1. Introduction
VeriFace ("the App") is an employee attendance and identity verification application developed and operated by Opus Infiniti. This Privacy Policy explains what data we collect, how we use it, how it is stored, and your rights regarding your personal information.
By using VeriFace, you agree to the collection and use of information in accordance with this policy. This app is intended for use by employees of organisations that have deployed VeriFace as their attendance management system.
2. Information We Collect
We collect the following categories of data:
- Email Address — used for account login and authentication.
- Employee ID — used to identify the employee within the organisation's HR system.
- Precise Location — captured at the time of check-in and check-out to verify the employee is within the designated office geofence.
- Biometric / Face Data — a mathematical face embedding (numerical vector) is extracted from a facial image captured by the front camera. The original image is not stored; only the embedding is retained.
- Attendance Records — check-in and check-out timestamps, geofence status, and face match confidence scores.
3. Biometric Data Collection and Use
What face data is collected: VeriFace captures a facial image using the device's front camera during the employee face registration process and during each attendance check-in and check-out. A mathematical face embedding — a numerical vector representation of facial geometry — is extracted from the image. The original facial photograph is not stored on any server or device.
How face data is used: Face embeddings are used exclusively to verify the identity of an employee when marking attendance. The embedding captured at the time of attendance is compared against the employee's previously enrolled embedding to confirm identity. No other use is made of this data. Face data is never used for advertising, profiling, or any purpose unrelated to attendance verification.
Third-party sharing: Face data is not shared with any third parties, including analytics providers, advertising networks, or AI services. Face embeddings are transmitted only between the employee's device and the organisation's private backend server over an encrypted HTTPS connection.
Storage: Face embeddings are stored on the organisation's private
backend server hosted at ess-api.opusinfiniti.com. Access is restricted
to authorised administrators of the organisation only.
Retention: Face embeddings are retained for the duration of the employee's employment with the organisation. An administrator can delete or re-enrol an employee's face data at any time using the admin controls within the app. Data is permanently deleted upon employee offboarding or upon written request to the organisation's administrator.
4. Location Data
VeriFace requests access to your device's precise location only when you initiate a check-in or check-out. Location data is used solely to verify that you are within the designated office geofence boundary. Location coordinates are recorded in the attendance log linked to your employee account. Location data is not used for tracking outside of attendance events and is not shared with third parties.
5. How We Use Your Data
- To authenticate employees and provide access to the app.
- To verify employee identity during attendance marking using face recognition.
- To verify employee location during attendance marking using geofence validation.
- To maintain attendance records for the organisation's HR and payroll processes.
- To allow administrators to manage employee enrollments and attendance history.
We do not use your data for advertising, marketing, or any purpose beyond the above.
6. Data Security
All data transmitted between the app and the server is encrypted using HTTPS/TLS. Face embeddings and attendance records are stored on a private server with access controls restricted to authorised personnel. We implement industry-standard security measures to protect your data against unauthorised access, alteration, or disclosure.
7. Data Retention
- Face embeddings: Retained for the duration of employment; deleted upon offboarding or administrator request.
- Attendance records: Retained as required by the organisation's HR policies, typically for the duration of employment plus any legally required period.
- Location data: Retained as part of attendance records per the above policy.
8. Your Rights
As an employee using VeriFace, you have the right to:
- Request access to the personal data held about you.
- Request correction of inaccurate data.
- Request deletion of your face data and attendance records (subject to legal and organisational retention requirements).
- Withdraw consent for face data collection (note: this will prevent use of the biometric attendance feature).
To exercise these rights, contact your organisation's HR administrator or reach us at mailus@opusinfiniti.com.
9. Children's Privacy
VeriFace is intended for use by adults in a professional employment context only. We do not knowingly collect data from individuals under the age of 18.
10. Third-Party Services
VeriFace does not integrate with third-party advertising, analytics, or social media platforms. The app communicates only with the organisation's own backend server. The following device-level frameworks are used:
- Google MLKit Face Detection — runs entirely on-device for face detection. No data is sent to Google.
- Geolocator — accesses device GPS for location verification. No data is sent to third parties.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of the app after changes constitutes acceptance of the revised policy.
12. Contact Us
If you have any questions about this Privacy Policy or how your data is handled, please contact us:
- Company: Opus Infiniti
- Email: mailus@opusinfiniti.com
- Website: hrmsplus.com
