Security & Privacy

Learn how AttendUX protects your company data with industry-standard security measures.

User Guide Security & Privacy

Overview

AttendUX is built with security at its core. We implement multiple layers of protection to ensure your employee data, attendance records, and payroll information remain safe and private.

Our security architecture follows industry best practices including encrypted communications, strict access controls, data isolation between tenants, and regular automated backups.

Data Encryption

All data is encrypted both in transit and at rest:

Layer Technology Purpose
In TransitTLS 1.2 / HTTPSAll API calls and web traffic are encrypted between client and server.
At RestAES-256Database records and file storage are encrypted on disk.
Passwordsbcrypt (cost 12)User passwords are hashed and salted — never stored in plain text.
API KeysSHA-256 HMACAPI authentication tokens are cryptographically signed.

Access Control

AttendUX uses Role-Based Access Control (RBAC) to ensure users only see and modify data they are authorized to access.

Admins can configure granular permissions for each role — from full admin access to read-only employee views. See the Permissions page for detailed configuration.

Tip: Apply the principle of least privilege: give each user only the minimum permissions they need to do their job.

Data Isolation

Each company on AttendUX operates in a completely isolated data environment.

Company data is segmented at the database level. No company can access another company's employees, attendance, or payroll data — even if hosted on the same server.

Backup & Recovery

AttendUX maintains automated backups to protect against data loss:

Backup Type Frequency Retention
Full Database BackupDaily at 02:00 AM30 days
Incremental BackupEvery 6 hours7 days
Configuration BackupOn every settings change90 days
Warning: For self-hosted installations, you are responsible for configuring your own backup schedule. We strongly recommend daily automated backups.

Privacy Policy

AttendUX collects only the minimum data necessary to provide HR and attendance services. We do not sell or share your data with third parties.

Face recognition data is stored as encrypted mathematical vectors and cannot be reverse-engineered into photos. GPS location data is used only for geofence verification during check-in and is not tracked continuously.

Tip: You can request a complete data export or deletion of your company data at any time by contacting support.
Related Topics
Permissions License Activation Settings Sync Agent
Previous Sync Agent Next Troubleshooting