Verby Privacy Policy

Introduction

Verby (“we,” “our,” or “us”) is committed to protecting your privacy and safeguarding your personal data. This Privacy Policy explains how we collect, use, store, disclose, and protect your information when you use our mobile application and our platforms (collectively, the “Services”).

Please read this Privacy Policy carefully. If you do not agree with its terms, please refrain from accessing or using the Services.

Information We Collect

1. Personal Information

• Employee Identification Data: Employee ID, Full Name, PIN Codes, Role, and assigned identifiers
• Authentication Information: Login credentials, authentication tokens, and device identifiers
• Contact Information: Email addresses used for account management and communication

2. Biometric Data

We may process biometric data strictly for identity verification, attendance validation, and fraud prevention.

• Facial Recognition Data: Facial images and biometric templates generated during registration and verification
• Voice Data (If Enabled): Short voice samples used for optional voice verification and fraud prevention

Important:

Voice data is used solely for authentication purposes, is not continuously recorded, and is handled in accordance with applicable biometric data protection laws.

All biometric data is processed locally on the device only. Facial and voice data never leave the device, are not transmitted, uploaded, or shared with third parties.

3. Attendance and Work Data

• Time Tracking Information: Check-in and check-out times, break records, and work session details
• Work Assignments: Department, role, and task-related assignments
• Attendance Records: Attendance history and activity logs

4. Device and Technical Information

• Device identifiers, operating system version, and device specifications
• Network information such as IP address (used for security and synchronization)
• Camera and Audio Access:
  • Camera access for facial recognition
  • Microphone access (optional) for voice verification and fraud prevention

5. Local Application Storage

• Encrypted data using AES-256
• Local biometric templates and attendance records
• Encrypted local backups for recovery

How We Use Your Information

Primary Purposes

• Employee identity verification
• Attendance validation
• Fraud prevention
• Work assignment and access management

Biometric Data Processing and Consent

• Explicit and informed consent required
• On-device, offline processing only
• No continuous recording
• No transmission to servers or third parties
• Consent withdrawal and deletion supported

Data Storage and Security

• AES-256 encryption
• HTTPS/TLS-secured transmission
• Role-based access control

Your Rights and Choices

• Access your personal data
• Correct inaccurate data
• Request deletion (subject to legal requirements)

Children’s Privacy

The Services are not intended for individuals under 16 years of age. We do not knowingly collect data from children under 16.

Compliance

• GDPR
• FADP / nFADP
• CCPA
• Applicable U.S. biometric privacy laws
• Other relevant regulations