Privacy Policy

1. Controller and processor roles

Clox plays two roles. For your account and billing information, Clox is the data controller. For the information a business customer enters about its own operations and workers, such as employee profiles, time records, and schedules, that business is the controller, and Clox acts as a processor handling the data on the customer's behalf and instructions.

If you are a worker whose employer uses Clox, please direct questions about that data to your employer.

Where Clox acts as a processor for a business customer, our processing is also governed by our Data Processing Addendum, which forms part of the agreement with that customer.

2. Information we collect

We collect the following categories of information:

• Account information: your name, email address, a hashed password, and your organization's name.
• Workforce data you enter: worker profiles, contact details, pay rates, time entries, breaks, schedules, projects, and time-off requests. Kiosk PINs are stored only as a secure hash.
• Precise geolocation: if a manager enables worksite verification, we check your device's location at the moment you clock in, solely to confirm presence at an assigned worksite. This is precise geolocation: the latitude and longitude plus an accuracy radius captured at the moment of clock-in. We do not track location continuously, in the background, or after you clock out. When worksite verification applies to a punch, the clock-in coordinates and the reading's accuracy are stored with that time record so a manager can verify the punch and spot inaccurate locations; for accounts that do not use worksite verification, clock-in location is not retained. We treat clock-in geolocation as sensitive personal information under California law (the CPRA).
• Clock-in photos: if your employer enables it, an optional photo is captured at clock-in and stored with that time entry so a manager can confirm who recorded the punch. Clox does not run facial recognition and does not extract or store facial-geometry or other biometric identifiers or templates from these photos. A clock-in photo is treated as an ordinary image attached to a time entry, not as a biometric identifier. See our clock-in photo consent template for more detail.
• Activity and audit logs: records of manager edits and administrative actions taken in your organization, kept so changes can be reviewed and accounted for.
• Payment information: handled by our payment processor, Stripe. We do not store full payment-card numbers.
• Usage and device data: pages viewed, actions taken, browser and device type, and IP address.
• Diagnostic data: error and performance information used to detect and fix problems.

For more detail on clock-in photos and the choices available, see our clock-in photo consent template.

3. Offline and on-device data

When the mobile app has no network connection, it stores your punches in encrypted on-device storage and uploads them automatically once connectivity returns. Until they sync, these punches remain on your device in encrypted form. Once synced, they are handled in the same way as other information described in this Policy.

4. How we use information

We use the information we collect to:

• Provide, operate, and secure the Service.
• Process subscriptions and payments.
• Provide customer support.
• Understand usage and improve the product.
• Detect, prevent, and address fraud, abuse, and technical issues.
• Comply with legal obligations.

5. Legal bases for processing (EU/UK/EEA)

If you are in the European Economic Area, the United Kingdom, or Switzerland, we process personal information only where we have a legal basis to do so. The basis depends on the purpose:

• Performance of a contract: to create and operate your account, provide the Service, and process subscriptions and payments.
• Legitimate interests: to secure the Service, prevent fraud and abuse, maintain audit logs, and understand and improve how the product is used, balanced against your rights and expectations.
• Consent: for clock-in geolocation, clock-in photos, and analytics cookies. Where we rely on consent, you can withdraw it at any time, and withdrawal does not affect processing already carried out.
• Legal obligation: to comply with tax, accounting, and other applicable laws.

6. How we share information

Clox does not sell personal information, and Clox does not share personal information for cross-context behavioral advertising. We share information with service providers that help us run Clox, each acting under contract and only as needed to provide their service. These include providers for database and authentication hosting, web application hosting and delivery, payment processing, product analytics, transactional email, error and performance monitoring, rate limiting and abuse prevention, and distribution of the mobile app and push notifications. Map tiles and address lookup for worksite setup are requested directly from the manager's browser by a third-party mapping provider.

We keep a single, current list of these providers, what they are used for, and where they process data on our sub-processors page.

7. Legal disclosures

We may disclose information if required by law, regulation, or legal process, or where we believe disclosure is necessary to protect the rights, safety, and property of Clox, our customers, or others.

8. Cookies and similar technologies

Clox uses cookies and similar technologies that are necessary to keep you signed in and to operate the Service. With your consent through our cookie banner, we also set a PostHog analytics cookie to measure product usage; this cookie is consent-gated and is not set unless you agree. We do not use advertising or cross-site tracking cookies. You can change or withdraw your choice at any time, and you can also control cookies through your browser settings, though some features may not work without the necessary cookies.

For the full detail of the cookies we use, see our Cookie Policy.

9. Data retention

We retain your information for as long as your account is active. When you delete your account or organization, we delete the associated data, except where we are required to retain certain records to comply with legal obligations or to resolve disputes.

By category:

• Workforce, time, location, and clock-in photo data is kept while the related time entry or account is retained, and is deleted when that entry or account is deleted.
• Limited billing records are kept for the period required by applicable tax and accounting law.
• Residual copies may remain in encrypted backups for a limited period before they are overwritten in the ordinary backup cycle.

10. Your choices and rights

You can access and update most information directly in the app. Clox provides self-service tools to export your data and to delete your account or organization.

Depending on where you live, you may have some or all of the following rights. To exercise them, contact us at support@getclox.com.

• Access: to request a copy of the personal information we hold about you.
• Correct: to ask us to fix inaccurate or incomplete personal information.
• Delete: to ask us to delete your personal information.
• Portability: to receive your personal information in a portable format.
• Opt out of sale or sharing: Clox does not sell personal information and does not share it for cross-context behavioral advertising, so there is nothing to opt out of, but you may still make the request.
• Limit use of sensitive personal information: to ask us to limit our use of sensitive personal information, such as clock-in geolocation, to what is necessary to provide the Service.
• Object or restrict: to object to, or ask us to restrict, certain processing.
• Withdraw consent: where we rely on your consent, to withdraw it at any time without affecting processing already carried out.
• Non-discrimination: we will not discriminate against you for exercising any of these rights.
• Authorized agents: you may use an authorized agent to make a request on your behalf. We may need to verify your identity, and the agent's authority, before we act.

We will respond to verified requests within the time required by applicable law. If your data was entered by an employer using Clox, that employer is the controller of that data, and we will refer your request to the employer.

If you are in the European Economic Area or the United Kingdom, you also have the right to lodge a complaint with your local supervisory authority. We ask that you contact us first so we can try to resolve your concern.

11. Security

We protect information using encryption in transit and at rest, hashed passwords and PINs, access controls, an encrypted on-device cache for offline punches, and audit logging of administrative actions. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

12. Security incidents

If we become aware of a security incident that affects your personal information, we will notify affected users and, where required, the relevant authorities without undue delay. Where Clox acts as a processor for a business customer, we will notify that customer as the controller so they can meet their own notification obligations.

13. Automated decision-making

Clox does not make decisions about individuals solely by automated means that produce legal or similarly significant effects, and we do not profile individuals for such purposes.

14. International users and transfers

Clox is operated in the United States, and information is processed and stored there. If you access Clox from outside the United States, you understand that your information will be transferred to and processed in the United States.

For transfers of personal information from the European Economic Area, the United Kingdom, or Switzerland to the United States, we rely on the European Commission's Standard Contractual Clauses and, for the United Kingdom, the UK International Data Transfer Addendum.

15. Children's privacy

Clox is a business tool and is not directed to children. You must be at least 18 years old to use Clox. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child, we will delete it promptly upon discovery.

16. Changes to this Policy

We may update this Privacy Policy from time to time. When we do, we will revise the effective date above and, for material changes, take reasonable steps to notify you.

17. Contact

Questions about this Policy or your data? Email support@getclox.com. Email is the fastest way to reach us and the channel we actively monitor.

Clox is operated by Clox Labs LLC, a Wyoming limited liability company. Formal legal or privacy notices may be sent to its registered agent, Northwest Registered Agent Service Inc, at 30 N Gould St, Ste N, Sheridan, WY 82801, USA, or by phone at (307) 910-2824.