Privacy Policy

This Privacy Policy describes how Signa App ("Signa App", "we", "us", or "our") collects, uses, discloses, and protects information when you use our mobile application and related services (the "Service"). By using the Service, you agree to the practices described here. If you do not agree, please do not use the Service.

1. Who this applies to

The Service is used by two kinds of people: admins (contractors/business owners who create a company and pay for a subscription) and employees (team members invited by an admin). This policy covers both. Admins are responsible for informing their employees that they use Signa App to manage work.

2. Information we collect

• Account information — name, email address, phone number, company name, role, and trade you provide when signing up.
• Identity / KYC-lite — date of birth and gender provided at signup (used for age eligibility and basic records).
• Work data — clock-in and clock-out times, breaks, total hours, earnings, shift history, and the job sites assigned to you.
• Location data — when you clock in, we read your device's GPS location once to confirm you are within a job site's radius. We do not continuously track your location in the background.
• Messages — content you send in Signa App Talk (text and voice notes), stored to deliver and display it to your team.
• Profile photo — if you upload one.
• Device & diagnostics — a device identifier, app version, and crash/error logs, used for security (anti-abuse) and to fix problems.

3. How we use information

• To provide core features: clock-in verification, scheduling, live activity, messaging, notifications, and payroll export.
• To process subscriptions and prevent abuse, such as detecting repeated free-trial sign-ups from the same account or device.
• To send notifications relevant to your work and account (e.g. clock-in alerts, billing reminders). Motivational messages can be turned off in settings.
• To maintain security, troubleshoot, and improve the Service.
• To comply with legal, tax, and accounting obligations.

4. Location data

Location is used solely at the moment of clocking in to compare your position to the assigned job site's geofence. You can decline the location permission, but clock-in verification will not work. Location is not sold or used for advertising.

5. Payments

Subscription payments are processed by Stripe. We never receive or store your full card number — Stripe handles payment data under its own security and PCI compliance. We store only non-sensitive billing status (plan, renewal date, subscription state).

6. How information is shared

We do not sell your personal information. We share it only with:

• Your company — admins can see the work data of employees in their company.
• Service providers — Google Firebase (hosting, authentication, database, push notifications), Stripe (billing), and Sentry (crash reporting), each acting on our behalf.
• Legal — where required by law, regulation, or valid legal process.

7. Data retention

We keep your data while your account is active. In-app notifications are automatically deleted after 7 days. If you delete your account, we remove your personal data, except records we must retain for legal, tax, or accounting purposes. Admins may retain a record of former employees' shift history for their own payroll records.

8. Security

Data is stored with industry-standard encryption in transit and at rest, and requests are verified using hardware-backed app attestation to block tampering and automated abuse. No system is perfectly secure, but we work to protect your information.

9. Your rights & choices

• Access & export — export your data anytime from the app's settings.
• Deletion — delete your account and personal data from settings.
• Notifications — control push notifications in the app and your device settings.
• Depending on your region (e.g. Canada/PIPEDA, EU/GDPR, California/CCPA), you may have additional rights to access, correct, or restrict processing. Contact us to exercise them.

10. Children

The Service is not directed to anyone under 16. We do not knowingly collect data from children under 16. If you believe a minor has provided us data, contact us and we will delete it.

11. International users

We operate from Canada and use service providers that may process data in other countries. By using the Service you consent to your information being processed in those locations under this policy.

12. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by the "Last updated" date above, and continued use of the Service means you accept the changes.

13. Contact us

Questions or requests? Email thindakem@gmail.com.