Legal

Privacy Policy

Last updated: 19 May 2026

This policy explains what data Adestio collects, why we collect it, and what rights you have over it. Because we process biometric and location data, we take this seriously.

Adestio processes biometric data (facial geometry), precise location data, and employment attendance records. We take your privacy seriously and have designed this policy to meet the requirements of the California Consumer Privacy Act (CCPA/CPRA), the Illinois Biometric Information Privacy Act (BIPA), and the EU/UK General Data Protection Regulation (GDPR), among other applicable laws. Please read it carefully.

1. Who We Are

Adestio is a free time and attendance platform available on iOS and Android. The data controller for personal data collected through this website and the Adestio application is Adestio.

Contact: hello@adestio.com

Where an employer or operator (an "Operator") sets up a site and invites workers to it, the Operator acts as a separate data controller for the attendance records of their workers. Adestio acts as a data processor on the Operator's behalf for that data. This policy covers Adestio's own data processing activities.


2. Data We Collect

2.1 Account and profile data

When you register for an Adestio account, we collect your name, email address, and, for Operators, your business name. Workers may also provide a phone number and job role.

2.2 Biometric data

When a worker registers their face for facial-recognition clock-in, we collect and process a biometric identifier: a mathematical representation of the worker's facial geometry. We do not store raw photographs as part of the identity-verification process; we store an encrypted facial template derived from an image captured at registration.

Biometric data is subject to special protections described in Section 3 below.

2.3 Location data

The Adestio app collects your precise GPS location when you attempt to clock in or out of a site. Location data is used solely to verify that you are within the geofence boundary configured for that site. Persistent background location tracking is not required for the core attendance function.

2.4 Attendance records

We store the time and date of each clock-in and clock-out event, the site to which it relates, and whether verification was successful.

2.5 Documents and certifications

Workers may upload copies of licences, certifications, or compliance documents required by an Operator's site. These are stored and checked for validity dates on each clock-in.

2.6 Device and technical data

We collect device identifiers, operating system version, app version, and crash/error logs to maintain and improve the service.

2.7 Website usage data

This website may collect standard server log data (IP address, browser type, pages visited, referring URL) for security and analytics purposes.


3. Biometric Data — Special Provisions

Facial geometry and other biometric identifiers are irreplaceable. If compromised, unlike a password, they cannot be changed. We apply the following protections in compliance with the Illinois Biometric Information Privacy Act (BIPA) and equivalent state and national laws:

Informed written consent. Biometric data is only collected from a worker after they have been provided with this policy and have given their explicit consent through an in-app acknowledgement prior to registration.

No sale or profit. We do not sell, lease, trade, or otherwise profit from biometric data. We do not share biometric data with any third party except as strictly necessary to provide the verification service (e.g. a secure processing subprocessor), and never for marketing or commercial profiling.

Secure storage. Biometric templates are encrypted at rest and in transit using industry-standard encryption. Access is restricted to authorised systems only.

Retention and deletion. Biometric data is deleted no later than 3 years from the date of last use, or within 30 days of a worker's account deletion or a deletion request, whichever is sooner. Operators are notified of retention obligations when configuring their account.

Withdrawal of consent. Workers may withdraw consent for biometric processing at any time by deleting their facial template in the app settings or by contacting us. Withdrawal does not affect prior processing. If biometric verification is required by an Operator's site, an alternative clock-in method (manual supervisor verification) will be made available.


4. Location Data

We collect your device's GPS coordinates at the point of a clock-in or clock-out attempt. We do not track your location continuously throughout your working day, nor do we use location data outside of the attendance verification function.

Location coordinates captured during clock-in events are retained as part of the attendance record for that event and are subject to the retention periods described in Section 7. Location data is accessible to the Operator who manages the relevant site.

You may revoke location permissions in your device settings. Doing so will prevent geofence verification and may prevent you from clocking in via the app.


5. How We Use Your Data

Purpose Legal basis
Providing the Adestio service, including account management Contract performance
Verifying a worker's identity at clock-in using facial recognition Explicit consent (biometric); contract performance
Verifying a worker's location is within a site's geofence Contract performance; legitimate interests
Recording attendance events and generating timesheets Contract performance; legitimate interests of Operator
Syncing attendance data to accounting integrations (Xero, QuickBooks, Sage, etc.) Contract performance; instruction of Operator
Checking validity of uploaded documents and certifications Contract performance; legal obligation (where applicable)
Diagnosing technical issues and improving the app Legitimate interests
Sending service-related communications (security alerts, policy updates) Contract performance; legal obligation
Complying with legal and regulatory requirements Legal obligation

We do not use personal or biometric data for advertising, behavioural profiling, or the training of AI models.


6. Who We Share Data With

6.1 Operators and site managers

If you are a worker, your employer or the Operator who invited you to a site can view your attendance records, clock-in timestamps, location verification results, and document validity status. They cannot access your raw biometric template.

6.2 Accounting integrations

If an Operator has connected an accounting package (Xero, QuickBooks, Sage, FreshBooks, Wave, or another connected provider), attendance and timesheet data is transmitted to that provider in accordance with the Operator's instructions. This transfer is made using each provider's official API under terms that require appropriate data protection.

6.3 Service providers (subprocessors)

We use trusted third-party service providers to help operate the Adestio platform, including cloud hosting, infrastructure, and secure data storage. All subprocessors are bound by data processing agreements that impose obligations equivalent to those in this policy. We maintain an up-to-date list of subprocessors available on request at hello@adestio.com.

6.4 Legal requirements

We may disclose personal data to law enforcement, regulatory authorities, or courts where required to do so by law, a court order, or to protect the rights, safety, or property of Adestio, its users, or the public.

6.5 Business transfers

In the event of a merger, acquisition, or sale of all or part of our business, personal data may be transferred to the acquiring entity. We will notify affected users in advance where required by law.


7. Data Retention

Data type Retention period
Biometric templates (facial geometry) 3 years from last use, or 30 days after account/template deletion request
Attendance records and timesheets 7 years (to meet typical employment and tax record obligations), unless shorter period instructed by Operator
Account profile data Duration of account, plus 30 days after deletion
Uploaded documents and certifications Duration of account or as instructed by Operator
Location data (tied to attendance event) As part of the attendance record
Technical logs 90 days

8. Your Rights

Depending on your location, you may have some or all of the following rights regarding your personal data:

  • Right to accessRequest a copy of the personal data we hold about you.
  • Right to rectifyRequest correction of inaccurate or incomplete data.
  • Right to eraseRequest deletion of your personal data, subject to legal retention obligations.
  • Right to restrictRequest that we restrict processing of your data in certain circumstances.
  • Right to portabilityReceive your data in a structured, machine-readable format.
  • Right to objectObject to processing based on legitimate interests.
  • Withdraw consentWithdraw consent for biometric or other consent-based processing at any time.
  • CCPA rightsCalifornia residents have the right to know, delete, opt out of sale (we do not sell data), and non-discrimination under the CCPA/CPRA.
  • BIPA rightsIllinois residents may request deletion of biometric data at any time and may bring claims under BIPA for violations.

To exercise any right, contact us at hello@adestio.com. We will respond within 30 days (or within the period required by applicable law). We do not charge for reasonable requests. If you are a worker and your request relates to data processed on behalf of an Operator, we may need to direct your request to that Operator.

If you believe we have not handled your data appropriately, you have the right to lodge a complaint with your local data protection authority (e.g. the ICO in the UK, the relevant supervisory authority in your EU member state, or the California Privacy Protection Agency).


9. International Data Transfers

Adestio operates with infrastructure hosted primarily in the United States. If you access Adestio from outside the United States, your personal data will be transferred to and processed in the US. For users in the European Economic Area (EEA) or United Kingdom, such transfers are made using appropriate safeguards, including Standard Contractual Clauses approved by the European Commission or UK equivalent transfer mechanisms.


10. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction, or alteration. These include encryption of data in transit (TLS) and at rest, access controls, and regular security reviews.

No system is completely secure. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority as required by law.

If you believe your account has been compromised, contact us immediately at hello@adestio.com.


11. Children's Privacy

Adestio is not directed at children under the age of 16 (or the applicable age of majority in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without verifiable parental consent, we will delete it promptly. If you believe a child's data has been submitted to Adestio, please contact us at hello@adestio.com.


12. Cookies and Analytics

This website may use cookies and similar technologies for essential functionality and to understand how visitors use the site. Essential cookies (required for the site to function) are placed without consent. Analytics cookies (where used) are only placed with your consent.

The Adestio mobile app does not use cookies. It may use local device storage for session management and app preferences.

You can control cookies through your browser settings. Disabling non-essential cookies will not affect the functionality of the Adestio app.


13. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes — particularly to how we process biometric data — we will notify registered users by email and/or by a prominent in-app notice at least 30 days before the change takes effect. For non-material changes, we will update the "Last updated" date at the top of this page.

Your continued use of Adestio after the effective date of any updated policy constitutes your acceptance of the revised terms, except where applicable law requires a renewed consent.


14. Contact Us

For any questions about this Privacy Policy, to exercise your rights, or to raise a concern about how we have handled your data, contact:

Adestio — Privacy

Email: hello@adestio.com

We aim to respond to all privacy requests within 30 days. For biometric data deletion requests we aim to confirm completion within 7 business days.