Privacy Policy

This Privacy Policy describes how Attlock Systems Inc. ("Attlock", "we", "us", or "our") collects, uses, discloses, and protects information when you use our websites, mobile applications, web portals, and related services (collectively, the "Services").

1. Scope and Roles

Attlock primarily provides a business-to-business platform for security companies and enterprise customers. In most cases:

• The customer organization is the data controller for workforce and operational records submitted to the Services.
• Attlock acts as a data processor/service provider and handles customer data under customer instructions and applicable law.

For data we collect about our own website visitors, prospects, billing contacts, and account administrators, Attlock is typically the data controller.

2. Information We Collect

A. Account and Identity Information

• Name, business email, phone number, employer, role, and account credentials.
• Authentication details from single sign-on providers (for example, Google OAuth profile and email scopes).

B. Operational and Workforce Information

• Shift schedules, check-ins, patrol checkpoints, incident reports, photos, audio, and notes uploaded by authorized users.
• Safety and location telemetry (such as GPS, device status, and motion signals) when configured by a customer organization.

C. Usage, Device, and Cookie Data

• Log data, browser/device identifiers, app version, crash data, and feature usage analytics.
• Cookies and similar technologies used for security, performance, analytics, and preferences. See our Cookie Policy.

3. How We Use Information

• Provide, operate, secure, and improve the Services.
• Authenticate users, prevent fraud and abuse, and investigate incidents.
• Support customer workflows including dispatch, reporting, workforce coordination, and compliance records.
• Communicate about product updates, support, billing, and legal notices.
• Comply with legal obligations and enforce our agreements.

4. Legal Bases for Processing

Where required by applicable law (including GDPR/UK GDPR), we rely on one or more legal bases: contract performance, legitimate interests, legal obligation, and consent (where requested).

5. How We Share Information

We do not sell personal information for monetary consideration.

We may share information with:

• Customer organizations and their authorized administrators using the Services.
• Service providers and subprocessors supporting hosting, authentication, communications, analytics, customer support, and payment operations.
• Regulators, courts, law enforcement, or other parties where required by law or to protect rights and safety.
• Successors in connection with a merger, acquisition, reorganization, financing, or asset sale.

6. International Transfers

We may process personal information in Canada, the United States, and other jurisdictions where our service providers operate. Where required, we use appropriate transfer safeguards.

7. Data Retention

We retain information for as long as necessary to provide Services, satisfy contractual obligations, resolve disputes, enforce agreements, and comply with legal requirements. Customer data is retained according to the customer's subscription terms and documented retention instructions.

8. Security

We maintain administrative, technical, and physical safeguards designed to protect personal information. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

9. Your Privacy Rights

Depending on your location and applicable law, you may have rights to request access, correction, deletion, portability, restriction, objection, and withdrawal of consent.

If you are an end user of a customer organization, please direct your request to your employer or service provider first. We support our customers in responding to valid requests.

U.S. State Privacy Notices

Where state privacy laws apply (including California, Colorado, Connecticut, Utah, and Virginia), you may have rights to know, access, correct, delete, and appeal decisions about your request. You may also have a right to opt out of certain targeted advertising or profiling activities.

To submit a request, email privacy@attlock.com. We will not discriminate against you for exercising applicable rights.

10. Children's Privacy

The Services are not directed to children under 16, and we do not knowingly collect personal information directly from children under 16.

11. Third-Party Sites and Services

The Services may contain links to third-party services. Their privacy practices are governed by their own policies, not this Privacy Policy.

12. Changes to this Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated effective date.

13. Contact Us