Security & privacy
Employee location and payroll data deserve a clear answer.
Punchless holds two sensitive things: where your crew is during work, and the hours that drive their pay. Here is exactly how we handle both — what we collect, when, how long we keep it, and the controls that protect it. No hand-waving.
How location tracking works
Tracked only during shift hours
GPS is active only while a technician is on the clock. When the shift ends or the app is closed, location tracking stops. Nothing is collected on personal time, evenings, or weekends.
One-tap pause, always
A technician can pause tracking at any moment during the workday — for a personal errand or a lunch break — and resume when they choose. The control is theirs, on their own device.
Geofenced, not a live trail
Punchless samples location at a low frequency and reacts to geofence crossings at your shop and job sites. It builds a timecard from arrivals and departures — not a second-by-second map of someone's whole day.
Employees see their own data
Technicians can review their own timecard entries and the GPS events that generated them in the mobile app. There are no hidden records.
Security controls
Encryption in transit
All traffic is served over HTTPS/TLS. Sensitive integration tokens are encrypted at rest.
Tenant isolation
Every record is scoped to its company. A tenant-isolation guard on the API prevents one company's data from being read or written by another.
Multi-factor authentication
Managers and admins can enable TOTP-based MFA on their accounts for a second factor at sign-in.
Least-exposure by default
API docs are disabled in production, security headers are enforced, and login lockout throttles brute-force attempts.
Access controls
Role-based access (technician / manager / admin) limits what each person can see and do. Owners approve who joins the workspace.
Audit trail
Timecard edits, approvals, and key actions are logged with who and when — so a change to the record is always accountable.
Data retention
12 months
Raw GPS history
then automatically purged (configurable, minimum 30 days)
7 years
Timecards & payroll records
retained to meet common wage-and-hour recordkeeping expectations
Compliance, stated plainly
Punchless is an independent, SMB-focused product. We are not yet SOC 2 certified, and we won't claim a badge we haven't earned. What we do today: encrypt data in transit, isolate every tenant, offer MFA, enforce least-exposure defaults, and keep an audit trail. Formal third-party attestation (SOC 2) is on our roadmap as we grow. If your procurement needs specific documentation, tell us what — we'd rather have the real conversation than overstate our posture.
A note on employee GPS. In most U.S. states, GPS tracking of employees during work is legal with proper written disclosure. Punchless requires administrators to obtain any consent their local employment law requires, and we recommend a written GPS policy in your employee handbook. We are not a law firm and this is not legal advice. See our Privacy Policy for the full data-handling detail.
Questions about security or a data-processing agreement?
Reach us directly and we'll answer specifics — no runaround.