full name, email address, mobile phone number, role/job title	Administrators & Field Users
Authentication	Hashed password, OTP codes (not stored after use), session tokens	All users
Location	GPS coordinates at check-in and check-out, geofence entry/exit events	Field Users
Selfie Images	Facial photographs captured at check-in and/or check-out for identity verification	Field Users (where enabled by Business)
Work Activity	Check-in/out timestamps, work site attended, shift records, hours worked	Field Users
Device & Technical	Device type, OS version, App version, IP address, push notification token	All users
Business Data	Organisation name, ABN/business number, work sites, client records, team structure	Administrators
Communications	In-app chat messages between team members	All users

4. How We Collect Data

Directly from you — when you register, update your profile, or use the App
Automatically — when you use the App (device data, location, check-in events)
From your employer — when a Business administrator provisions your account and assigns you to a work site
From SMS/OTP providers — for phone-number verification during login

5. Why We Collect Data (Purposes)

We collect and process personal data for the following legitimate business purposes:

To verify employee identity and presence at authorised work sites
To record and report shift attendance, check-in times, and hours worked
To send alerts to managers when an employee misses a check-in or leaves a geofenced area
To enable the Business to manage its workforce and maintain operational safety
To authenticate users and maintain account security
To provide customer support and respond to enquiries
To send service-related notifications (not marketing)
To comply with our legal obligations
To improve and maintain the AlertCheckin platform

We do not use personal data for advertising, behavioural profiling, or sale to third parties.

6. Legal Basis for Processing

We process personal data under the following legal bases:

Contract performance — processing necessary to deliver the AlertCheckin service to Business clients
Legitimate interests — for service security, fraud prevention, and platform improvement
Legal obligation — where required to comply with applicable law
Consent — for location tracking and selfie capture, where required by law; consent is obtained through the App before enabling these features

Business clients (as data controllers) are responsible for ensuring they have the appropriate legal basis — such as employment contract terms or informed consent — to monitor their employees using AlertCheckin.

7. Location Data

AlertCheckin collects GPS location data from field users' mobile devices. This is core to the service's purpose. Specifically:

Location is collected when a user initiates a check-in or check-out event
Background location may be used (where the device OS permits and the user has granted permission) to detect geofence entry and exit events relevant to their assigned work site
Location data is only accessible to authorised managers within the user's employer organisation
The App will request location permission before collecting any location data; users may deny this permission, although this will prevent check-in functionality

Location data is never sold, shared with advertisers, or used for any purpose unrelated to workforce management.

8. Selfie & Biometric Data

When enabled by the subscribing Business, AlertCheckin captures a selfie photograph from the field user's device camera at check-in and/or check-out. This photograph is used solely to provide visual verification to the Business that the correct employee performed the check-in.

Selfie images are stored securely and linked to the relevant check-in record
Selfie images are only accessible to authorised managers within the relevant Business account
AlertCheckin does not perform automated facial recognition or biometric template extraction for identity matching — images are for human review only
Users will be informed by the App before camera access is requested
Businesses operating in jurisdictions with specific biometric data laws (e.g., India's DPDPA) are responsible for obtaining appropriate employee consent

9. Data Sharing & Disclosure

We do not sell personal data. We share personal data only in the following circumstances:

9.1 Within the Business Organisation

Employee and field user data is shared with authorised managers and administrators within the same Business account that provisioned the user's access.

9.2 Service Providers

We use trusted third-party service providers who process data on our behalf under data processing agreements, including:

Cloud hosting and infrastructure providers
SMS and push notification providers (for alerts and OTP)
Mapping and geocoding services
Payment processors (for Business billing only — no individual user payment data is collected)

9.3 Legal Requirements

We may disclose data if required to do so by law, court order, or lawful government request in Australia, India, or other applicable jurisdictions.

9.4 Business Transfers

In the event of a merger, acquisition, or sale of Computer Guardians, personal data may be transferred to the acquiring entity, subject to equivalent privacy protections.

10. International Data Transfers

AlertCheckin serves businesses in Australia and India. Data may be stored and processed in Australia and on cloud infrastructure that may be located in other countries. Where personal data is transferred internationally, we ensure appropriate safeguards are in place, including contractual protections consistent with the Australian Privacy Act 1988 and the Indian DPDPA 2023.

11. Data Retention

We retain personal data for as long as necessary to fulfil the purposes described in this policy:

Active accounts — data is retained for the duration of the subscription
Terminated accounts — Business data is retained for 90 days after termination to allow data export, then securely deleted unless required by law
Check-in records & selfies — retained in line with the Business's configured retention period (default: 12 months)
Legal hold — data may be retained longer if required to comply with a legal obligation or pending dispute

12. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access — request a copy of the personal data we hold about you
Correction — request correction of inaccurate or incomplete data
Deletion — request deletion of your personal data, subject to legal obligations
Restriction — request that we restrict processing of your data in certain circumstances
Data portability — request your data in a structured, machine-readable format
Objection — object to processing based on legitimate interests
Withdraw consent — where processing is based on consent, you may withdraw it at any time

Note for Field Users (Employees): Because AlertCheckin is deployed by your employer, many requests regarding your data should be directed to your employer first, as they are the data controller. Computer Guardians processes your data on their behalf. You may also contact us directly at privacy@alertcheckin.com.

We will respond to rights requests within 30 days. Verification of identity is required before we action requests.

13. Security

We implement industry-standard security measures to protect personal data, including:

Encryption of data in transit (TLS/HTTPS) and at rest
Access controls limiting data to authorised personnel and Business users
Regular security reviews and penetration testing
Multi-factor authentication options for Business administrators
Secure credential hashing (bcrypt)

While we take reasonable steps to protect your data, no system is completely immune to risk. We encourage all users to use strong, unique passwords and to report any suspected security incidents to us immediately.

14. Children's Privacy

AlertCheckin is exclusively a business workforce management tool for use by adults in an employment context. We do not knowingly collect personal data from individuals under 18 years of age. If we become aware that a minor's data has been collected without appropriate authorisation, we will delete it promptly.

15. Third-Party Links

AlertCheckin may contain links to external websites or services. This Privacy Policy does not apply to those external sites. We encourage you to review the privacy policies of any third-party sites you visit.

16. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Material changes will be notified to Business administrators by email or in-app notification at least 14 days before taking effect. The "Last Updated" date at the top of this page will always reflect the most recent revision.

17. Contact & Complaints

For privacy enquiries, rights requests, or to report a data incident:

Computer Guardians Pty Ltd
ABN: 93 675 153 009
Privacy Officer: privacy@alertcheckin.com
General Support: support@alertcheckin.com
Website: computerguardians.com.au

Australian users who are not satisfied with our response may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au. Indian users may refer complaints to the Data Protection Board of India once operational under the DPDPA 2023.

View our Terms of Service