Legal & Privacy

Privacy Policy

Last Updated: March 27, 2026 MemoFaceAI — Face Recognition Attendance System
Select App
Table of Contents
  1. Introduction
  2. Information We Collect
  3. How We Use Your Information
  4. Biometric Data (Face Recognition)
  5. Location Data & Geofencing
  6. App Permissions
  7. Data Storage & Security
  8. Data Sharing & Third-Party Services
  9. Background Processing
  10. Notifications
  11. Data Retention
  12. Data Deletion Policy
  13. Your Rights
  14. Children's Privacy
  15. Changes to This Policy
  16. Contact Us

1 Introduction

Welcome to MemoFaceAI ("we", "us", "our"). MemoFaceAI is a face-recognition-based attendance tracking application designed for both corporate organizations and educational institutions to manage attendance efficiently and securely.

This Privacy Policy explains what information we collect, how we use it, and the choices you have regarding your data when you use our mobile application ("App"). By using MemoFaceAI, you agree to the collection, use, and handling of your information as described in this policy.

Terminology Note: Throughout this policy, the term "member" refers to any registered user within the App — this may be an employee (for corporate organizations) or a student (for educational institutions), depending on the type of organization using MemoFaceAI.

We are committed to protecting the privacy and security of your personal information in compliance with applicable data protection laws and regulations.

2 Information We Collect

a) Personal Information

When your organization registers you on the App, the following personal information may be collected:

  • Full name
  • Member ID (Employee ID for corporate organizations; Student/Roll Number for educational institutions)
  • Email address
  • Phone/contact number
  • Parent/guardian contact (if applicable)
  • Department and section/class assignment
  • Role within the organization (e.g., staff, accountant, student)

b) Biometric Data

  • Facial images: Multiple photographs of your face captured during the registration process
  • Biometric face templates: Compact mathematical representations derived from your facial images, used solely for identity verification during attendance marking. These cannot be reverse-engineered into facial images.
  • Liveness detection data: Processed during attendance to verify you are physically present (anti-spoofing)

c) Attendance Records

  • Entry and exit timestamps
  • Date of attendance
  • Associated department and section
  • Synchronization status (whether the record has been uploaded to the server)

d) Device Information

  • Device identifier (Android ID or iOS identifier)
  • Device brand and model name
  • Device type

e) Location Data

  • GPS coordinates (latitude and longitude) — collected only when geofencing is enabled by your organization and only at the time of marking attendance

f) Authentication Data

  • Username and login credentials (encrypted)
  • Session tokens for secure authentication
  • Tenant/organization identifiers

3 How We Use Your Information

We use the collected information strictly for the following purposes:

Data TypePurpose
Facial images & face templatesMember registration, identity verification, and attendance marking
Liveness detection dataPreventing fraudulent attendance using spoofed images or videos
Personal informationMember identification, organization management, and attendance records
Attendance recordsTracking entry/exit times for organizational reporting
Location dataVerifying the member is within the authorized geofenced area when marking attendance
Device informationDevice registration, session management, and ensuring authorized device usage
Authentication dataSecure login, session validation, and access control

We do not use your data for advertising, marketing, profiling, or any purpose unrelated to attendance management.

4 Biometric Data (Face Recognition)

Our App uses on-device machine learning models to process facial data. We take the handling of biometric data very seriously:

How Face Recognition Works

  1. Face Detection: The App uses an on-device model to detect faces in the camera feed. No images are sent to external servers for this step.
  2. Face Template Generation: A recognition model running entirely on your device converts facial images into a compact numerical template. This is a mathematical representation — not a photograph — used solely for verifying identity.
  3. Liveness Verification: An on-device anti-spoofing model checks that a real, physically present person is in front of the camera, protecting against fraudulent use of photographs or recordings.
  4. Identity Matching: The generated template is compared locally on the device against previously registered templates to confirm identity before recording attendance.

Key Safeguards:

  • All face detection, recognition, and liveness checks are performed entirely on-device — your facial images are never streamed to any external cloud service for processing.
  • Face templates are mathematical representations and cannot be reverse-engineered back into a facial image.
  • Facial images captured during registration are stored securely on the device and securely transmitted directly to your organization's encrypted server for backup and multi-device synchronization. This face data is securely stored and never shared with third parties.

5 Location Data & Geofencing

The App includes an optional geofencing feature that may be enabled by your organization. When geofencing is active:

  • Your GPS location is accessed only when you attempt to mark attendance.
  • Your location is compared against your organization's predefined geofence boundary to determine if you are within the authorized area.
  • If you are outside the geofenced area, the App displays a warning and prevents attendance from being marked.
  • Location data is processed in real-time and is not stored or transmitted — it is used only for the instant geofence check.

Note: If geofencing is disabled by your organization, no location data is collected or accessed at any time. Location access is never used for tracking your movement outside of the attendance marking flow.

6 App Permissions

The App requests only the permissions necessary for its core functionality:

PermissionWhy It's Needed
CameraCapturing facial images for member registration and real-time face recognition during attendance marking
Location (Fine & Coarse)Geofence verification — confirming the member is within the authorized area (only when geofencing is enabled)
InternetCommunicating with your organization's server for data synchronization, authentication, and member management
NotificationsDisplaying local notifications about pending attendance sync status and background sync results
Wake LockEnsuring background sync tasks complete reliably without interruption
Boot CompletedRestarting scheduled background sync tasks after the device is rebooted
Battery Optimization ExemptionRequested to ensure reliable background attendance sync — the user can choose to deny this
Photo Library / StorageAllowing selection of existing photos for member profile registration

All permissions are requested at runtime with clear explanations. You may deny any permission; however, doing so may limit certain features of the App.

7 Data Storage & Security

Local Storage (On-Device)

  • SQLite Database: Member profiles, biometric face templates, attendance records, department and section data, and attendance policy configurations are stored locally in an encrypted database on your device.
  • Shared Preferences: Session tokens, application settings, tenant configuration, and geofence parameters are stored in the device's secure key-value storage.
  • Local Files: Face images captured during registration are temporarily stored on the device file system.

Server Storage

  • Attendance records, member registration data (including facial images and face templates), and organizational configurations are synchronized with your organization's dedicated MemoFaceAI server.
  • All data transmission between the App and server uses authenticated API requests with Bearer token authentication (JWT).

Security Measures

  • Token-based authentication (JWT) for all API communications
  • Session validation to prevent unauthorized access
  • On-device biometric processing — face data is not sent to third-party cloud services
  • Automatic session expiration and re-authentication requirements

8 Data Sharing & Third-Party Services

We Do NOT Share Your Data With Third Parties

Your personal information, face data (including facial images and biometric templates), attendance records, and location data are never sold, rented, or shared with any third-party advertisers, data brokers, analytics providers, or external entities. All face data remains strictly confidential and is used solely for the attendance verification purposes described in Section 4.

On-Device Processing Libraries

The following libraries are used entirely on-device and do not transmit any data externally:

  • On-Device ML Runtime: Runs face detection, recognition, and liveness detection models locally on your device. No biometric data is sent to any third-party server.
  • Location Services Library: Accesses the device GPS solely for geofence verification. Location data is processed locally and not transmitted to any third party.

The App does not integrate any analytics services, advertising SDKs, crash reporting tools, or social media trackers.

9 Background Processing

The App uses background processing mechanisms (such as Android's WorkManager and iOS Background Tasks) to perform periodic background operations:

  • Attendance Sync: When the device has an internet connection, unsynced attendance records stored locally are automatically uploaded to your organization's server at regular intervals.
  • Member Data Sync: Member registration data is fetched from the server to keep the local database up to date.
  • Boot Persistence: After a device reboot, sync tasks are automatically rescheduled to ensure no attendance data is lost.

Background processing does not access your camera, microphone, or location. It only transfers previously recorded attendance data to the server.

10 Notifications

The App uses local notifications only (not push notifications from external servers) to inform you about:

  • Pending attendance records that have not yet been synced to the server
  • Background sync task status (success or failure)

No marketing, promotional, or third-party notifications are ever sent through the App.

11 Data Retention

  • Face Data: Facial images and biometric face templates are securely retained on our servers while the member's profile is active or deactivated by the organization. All associated face data is permanently deleted from our servers only upon explicit request or when the organization permanently deletes the user's account.
  • On-Device Data: Attendance records and member data are retained on the device until successfully synchronized with the server.
  • Server Data: Your organization controls the retention period for attendance records and member data stored on the MemoFaceAI server. The server securely stores this data even if an account is temporarily deactivated, until a deletion request is made.
  • Account Deactivation: When a member is deactivated by the administrator, access to the App is revoked and all local biometric data on their device is purged. However, their data on the server remains securely stored until graduation, termination, or an explicit deletion request is submitted.
  • Session Data: Authentication tokens expire automatically and are cleared upon logout.

12 Data Deletion Policy

We are committed to honoring your right to have your personal data — including sensitive biometric data — deleted upon request.

What Data Can Be Deleted

  • Facial images and biometric face templates
  • Personal information (name, member ID, contact details, department/class assignments)
  • Attendance records, subject to your organization's legal retention obligations
  • Device identifiers associated with your account
  • All active session tokens and authentication records

How to Request Data Deletion

To request deletion, email us at loveneesh@metaguard.in with the subject line "Data Deletion Request". Please include your full name, Member ID, and organization name.

Processing Timeframe

  • On-device data: Deleted immediately upon member deactivation or app uninstallation.
  • Server-side data: Processed within 30 days of a verified request.
  • Biometric data: Deletion is prioritized and completed within 15 business days.

Important: Because member accounts are created and managed by your organization, deletion of server-side data requires authorization from your administrator or a direct verified request to us.

13 Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Correction: Request correction of inaccurate or incomplete personal data.
  • Right to Deletion: Request deletion of your personal data, including biometric data, subject to your organization's policies and legal obligations.
  • Right to Restrict Processing: Request that we limit the processing of your personal data under certain circumstances.
  • Right to Withdraw Consent: Withdraw your consent for data processing at any time.
  • Right to Data Portability: Request your data in a structured, machine-readable format where technically feasible.

14 Children's Privacy

MemoFaceAI is designed for use in corporate organizations and educational institutions. While the App may be used by students in institutional settings, it is the responsibility of the institution to obtain appropriate parental or guardian consent for members under the age of 13 (or the applicable minimum age in your jurisdiction) before registering them in the App. We do not knowingly collect personal or biometric data from minors without proper organizational authorization.

15 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes:

  • The "Last Updated" date at the top of this policy will be revised.
  • We may notify your organization's administrator of significant changes.
  • Continued use of the App after changes are posted constitutes acceptance of the updated policy.

We encourage you to review this policy periodically.

16 Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact us:

If you have concerns about how your data is being handled by your organization through MemoFaceAI, please first contact your organization's administrator or data protection officer.

Table of Contents
  1. Introduction
  2. Information We Collect
  3. How We Use Your Information
  4. App Permissions
  5. Data Storage & Security
  6. Data Sharing & Third-Party Services
  7. Notifications
  8. Data Retention
  9. Data Deletion Policy
  10. Your Rights
  11. Children's Privacy
  12. Changes to This Policy
  13. Contact Us

1 Introduction

Welcome to MemoFace Parent ("we", "us", "our"). MemoFace Parent is a mobile companion application designed for parents and guardians whose children are enrolled in institutions using the MemoFaceAI attendance platform.

This app allows parents and guardians to monitor their child's school attendance in real time, receive instant push notifications for check-ins, check-outs, late arrivals, and absences, and review detailed daily and monthly attendance reports — directly from their smartphone.

Important: MemoFace Parent does not perform any face recognition, AI processing, biometric data collection, or location tracking. It is a read-only companion viewer app that receives and displays attendance data from your institution's MemoFaceAI system. No camera access is required or requested.

By using MemoFace Parent, you agree to the collection, use, and handling of your information as described in this policy. We are committed to protecting your privacy in compliance with applicable data protection laws and regulations.

2 Information We Collect

MemoFace Parent collects only the minimum information necessary to authenticate you and display your child's attendance data.

a) Authentication Credentials (entered by you at login)

  • Parent Contact Number: Your registered phone number, used to identify your parent account with the institution.
  • Student ID: Your child's unique identifier (e.g., STU-2024-001), used to retrieve the correct child's attendance data.
  • Institute ID (Tenant ID): Your institution's unique identifier, used to connect to the correct institution's server.

b) Data Returned by the Server After Login

  • Parent Name: Your name as registered with your institution — displayed in the app dashboard.
  • Secure Session Token: A temporary token issued by the server and stored locally on your device to keep you logged in between sessions. This is cleared immediately when you log out.
  • Child Profile Data: Your linked child's name, student ID, department, section, class, and institution name — displayed on the dashboard and report screens.

c) Device Identifier (for Push Notifications)

  • Push Notification Identifier: A unique identifier automatically generated for your device by Apple's or Google's notification service. This identifier is sent to your institution's server so that it can deliver attendance alerts directly to your phone. It does not identify you personally and cannot be used to track you.

d) Locally Stored Data on Your Device

  • Session preferences: Your login state, parent name, contact number, tenant ID, and authentication token — stored in the app's local secure storage (SharedPreferences) to keep you logged in between sessions.
  • Push notification history: The last 10 push notifications received (title, body, timestamp, and type) — stored locally on your device only. Never transmitted to any server.
  • Theme preference: Your selected light or dark mode preference — stored locally.

We do not collect: No biometric data, no facial images, no GPS location, no camera access, no microphone access, no contacts, no files, and no browsing history. This app collects only what is listed above.

3 How We Use Your Information

All data collected is used strictly for the following purposes:

DataPurpose
Parent contact, Student ID, Institute ID Authenticate your account with your institution's MemoFaceAI server
Secure session token Maintain your logged-in session and authorize data requests to the server
Parent name & child profile data Display the correct information on the dashboard and report screens
Push notification identifier Enable the institution's server to send you attendance alerts for your child directly to your device
Notification history (local) Display your last 10 attendance alerts in the Notifications screen — stored on-device only
Theme preference Remember your light/dark mode setting across app sessions

We do not use your data for advertising, profiling, marketing, analytics, or any purpose other than delivering the attendance information described above.

4 App Permissions

MemoFace Parent requests only the permissions strictly required to deliver its functionality. It does not request camera, microphone, location, contacts, or storage access.

PermissionWhy It's Needed
Internet Required to communicate with your institution's server to authenticate your account and retrieve attendance data, and to connect to Firebase Cloud Messaging for push notifications
Push Notifications Required on iOS and Android 13+ to display push notification alerts when your child's attendance is recorded. Without this, notifications cannot be shown.
Receive Boot Completed Allows the app to restore its Firebase Cloud Messaging listener after the device is restarted, ensuring you continue to receive attendance notifications after a reboot
Battery Optimization Exemption (optional) Optionally requested (on Android devices) to prevent the OS from killing the app's background notification delivery. You will be prompted and can freely choose to deny this — the app will still work, but background notifications may occasionally be delayed by battery-saving modes on some devices

All permissions are requested at runtime with clear explanations. Denying the notification permission means you will not receive push alerts, but all other app features (attendance reports, dashboard) will continue to work normally.

5 Data Storage & Security

What Is Stored Locally on Your Device

The following data is stored in the app's local secure storage on your device only:

  • Login state (whether you are currently logged in)
  • Parent contact number, tenant ID, and parent name
  • Secure session token (to keep you logged in between sessions)
  • Push notification identifier (to receive attendance alerts)
  • Last 10 push notifications received (title, body, timestamp, type)
  • Dark/light mode preference

This data is stored only on your personal device and is never shared with any third-party service (except your device's push notification identifier, which is shared with the institution's server as described in Section 3).

Communication with Your Institution's Server

All API requests from the app to your institution's MemoFaceAI server are secured with:

  • Session token authentication — every request is authorized with a valid session token
  • Encrypted connection \(HTTPS\) — all data in transit is encrypted

The app reads attendance data (daily logs, monthly reports) from the server but does not write or modify any attendance records. It is a read-only viewer.

What Happens When You Log Out

Tapping "Logout" in the Settings screen immediately clears all locally stored session data from your device — your contact number, session token, push notification identifier, parent name, and institution ID are all permanently deleted from local storage. Your notification history is also cleared.

6 Data Sharing & Third-Party Services

Your Institution's Server

During login and while using the app, the following data is transmitted to your institution's MemoFaceAI server:

  • Parent contact number, Student ID, and Institute ID (for authentication)
  • A push notification identifier for your device (so that the server can send attendance alerts to your phone)

This server is operated by your institution and is governed by your institution's data policies. MemoFace Parent only reads attendance data from this server — it does not upload any attendance records.

Push Notification Services

The app uses platform push notification services (such as Google Firebase for Android and Apple Push Notification Service for iOS) to receive attendance alerts. When the app registers for notifications, a unique device identifier is automatically generated and stored on your device. This identifier is then sent to your institution's server so that it can route attendance alerts to your specific device.

The use of data through these notification platforms is governed by their respective providers' privacy policies (e.g., Google and Apple). No personal information beyond this device identifier is shared with these services.

What We Do NOT Share

  • Your data is never sold to any third party.
  • The app contains no advertising SDKs, analytics libraries, crash reporting tools, or social media trackers.
  • Your phone number, Student ID, attendance records, and notification history are never shared with any entity other than your institution's own server.

7 Notifications

MemoFace Parent uses push notifications to deliver real-time attendance alerts directly from your institution's server to your device. These are triggered by your institution's system when your child's attendance is recorded — not by us.

Notification Types

  • Check-In Alert: Sent when your child enters school (attendance recorded as "Entry")
  • Check-Out Alert: Sent when your child exits school (attendance recorded as "Exit")
  • Absent Alert: Sent when your child is marked absent
  • Late Alert: Sent when your child's check-in is recorded as late

How Notifications Are Stored

  • When a notification is received, it is saved to the app's local device storage only — it is not transmitted to any server.
  • Only the last 10 notifications are retained. Older ones are automatically removed as new ones arrive.
  • All notification history is permanently deleted when you log out or uninstall the app.

No marketing, promotional, or unrelated notifications are ever sent through MemoFace Parent.

8 Data Retention

  • Local session data (login credentials, tokens, preferences) is retained on your device until you log out or uninstall the app.
  • Notification history is retained locally on your device — capped at the last 10 notifications. It is cleared when you log out or uninstall the app.
  • Attendance records and child profile data displayed in the app are stored on and controlled by your institution's MemoFaceAI server. The retention of this server-side data is governed by your institution's policies and applicable law.
  • Push notification identifier registered with your institution's server persists until you log in again (which generates a fresh identifier) or until your institution's administrator removes your account.

9 Data Deletion Policy

Deleting Local Data Instantly

You can delete all locally stored data on your device at any time by tapping Settings → Logout inside the app. This immediately and permanently removes:

  • Your login credentials and session token from local storage
  • Your parent name, contact number, and institution ID
  • Your push notification identifier from local storage
  • Your notification history (all stored alerts)
  • Your theme preferences

Alternatively, uninstalling the app from your device will also remove all locally stored data.

Requesting Deletion of Server-Side Data

For deletion of your account or attendance data from the institution's server, please contact your institution's administrator directly. If you wish to request deletion of any data held by MetaGuard Mobitech, please email us at loveneesh@metaguard.in with the subject "Data Deletion Request — MemoFace Parent" and include:

  • Your full name and parent contact number
  • Your student's name and Student ID
  • Your institution name

We will process verified requests within 30 days and confirm deletion via email.

Note: Attendance records on the institution's server are managed by the institution. We will coordinate with the institution on your behalf but cannot unilaterally delete data the institution is legally required to retain.

10 Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right to Access: Request a summary of the data we hold about you.
  • Right to Correction: Request correction of incorrect personal data (e.g., phone number) by contacting your institution's admin.
  • Right to Deletion: Request deletion of your locally stored and server-side data as described in Section 9.
  • Right to Restrict Processing: Request that we limit the processing of your personal data under certain circumstances.
  • Right to Withdraw Consent: Withdraw your consent at any time by logging out of the app and contacting your institution's admin to remove your account.
  • Right to Data Portability: Request a copy of your data in a structured format where technically feasible.

To exercise any of these rights, contact your institution's administrator or reach out to us using the contact details in Section 13.

11 Children's Privacy

MemoFace Parent is an app used by parents and guardians — not by children. The app is intended for adults (18+) who are the registered parents or guardians of students enrolled in institutions using the MemoFaceAI platform.

The app displays attendance data belonging to enrolled students (who may be minors), but this data is provided by the institution's server and was collected under the institution's consent policies. The MemoFace Parent app itself does not directly collect any personal data from or about children — it only displays data that the institution's system has already authorized for the parent to see.

If you believe your child's attendance data is being shared without proper authorization, please contact your institution's administrator and us at loveneesh@metaguard.in immediately.

12 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, applicable law, or app functionality. When we make material changes:

  • The "Last Updated" date at the top of this page will be revised.
  • For significant changes, we may send a notification through the app or notify you via email.
  • Continued use of the MemoFace Parent app after changes are posted constitutes acceptance of the updated policy.

We encourage you to review this policy periodically. The latest version is always available at this URL.

13 Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data in the MemoFace Parent app, please contact us:

We aim to respond to all privacy-related inquiries within 5 business days.