Privacy Policy
Last updated: July 8, 2026
This Privacy Policy explains how Over-Biz (“we”, “us”) collects, uses, and protects personal information in connection with Clckd, our fingerprint-based time & attendance service. We process personal data in accordance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and its implementing rules.
Who is the controller
For attendance data of your employees, your organization is the personal information controller and Clckd acts as a personal information processor on your behalf. Over-Biz is the controller for account and billing information of our direct customers.
What we collect
- Biometric templates. When an employee is enrolled, we store a mathematical fingerprint template used for matching. We do not store raw fingerprint images.
- Attendance records. Clock-in and clock-out events, computed hours, leave requests and balances, and schedule assignments.
- Account information. Names, work email addresses, roles, and organization details for administrators and employees.
How we use it
We use this information solely to provide the service: recording attendance, computing hours, managing leave and schedules, producing timesheets and reports, and securing and supporting the system. We do not sell personal data, and we do not use biometric data for any purpose other than attendance matching.
Consent
Biometric enrollment is consent-gated. Employees are informed of the purpose and must consent before a fingerprint template is created. Where an employee declines, your organization is responsible for providing an alternative attendance method.
Retention and deletion
Biometric templates and attendance data are retained for as long as the employee is active and as required for payroll and legal recordkeeping. On offboarding, biometric templates are purged. On termination of the service, data is deleted or returned per our agreement with your organization.
Security
Data is encrypted in transit (TLS) and biometric templates are encrypted at rest. Access is restricted through scoped roles, and administrative actions are recorded in an audit log.
Your rights
Under RA 10173, data subjects have the right to be informed, to access, to object, to rectify, to erasure or blocking, to damages, and to data portability. To exercise these rights, contact your organization’s administrator or reach us at info@over-biz.com.
Contact
Questions about this policy or our data practices can be sent to info@over-biz.com.
This document is provided for transparency and does not constitute legal advice. Consult qualified counsel to confirm it meets your regulatory obligations.