Security & privacy

Employee location and payroll data deserve a clear answer.

Punchless holds two sensitive things: where your crew is during work, and the hours that drive their pay. Here is exactly how we handle both — what we collect, when, how long we keep it, and the controls that protect it. No hand-waving.

How location tracking works

Tracked only during shift hours

GPS is active only while a technician is on the clock. When the shift ends or the app is closed, location tracking stops. Nothing is collected on personal time, evenings, or weekends.

One-tap pause, always

A technician can pause tracking at any moment during the workday — for a personal errand or a lunch break — and resume when they choose. The control is theirs, on their own device.

Geofenced, not a live trail

Punchless samples location at a low frequency and reacts to geofence crossings at your shop and job sites. It builds a timecard from arrivals and departures — not a second-by-second map of someone's whole day.

Employees see their own data

Technicians can review their own timecard entries and the GPS events that generated them in the mobile app. There are no hidden records.

Security controls

Encryption in transit

All traffic is served over HTTPS/TLS. Sensitive integration tokens are encrypted at rest.

Tenant isolation

Every record is scoped to its company. A tenant-isolation guard on the API prevents one company's data from being read or written by another.

Multi-factor authentication

Managers and admins can enable TOTP-based MFA on their accounts for a second factor at sign-in.

Least-exposure by default

API docs are disabled in production, security headers are enforced, and login lockout throttles brute-force attempts.

Access controls

Role-based access (technician / manager / admin) limits what each person can see and do. Owners approve who joins the workspace.

Audit trail

Timecard edits, approvals, and key actions are logged with who and when — so a change to the record is always accountable.

Data retention

12 months

Raw GPS history

then automatically purged (configurable, minimum 30 days)

7 years

Timecards & payroll records

retained to meet common wage-and-hour recordkeeping expectations

Compliance, stated plainly

Punchless is an independent, SMB-focused product. We are not yet SOC 2 certified, and we won't claim a badge we haven't earned. What we do today: encrypt data in transit, isolate every tenant, offer MFA, enforce least-exposure defaults, and keep an audit trail. Formal third-party attestation (SOC 2) is on our roadmap as we grow. If your procurement needs specific documentation, tell us what — we'd rather have the real conversation than overstate our posture.

A note on employee GPS. In most U.S. states, GPS tracking of employees during work is legal with proper written disclosure. Punchless requires administrators to obtain any consent their local employment law requires, and we recommend a written GPS policy in your employee handbook. We are not a law firm and this is not legal advice. See our Privacy Policy for the full data-handling detail.

Questions about security or a data-processing agreement?

Reach us directly and we'll answer specifics — no runaround.