Privacy Policy for MyCom

Welcome to MyCom ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our MyCom mobile application (the "App").

By using the App, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our App.

1. Information We Collect

1.1 Personal Information

We collect information that identifies, relates to, describes, or could reasonably be linked with you or your device ("Personal Information"). This includes:

• Account Information: Name, email address, phone number, employee ID, job title, department, and profile photo
• Authentication Data: Username, password (encrypted), and authentication tokens
• Employment Information: Salary details, attendance records, leave requests, work schedules, and performance data
• Financial Information: Bank account details for payroll processing, tax information, and payment history
• Contact Information: Emergency contact details and next of kin information

1.2 Location Information

With your explicit permission, we collect precise location data for the following purposes:

• Clock-In/Clock-Out: To verify your location when you start or end your work shift
• Time Tracking: To track work hours and ensure accurate attendance records
• Field Work Verification: For employees working in the field or at multiple locations
• Background Location: When enabled, we may collect location data during your scheduled work hours to ensure accurate time tracking, even when the app is not actively in use

Important: Location tracking only occurs during your scheduled work hours and when you have explicitly enabled this feature. You can disable location services at any time through your device settings, though this may limit certain app functionalities.

1.3 Device Information

We automatically collect certain information about your device, including:

• Device type, model, and operating system version
• Unique device identifiers (UDID, IMEI, or similar)
• Mobile network information
• IP address
• App version and configuration settings
• Device battery level (to optimize background services)

1.4 Camera and Media

With your permission, we may access:

• Camera: To capture photos for profile pictures, document uploads, expense receipts, or face recognition for attendance (if enabled)
• Photo Library: To select and upload images for profile pictures or documents
• Documents: To upload PDF files, contracts, or other work-related documents

1.5 Usage Data

We collect information about how you interact with the App:

• Features accessed and time spent on each screen
• Buttons clicked and actions performed
• Error logs and crash reports
• Performance metrics

1.6 Communication Data

We collect information when you communicate with us or other users:

• Messages sent through in-app messaging
• Leave requests and approvals
• Support tickets and feedback
• Notifications and announcements

2. How We Use Your Information

We use the collected information for the following purposes:

2.1 Core App Functionality

• To provide and maintain the App's services
• To manage your employee account and profile
• To process payroll and calculate compensation
• To track attendance and work hours
• To manage leave requests and approvals
• To generate payslips and tax documents

2.2 Communication

• To send you push notifications about work-related updates
• To notify you of schedule changes, leave approvals, or urgent announcements
• To communicate regarding your employment matters
• To respond to your inquiries and support requests

2.3 Security and Compliance

• To verify your identity and prevent fraud
• To comply with legal obligations and regulations
• To enforce our Terms of Service
• To protect against unauthorized access or security breaches

2.4 Analytics and Improvement

• To analyze usage patterns and improve the App
• To troubleshoot technical issues
• To develop new features and services
• To optimize app performance

3. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

3.1 With Your Employer

All information collected through the App is accessible to your employer or the organization that provided you access to the App. This is necessary for employment management and payroll processing.

3.2 Service Providers

We may share information with trusted third-party service providers who assist us in operating the App:

• Cloud Hosting: For data storage and server infrastructure
• Analytics Services: For app performance monitoring (Google Analytics, Firebase)
• Push Notifications: Firebase Cloud Messaging for sending notifications
• Payment Processors: For payroll disbursement (if applicable)

These service providers are bound by confidentiality agreements and are only permitted to use your information to provide services to us.

3.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (subpoenas, court orders)
• Government or regulatory requests
• Protection of our rights, property, or safety
• Investigation of potential violations of our Terms of Service

3.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change.

4. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: All data transmitted between your device and our servers is encrypted using SSL/TLS protocols
• Secure Storage: Personal information is encrypted at rest using AES-256 encryption
• Access Controls: Strict access controls limit who can view your information
• Authentication: Secure login with password protection and optional biometric authentication
• Regular Audits: We conduct regular security audits and vulnerability assessments
• Secure APIs: All API communications are authenticated and authorized

Note: While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Active Employment: Information is retained for the duration of your employment
• Post-Employment: Certain employment records may be retained for legal and tax compliance (typically 7 years or as required by local labor laws)
• Account Deletion: When your account is deactivated, we will delete or anonymize your personal information within 90 days, except where retention is legally required

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

6.1 Access and Portability

• Right to access your personal information
• Right to receive a copy of your data in a portable format

6.2 Correction and Updates

• Right to correct inaccurate or incomplete information
• You can update most information directly in the App settings

6.3 Deletion

• Right to request deletion of your personal information (subject to legal retention requirements)
• Note: Some information may need to be retained for legal compliance

6.4 Opt-Out Rights

• Right to opt-out of push notifications (in device or app settings)
• Right to disable location tracking (in device settings)
• Right to withdraw consent for camera/photo access

6.5 GDPR Rights (EU Users)

If you are in the European Economic Area, you have additional rights under GDPR:

• Right to object to processing
• Right to restriction of processing
• Right to lodge a complaint with a supervisory authority
• Right to withdraw consent at any time

6.6 CCPA Rights (California Users)

California residents have additional rights under CCPA:

• Right to know what personal information is collected
• Right to know whether personal information is sold or disclosed
• Right to opt-out of sale of personal information (we do not sell your information)
• Right to non-discrimination for exercising privacy rights

To exercise your rights, please contact us using the information provided below.

7. Children's Privacy

The App is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can delete such information.

8. Permissions and Access

The App requests the following permissions on your device:

iOS Permissions

• Location Services: Required for attendance tracking and clock-in/out functionality
• Camera: Optional, for profile photos, document scanning, and face recognition
• Photo Library: Optional, to upload photos and documents
• Notifications: To receive work-related alerts and updates
• Face ID/Touch ID: Optional, for biometric authentication
• Background Location (When In Use): For accurate time tracking during work hours

Android Permissions

• ACCESS_FINE_LOCATION: Required for precise location-based attendance
• ACCESS_COARSE_LOCATION: For approximate location tracking
• ACCESS_BACKGROUND_LOCATION: For time tracking during work hours when app is in background
• CAMERA: Optional, for capturing photos
• READ_EXTERNAL_STORAGE: To access photos and documents
• INTERNET: Required for app functionality
• RECEIVE_BOOT_COMPLETED: To restore scheduled notifications after device restart

You can manage these permissions in your device settings at any time. Denying certain permissions may limit app functionality.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws than your jurisdiction.

When we transfer personal information internationally, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Privacy Shield certification (where applicable)
• Other legally recognized transfer mechanisms

10. Third-Party Services

The App may contain links to third-party websites or services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Third-Party Services We Use:

• Firebase (Google): For analytics, crash reporting, and push notifications
• Google Maps: For location services and mapping
• React Native: Mobile application framework

We encourage you to review the privacy policies of any third-party services you access through the App.

11. Do Not Track Signals

Some web browsers and mobile devices have a "Do Not Track" feature that signals websites and apps that you do not want to have your online activities tracked. The App does not currently respond to Do Not Track signals.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated Privacy Policy in the App
• Sending you a push notification or email
• Requiring you to accept the updated policy before continuing to use the App

The "Last Updated" date at the top of this policy indicates when it was last revised. Your continued use of the App after any changes indicates your acceptance of the updated Privacy Policy.

13. Cookies and Similar Technologies

The App may use cookies, local storage, and similar technologies to:

• Remember your login session
• Store app preferences and settings
• Collect analytics data
• Improve app performance

You can control cookies through your device settings, though disabling them may affect app functionality.

14. Biometric Data (If Applicable)

If the App uses facial recognition or fingerprint scanning for attendance:

• Biometric data is collected only with your explicit consent
• Biometric templates are encrypted and securely stored
• We do not share biometric data with third parties except your employer
• You can opt-out of biometric authentication at any time
• We will delete biometric data within 3 years of your last interaction or upon request

15. Contact Us

16. Consent

By using the MyCom App, you acknowledge that you have read and understood this Privacy Policy and agree to its terms. If you do not agree with this Privacy Policy, please do not use the App.

For certain types of data processing (such as location tracking, camera access, or biometric data), we will request your explicit consent before collecting or processing such information. You may withdraw your consent at any time through the App settings or device settings.