Privacy Policy
Last updated: June 12, 2026
This Privacy Policy describes how Signa App ("Signa App", "we", "us", or "our")
collects, uses, discloses, and protects information when you use our mobile application
and related services (the "Service"). By using the Service, you agree to the practices
described here. If you do not agree, please do not use the Service.
1. Who this applies to
The Service is used by two kinds of people: admins (contractors/business owners who
create a company and pay for a subscription) and employees (team members invited by
an admin). This policy covers both. Admins are responsible for informing their employees
that they use Signa App to manage work.
2. Information we collect
- Account information — name, email address, phone number, company name, role, and
trade you provide when signing up.
- Identity / KYC-lite — date of birth and gender provided at signup (used for age
eligibility and basic records).
- Work data — clock-in and clock-out times, breaks, total hours, earnings, shift
history, the job sites assigned to you, and any time recorded off-site during a shift.
- Location data — used only for work, in these ways:
- When you clock in, we check your device's location once to confirm you are within
your assigned site's radius.
- While you are clocked in — and only if you have granted "Always" location
access — the app checks whether you leave or return to the site, so your admin can see
time spent away from the site during a shift. It also shows you your live distance to
the site.
- If you turn on Site reminders (off by default), the app uses your device's
region monitoring to remind you to clock in when you arrive, or to clock out when you
leave. These reminders can fire while the app is closed.
We use location only for these work purposes. We never sell it or use it for advertising,
and you can change or revoke location access anytime in your device settings.
- Messages & chat — content you send in Signa App Talk (text, voice notes, images,
and emoji reactions), and the groups you create (group name, photo, and members). Stored to
deliver and display it to your team. Per-chat wallpaper images you choose are stored for
your own view.
- Profile photo — if you upload one.
- Device & session information — a device identifier, device name, app version, and
the time and device of each sign-in. Used for security: to enforce sign-in limits
(employees one device; admins up to three), to show admins their own signed-in devices, to
prevent abuse, and to fix problems. Crash and error logs are also collected to diagnose
issues.
3. How we use information
- To provide core features: clock-in verification, scheduling, live activity, messaging,
notifications, and payroll export.
- To show admins live activity and any time an employee spends away from the site during a
shift, and to send the arrive/leave site reminders you choose to turn on.
- To keep your account secure, including limiting how many devices can be signed in at once
and signing out a device when that limit is exceeded.
- To process subscriptions and prevent abuse, such as detecting repeated free-trial
sign-ups from the same account or device.
- To send notifications relevant to your work and account (e.g. clock-in alerts, billing
reminders, app updates). Motivational messages can be turned off in settings.
- To maintain security, troubleshoot, and improve the Service.
- To comply with legal, tax, and accounting obligations.
4. Location data
Signa uses location only for work, in three ways: (1) a one-time check when you clock in to
confirm you are at your assigned site; (2) while you are clocked in and have granted "Always"
access, checking whether you leave or return to the site so your admin can see off-site time
during a shift, and showing your distance to the site; and (3) if you enable Site reminders,
region-based reminders to clock in or out when you arrive or leave — which can run while the
app is closed.
You stay in control. iOS asks for permission, and you can change it anytime in
Settings ▸ Signa ▸ Location. If you decline or choose a lower level of access, clock-in
verification and the location-based features above will not work. Location is never sold or
used for advertising.
5. Payments
Subscription payments are processed by Stripe. We never
receive or store your full card number — Stripe handles payment data under its own security
and PCI compliance. We store only non-sensitive billing status (plan, renewal date,
subscription state).
6. How information is shared
We do not sell your personal information. We share it only with:
- Your company — admins can see the work data of employees in their company,
including shift history, hours, earnings, live activity, and any time recorded off-site
during a shift.
- Service providers — Google Firebase (hosting, authentication, database, push
notifications), Stripe (billing), Resend (email delivery, e.g. verification and
notification emails), and Sentry (crash reporting), each acting on our behalf.
- Legal — where required by law, regulation, or valid legal process.
7. Data retention
We keep your data while your account is active. In-app notifications are automatically
deleted after 7 days. If you delete your account, we remove your personal data, except
records we must retain for legal, tax, or accounting purposes. Admins may retain a record
of former employees' shift history for their own payroll records.
8. Security
Data is stored with industry-standard encryption in transit and at rest, and requests are
verified using hardware-backed app attestation to block tampering and automated abuse. No
system is perfectly secure, but we work to protect your information.
9. Your rights & choices
- Access & export — export your data anytime from the app's settings.
- Deletion — delete your account and personal data from settings.
- Notifications — control push notifications in the app and your device settings.
- Depending on your region (e.g. Canada/PIPEDA, EU/GDPR, California/CCPA), you may have
additional rights to access, correct, or restrict processing. Contact us to exercise them.
10. Children
The Service is not directed to anyone under 16. We do not knowingly collect data from
children under 16. If you believe a minor has provided us data, contact us and we will
delete it.
11. International users
We operate from Canada and use service providers that may process data in other countries.
By using the Service you consent to your information being processed in those locations under
this policy.
12. Changes to this policy
We may update this policy from time to time. Material changes will be reflected by the
"Last updated" date above, and continued use of the Service means you accept the changes.
13. Contact us
Questions or requests? Email support@signaapp.net.