Legal
ClockNeXt Privacy Policy
Version 2026-03-20
1. What this policy covers
ClockNeXt helps users log work time, verify wages, manage companies, generate reports, manage subscriptions, use referral rewards, and receive account notifications. This policy explains how personal data is collected, used, stored, shared, and protected when you use the app and related web services.
2. Data we collect
We collect account and service data needed to run authentication and subscriptions, including email address, password credentials, OTP verification and reset challenge records, referral code relationships, privacy policy acceptance, subscription status, notification records, notification device tokens where enabled, and technical service logs. Business-work data such as shifts, notes, reports, earnings calculations, company settings, deductions, and unpaid break rules stays in the app on your device unless you explicitly export, back up, or share it.
3. Why we use your data
We use backend-held personal data to create and secure accounts, send OTP verification and password-reset emails, process subscriptions, apply referral rewards, deliver in-app or push notifications where available, prevent abuse, support users, process deletion requests, and improve service reliability. Local business data is used inside the app to calculate hours, wages, and reports on your device.
4. GDPR legal bases
Where GDPR applies, ClockNeXt relies on contract performance to provide the service you request, legitimate interests for security and service operations, legal obligations where required, and consent where the app asks for optional permission or explicit acceptance.
5. Your GDPR rights
You may request access, correction, deletion, restriction, objection, portability, and information about how your data is processed. You may also withdraw consent where processing relies on consent, without affecting prior lawful processing. GDPR-related requests, including deletion requests, may be sent to clocknext.io@gmail.com.
6. Payments and subscriptions
Subscription checkout and customer billing portal functions are processed through Stripe. ClockNeXt does not store full payment card details. New users start on the Basic tier by default, and the 14-day Standard trial starts only when the user chooses to activate it. Stripe acts as an independent payment processor under its own terms and privacy documentation.
7. Hosting and infrastructure
Account, subscription, referral, notification, and technical service data may be hosted using Firebase, Google Cloud, and related service providers. These providers may process technical and account data as infrastructure providers for hosting, storage, security, and service delivery. We do not use this backend to store your core business-work records such as shifts, earnings, companies, or deduction logic.
8. Reports, supervisors, and company data
If you add supervisor or company email addresses and use report-sharing features, ClockNeXt uses that information on your device to prepare files and, where applicable, to send the files you request. You are responsible for ensuring you have authority to upload, store, back up, and share employer or company-related information in the app.
9. Local storage and cloud backup
Your business-work records such as shifts, earnings, companies, deductions, and reports are stored locally on your device by default. If you choose to create a backup, the backup file is stored only with the cloud storage provider or location you personally select, such as Google Drive or iCloud Drive. ClockNeXt does not automatically access or retain those local backup files on our backend.
10. Data retention
Account, subscription, referral, notification, and security-related backend data is retained while your account remains active and for a reasonable period afterward for security, legal, billing, audit, dispute resolution, and infrastructure backup purposes, unless a longer retention period is required by law.
11. Account deletion
You can request deletion of your ClockNeXt backend account data using the public deletion instructions at delete-account.html or by emailing clocknext.io@gmail.com from the email address associated with your account. Deletion of backend account data does not automatically erase local work records already stored on your device or in your own backups.
12. International transfers
Because cloud and payment providers may operate internationally, data may be processed outside your country. Where required, transfers should rely on appropriate safeguards such as standard contractual clauses or equivalent lawful mechanisms.
13. Security
ClockNeXt uses reasonable technical and organizational measures to protect backend-held personal data, but no online service can guarantee absolute security. Users should protect their login credentials, secure their device and local backups, and report suspected unauthorized access promptly.
14. Children and employment data
ClockNeXt is intended for work and business use, not for children. Do not use the service for anyone who cannot lawfully consent or where local employment, payroll, or monitoring rules prohibit the intended use.
15. Compliance note
This policy provides operational privacy terms, but employment, tax, payroll, consumer, and data protection requirements vary by country. Production use should be reviewed against local law and, where needed, by qualified legal counsel.
16. Contact and complaints
For privacy requests, complaints, deletion requests, or GDPR-related questions, contact clocknext.io@gmail.com. Where GDPR applies, users also have the right to lodge a complaint with their local supervisory authority.