Privacy at a glance

Privacy legislation

NoahFace is committed to the highest standards of privacy. As such we provide you with comprehensive facilities to help you comply with local privacy and biometric legislation around the world, including the following:
You should of course seek your own professional and independent legal advice on your compliance with all relevant local legislation.

Privacy Requirements

The common privacy requirements that have emerged and that NoahFace addresses are as follows:

Notice and Consent

NoahFace displays a simple privacy statement that employees actively consent to during registration. This privacy statement explains what data is captured, what it is used for, and when it is destroyed.

No Surveillance

NoahFace does not capture and store video under any circumstances. NoahFace only uses facial recognition to identify those that consent.

Non-Biometric Options

NoahFace supports identification using passcodes or QR codes, both for individual employees that do not consent to the use of facial recognition, as well as system wide. NoahFace also supports a personal mobile App.

Minimization of Data

NoahFace only captures data that is absolutely necessary for business purposes. For example, it captures the date and time that employees clock in and out for work, so they can be accurately paid.

Retention and Destruction

NoahFace automatically destroys clocking data after a configured retention period (from 1 month to 7 years), and destroys biometric data as soon as employee relationships end.

Individual Rights

NoahFace allows employee data to be queried, updated, exported, and deleted, so that you can easily satisfy individual data access requests.

No Commercial Use

NoahFace does not use personal data for commercial purposes, nor do we sell, lease or disclose personal data to third parties.

Data Security

NoahFace includes comprehensive data storage, transmission and protection features, including encrypting data in transit and at rest. All data is stored securely within Amazon Web Services.

Security at a glance

Our reputation is built on the security of your data. We therefore take extensive measures to ensure that your data remains protected, including:

SOC 2 Security Compliance

As part of our ongoing commitment to protecting our customer's data, NoahFace has successfully completed a SOC 2 Security Audit. The SOC 2 Type I audit, completed by Johanson Group LLP, demonstrates that our systems are appropriately configured and our policies address the SOC 2 security requirements.

World Class Providers

NoahFace has chosen to build our business and our platform on secure foundations. Our kiosks run exclusively on the Apple iPad, and our Dashboard and Data Storage is hosted in Amazon Web Services (AWS). We selected these providers because of their clear focus on privacy and data security.

Data Encryption

NoahFace uses industry standard data encryption to protect your data while it is in transit and at rest.

Automation

NoahFace uses automation to avoid data leakage caused by human error. For example, NoahFace automatically destroys data after a configurable retention period and even automatically disables logins that have not been used for an extended period.

You are in Control

NoahFace gives you the flexibility to determine where your data is stored, how long it is retained, and who has access to it. You can even configure comprehensive password rules and use two-factor authentication.

Individual Rights

NoahFace allows employee data to be queried, updated, exported, and deleted, so that you can easily satisfy individual data access requests.
To learn more about NoahFace's commitment to security, see the Data Management and Protection white paper.

Facial Recognition at a glance

NoahFace uses facial recognition so that employees can identify themselves by simply presenting themselves at an iPad based kiosk. Employees find this process fast, convenient, and safe. Read on to learn more:

What are biometrics?

In the context of facial recognition, biometrics are a series of facial measurements, such as the distance between your eyes, the distance between your chin and mouth, etc, that together can uniquely identify your face.

How are biometrics captured?

Employees present themselves at an iPad based kiosk, identify themselves (eg: using a password), consent to a simple privacy statement, and their photo is taken. Their biometrics are then automatically extracted from this photo.

Is the use of facial recognition optional?

Yes. NoahFace supports identification using passcodes or QR codes, both for individual employees that do not consent to the use of facial recognition, as well as system wide. NoahFace also supports a personal mobile App.

Where are biometrics stored?

You have the flexibility to decide whether you want to store biometrics only on individual iPads or also in the Cloud.

When are biometrics deleted?

NoahFace automatically destroys biometrics when an employment relationship ends. You can also manually delete biometrics, for example, if an employee removes their consent.

Can biometrics be exported?

No. There is no mechanism to export biometrics from NoahFace.
Your local Time and Attendance specialists. Because timing is everything.
Proudly New Zealand owned, operated and supported.
© 2023 TimeLab. All rights reserved.