Privacy Policy
Effective Date: June 26, 2026 — Last Updated: June 27, 2026
Welcome to FlashAttend. This Privacy Policy explains how we collect, use, disclose, and safeguard user information across our two attendance automation solutions: our Mobile Application (the "App") and our PC-Based CCTV Automated Solution (the "CCTV System").
FlashAttend is currently operating as an early-stage startup founded and managed by Rudra Prasad Sahu and Noothan Gude ("we," "our," or "us"). As the operators of this service, we act as joint Data Controllers for the information processed through our systems.
1. Important Notice on Biometric Data Handling
We prioritize absolute user privacy. FlashAttend handles facial geometry for verification using localized and mathematical secure processing.
- No Image Storage: Neither our Mobile App nor our CCTV System permanently stores raw facial photographs or video frames.
- Vector Embeddings Only: When a face is scanned or processed, our software instantly converts the facial features into a secure, mathematical face embedding (a vector token). The raw visual image is immediately discarded and never saved.
2. Information We Collect and How We Use It
We collect two distinct categories of information based on the deployment mode chosen by the institution.
A. Administrative Account Information (Both Platforms)
When an institution administrator or teacher creates an account using "Continue with Google" (Firebase Authentication), we collect:
- Personal Identifiers: Name and Email address.
- Organizational Details: Institution name, Institution type (e.g., school/office), and preferred attendance mode.
- Operational Metrics: Contact Phone Number, student capacity, and precise geographical location (address) to ensure localized accuracy.
B. Mobile Application Data (#smartphone-app)
For institutions utilizing the smartphone-based camera verification method:
- Biometric Vector Tokens: The local app processes facial landmarks to create a mathematical vector token.
- Cloud Synchronization: To ensure data matching capability across multiple authorized institutional smartphones, these non-reversible mathematical tokens are synced and backed up on our self-managed cloud Virtual Private Server (VPS).
C. PC-Based CCTV Solution Data (#cctv-integration)
For institutions utilizing our automated PC software:
- Local Edge Processing: The PC software hooks into the institution's local CCTV RTSP video stream.
- On-Premise Boundaries: All video streams, image capture frames, and face-matching calculations are performed 100% locally on the hardware machine sitting inside the school/office premises. No video feeds or fragments are ever tunneled or streamed to our cloud servers.
- Immediate Discard: Once a facial recognition match is calculated against the stored local tokens to register attendance, the corresponding video frame is permanently discarded. No fragments or audit snapshots are saved.
3. Third-Party Services
We keep third-party data exposures minimal to protect system integrity:
- Firebase Authentication: We utilize Google Firebase solely to securely handle administrative login and profile management.
- Infrastructure Hosting: Our backend database is securely deployed on a self-managed cloud VPS under our absolute administrative control. We do not use third-party managed database layers or public SMS/Email gateways at this stage.
4. Data Retention and Complete Deletion Rights
Google Play and international data privacy laws require clear mechanisms for the removal of personal data.
In-App Deletion Paths
Any institution administrator or authorized teacher can permanently remove a student, employee, or entire registration record directly inside the mobile app or dashboard interface. This instantly wipes the data locally and syncs the deletion to our servers.
Deletion via Email Request
If an individual (or a parent/guardian of a minor) leaves an institution and wishes to verify that their biometric tokens and record data have been completely removed from our synced VPS servers without going through the school admin, they can request deletion manually via email.
- Deletion Route: Send a formal request to our support email address (listed in the Contact Us section below) specifying the Name, Institution, and details of the account to be removed.
- Our Commitment: Upon receipt and verification of the request through the institution, we will permanently wipe all associated data records and mathematical tokens from our cloud databases within 30 days. We do not support "temporary deactivation"; all deletions are absolute and permanent.
5. Institutional Compliance and Third-Party Consent
Because FlashAttend is integrated by schools and enterprises, the processing of student, minor, or employee biometric data relies on institutional authorization.
Important Legal Obligation: The purchasing/utilizing institution (the school or business entity) is entirely responsible for securing explicit, legally binding consent from its staff, students, or parents/legal guardians before uploading profiles or initiating facial recognition registration through the FlashAttend smartphone or CCTV platforms.
6. Website Visitors and Analytics
When you visit our public website (flashattend.com), we collect certain information automatically to analyze web traffic and improve our online presence.
- Google Analytics: We use Google Analytics to understand how visitors interact with our website (e.g., pages visited, time spent on the site, and the country of origin). Google Analytics uses "cookies" — small text files placed on your device — to collect standard internet log information and visitor behavior data in an anonymous form.
- Opt-Out: You can choose to accept or decline cookies through your web browser settings, or install the Google Analytics Opt-out Browser Add-on to prevent your data from being used by Google Analytics.
7. Updates to This Policy
We reserve the right to modify this Privacy Policy as our software scales and incorporates formal corporate registration. We will notify administrative users of any significant modifications by pinning a notice inside the system platform dashboards.
8. Contact Us
For any privacy questions, data access requests, or deletion inquiries, you can reach out directly to the founders:
Email: support@flashattend.in
WhatsApp: +91 77359 43596