Security & Privacy First

Your workforce data is protected with industry-standard security measures and full GDPR compliance.

256-bit Encryption GDPR Compliant UK-Hosted Cloud AI Full Audit Trail

Data Encryption

  • All data transmitted over HTTPS/TLS encryption
  • Passwords hashed with bcrypt (industry standard)
  • Database connections secured with encrypted channels
  • Session tokens regenerated on authentication

AdaVision ID v3 — Bank-Grade Biometric Security

  • Deep CNN with 175M+ parameters producing 1024-dimensional face vector signatures
  • ISO/IEC 30107-3 Presentation Attack Detection (PAD) — defeats photo, video, deepfake and 3D-mask spoofs
  • Active liveness check at enrolment: head-movement and chromatic challenge sequence
  • Server-side 1:N vector matching — sub-400ms typical latency in production
  • Verified 99-100% match accuracy with 95%+ gap to next-closest worker
  • Tenant-isolated face vector collections — cross-tenant matches are physically impossible
  • Vector signatures are mathematically irreversible — not convertible back to images
  • EU-resident processing only (Ireland data centre); never leaves the EU
  • Right-to-erasure automated: templates purged within 4 hours of deactivation

GDPR Compliance

  • Lawful basis for processing: legitimate interests and consent
  • Data minimisation — only collect what is necessary for workforce management
  • Right to access, rectification, and erasure supported
  • Data processing agreements available for enterprise customers
  • No data sold to or shared with third parties

Infrastructure Security

  • Hosted on enterprise-grade servers with 99.9% uptime SLA
  • Regular automated backups with point-in-time recovery
  • DDoS protection and Web Application Firewall (WAF)
  • Server access restricted to authorised personnel only

Access Controls & Audit

  • Role-based access control with multiple permission levels
  • Granular page-level permissions for each admin user
  • Two-factor authentication (RFC 6238 TOTP) on every login surface — admin, manage portal and client portal. Backup codes are bcrypt-hashed; TOTP secrets are encrypted at rest. 30-day trusted-device cookies are HMAC-signed.
  • Complete audit trail of all actions with user, timestamp, and IP
  • CSRF protection on all form submissions
  • IP logging on all clock-in and admin actions

Our Compliance Commitment

We hold ourselves to the highest standards of data protection. AdaVision ID v3 — our proprietary face recognition stack — is built on a deep convolutional neural network that produces 1024-dimensional vector signatures rather than storing images. Active liveness detection is ISO/IEC 30107-3 PAD-certified, the same standard adopted by banking and identity-verification platforms. Inference runs on dedicated EU-resident infrastructure (Ireland) with sub-400ms recognition latency. Each tenant has a physically isolated vector collection, ensuring cross-tenant matches are technically impossible. Vector signatures are mathematically irreversible, complete audit trails are recorded for every match, and deactivation triggers automated template deletion within 4 hours (GDPR Article 17 right-to-erasure). We continuously review our security practices to stay ahead of emerging threats.

Ready to try TempClock?

10-day free trial. All features included. No hidden fees, cancel anytime.

Try TempClock Free → See How It Works