Privacy Policy

1. Scope of Coverage

This policy applies to all data collected through NGTeco hardware devices (e.g., BioTouch T7, CloudClock Pro), software platforms, mobile applications, and associated services ("Products").

2. Types of Data Collected

  • Employee/User Data:
    • Biometric identifiers (facial geometry, fingerprints via opt-in configuration)
    • Authentication credentials (PINs, RFID/badge data)
    • Work patterns (clock-in/out timestamps, GPS coordinates for mobile clock-ins)
    • Device usage metadata (IP addresses, browser types)
  • Administrator Data:
    • Company information (name, tax ID, billing address)
    • Administrator contact details
    • System configuration settings

3. Data Collection Purpose

4. Biometric Data Handling (Key Section)

  • Storage: Encrypted templates (not raw images) stored locally on devices with 256-bit encryption
  • Retention: Deleted within 30 days of employment termination or policy revocation
  • Sharing: Never sold or shared with third parties except:
    • Payroll processors (e.g., ADP, Workday) via encrypted API
    • Law enforcement only with valid subpoena
  • Opt-Out: Non-biometric alternatives (PIN, badge) available per state requirements

5. Data Security Measures

  • SOC 2 Type II certified infrastructure
  • Annual penetration testing
  • Role-based access controls (RBAC)
  • GDPR-compliant data processing agreements with vendors

6. Third-Party Disclosures

  • Data may be shared with:
    • Payment processors (Stripe, PayPal)
    • Cloud hosting providers (AWS, Azure)
    • Accredited auditing firms (compliance verification)

7. User Rights (CCPA/CPRA Compliance)

Employees may:

  • Request access to personal data
  • Demand deletion (exceptions apply for legal holds)
  • Opt-out of "sale" (NGTeco does not sell data)
  • Correct inaccuracies
Submit requests to: privacy@ngteco.com or 1-800-NGT-PRIV (648-7748)

8. Cross-Border Transfers

All U.S. customer data processed exclusively in AWS East/West regions. International customers covered by supplementary GDPR addendum.

9. Policy Updates

Notification of material changes via:

  • Dashboard alerts for administrators
  • Email to primary account contacts
  • Posted revision date at policy header

10. Legal Compliance Framework

Adheres to:

  • Illinois BIPA (740 ILCS 14/)
  • Texas Capture or Use of Biometric Identifier Act
  • California CPRA §1798.100(c)
  • New York SHIELD Act (23 NYCRR 500)

Need help?

Set up your solution with help from our Support Center. Or drop us a message via our contact form. We'll get in touch.

Support Center
Step-by-step help and guidance

Visit Support Center

Contact form
Drop us a question or comment

To contact form

Follow us
See you on FaceBook

Our FaceBook

© 2025 NGTECO All Right Reserved. 
  • American Express
  • Apple Pay
  • Google Pay
  • Mastercard
  • Shop Pay
  • Union Pay
  • Visa