Legal
Privacy Policy
We take your privacy seriously. This policy explains what data Guard360 collects, why we collect it, and how we protect it.
Effective Date: 1 May 2026 · Last Updated: 1 May 2026
1. Who We Are
Guard360 is a Security Guard Management Platform developed and operated by iPlex Technologies. Our platform provides tools for security companies to manage guard attendance, patrol routes, incident reporting, and workforce administration.
For the purposes of this Privacy Policy:
- "Platform" refers to the Guard360 web application (guard360.in) and the Guard360 mobile application.
- "Client" or "Security Company" refers to the business entity that subscribes to Guard360.
- "Guard" refers to individual security personnel who use the Guard360 mobile app.
- "Admin" refers to personnel who manage the Guard360 web dashboard on behalf of the Client.
- "We," "Us," "Our" refers to iPlex Technologies.
Data Controller: iPlex Technologies is the data controller for data collected directly through our website and the Guard360 platform. For guard employee data, the subscribing security company (Client) acts as a data controller, and iPlex Technologies acts as a data processor.
2. Data We Collect
We collect different categories of data depending on how you interact with Guard360:
2.1 Guard (Mobile App User) Data
| Data Type | What We Collect | Purpose |
|---|
| Identity | Full name, employee/guard code, photo | Profile identification |
| Biometric | Face photograph for verification | Face-match attendance verification |
| Location | GPS coordinates at check-in/check-out and patrol scan | Geofence verification, patrol logging |
| Attendance | Check-in/out timestamps, shift data, status | Payroll, compliance, reporting |
| Patrol Activity | QR checkpoint scans with timestamp and location | Patrol route verification |
| Device | Device model, OS version, app version | Technical support, compatibility |
| Incidents | Incident reports, photos, descriptions submitted by guard | Incident tracking and reporting |
2.2 Admin / Client Data
- Name, email address, phone number, designation
- Company/organisation name and address
- Login credentials (password stored as a cryptographic hash — never in plain text)
- Activity logs (actions performed in the dashboard)
- Billing and subscription information (processed via our payment gateway — we do not store card numbers)
2.3 Website Visitor Data
- IP address, browser type, referring URL, pages visited
- Contact form submissions (name, company, email, phone, message)
2.4 Data We Do NOT Collect
- We do not collect Aadhaar numbers, PAN numbers, or any government ID without explicit consent
- We do not collect financial account details or UPI IDs
- We do not continuously track guard location in the background — location is captured only at specific events (check-in, check-out, QR scan)
3. How We Use Your Data
- Attendance management: Recording and verifying guard check-in and check-out with GPS geofence validation and face verification.
- Patrol monitoring: Logging QR checkpoint scans to confirm guards have completed their assigned patrol routes.
- Reporting and analytics: Generating attendance reports, payroll summaries, incident logs, and patrol compliance reports for Client admins.
- Account management: Creating and managing user accounts, sending password reset emails, and providing customer support.
- Service improvement: Diagnosing bugs, improving app performance, and developing new features.
- Legal compliance: Maintaining records as required by applicable labour laws and regulatory requirements in India.
- Communications: Sending service-related notifications (e.g. system downtime, policy updates). We do not send unsolicited marketing emails.
Face photograph use: Guard face photos are used solely for attendance verification (face-match at check-in). Photos are not used for any other purpose, not shared with third parties for marketing, and not used to train AI models.
4. Data Sharing
We do not sell your personal data. We share data only in the following circumstances:
- Within your organisation: Guard data is accessible to authorised admins of the Client company that deployed Guard360.
- Service providers: We use trusted third-party infrastructure providers (cloud hosting, email delivery, payment processing) under data processing agreements. These providers access data only as needed to deliver their service.
- Legal requirements: We may disclose data if required by law, court order, or government authority in India.
- Business transfers: In the event of a merger or acquisition, data may be transferred to the successor entity, and you will be notified.
We do not share guard biometric data (face photos) with any third party other than the cloud storage provider hosting them on our behalf.
5. Data Storage & Security
Guard360 data is hosted on servers located in India. We implement the following security measures:
- Encryption in transit: All data is transmitted over HTTPS/TLS.
- Encryption at rest: Sensitive data including face photos and tokens are stored with encryption.
- Access controls: Role-based access control (RBAC) ensures each user sees only the data they are authorised to access.
- Authentication: Passwords are hashed using industry-standard algorithms. Mobile tokens use secure storage (Android Keystore).
- Audit logs: All manual overrides and administrative actions are logged with the actor's identity and timestamp.
- Regular backups: Data is backed up regularly to prevent loss.
While we implement strong security measures, no system is completely immune to breaches. In the event of a data breach affecting your data, we will notify affected parties as required by applicable law.
6. Data Retention
- Attendance and patrol records: Retained for a minimum of 3 years (in accordance with Indian labour law record-keeping requirements), unless the Client requests earlier deletion.
- Incident reports: Retained for 5 years.
- Face photographs: Retained while the guard's account is active. Deleted within 30 days of account termination upon request.
- Admin account data: Retained while the subscription is active and for 90 days after termination for audit purposes.
- Website contact form data: Retained for 12 months, then deleted.
Clients may request deletion of their organisation's data at any time by contacting us at info@iplextechnologies.com. Some data may be retained to comply with legal obligations.
7. Your Rights
Under applicable Indian data protection law and our commitment to fair data practices, you have the following rights:
- Right to access: Request a copy of the personal data we hold about you.
- Right to correction: Request correction of inaccurate or incomplete data.
- Right to deletion: Request deletion of your personal data, subject to legal retention requirements.
- Right to restrict processing: Request that we limit how we use your data.
- Right to data portability: Request your data in a machine-readable format.
- Right to withdraw consent: Where processing is based on consent (e.g. face photo capture), you may withdraw consent at any time. Withdrawal does not affect prior processing.
Guards should first contact their employer (the Client company) to exercise these rights. Client companies and individual admins may submit requests directly to us at info@iplextechnologies.com.
We will respond to verified requests within 30 days.
8. Cookies & Analytics
Our marketing website (guard360.in) may use cookies for:
- Essential cookies: Required for the website to function (e.g. session state). Cannot be disabled.
- Analytics cookies: Help us understand visitor behaviour (e.g. which pages are visited most). We use anonymised analytics only.
The Guard360 web application uses session cookies for authentication. These are essential and cannot be disabled.
We do not use advertising cookies or sell cookie data to third parties.
9. Children's Privacy
Guard360 is a B2B enterprise platform intended for use by adults in professional employment contexts. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor's data has been submitted, please contact us immediately and we will delete it.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page
- Notify Client admins via email at least 14 days before the change takes effect
- Display a notice on the Guard360 dashboard
Continued use of the platform after changes take effect constitutes acceptance of the updated policy.