Security & Data Protection

Temporra handles sensitive workforce data — including, optionally, facial-recognition and GPS data. We treat protecting it as a core part of the product, not an afterthought.

UK-hosted

Your data is stored on servers in the UK / EEA — never shipped overseas without recognised safeguards.

Encrypted in transit

Every connection uses TLS (HTTPS), enforced by the .app domain.

Hashed passwords

Passwords are stored using strong one-way hashing — we can never read them.

Role-based access

Workers, managers and admins only ever see what their role permits.

How we handle facial recognition

Facial recognition is the feature buyers ask about most, so here is exactly how it works:

It is an optional feature, off by default. Your business chooses whether to enable it.
It requires each worker's explicit consent before first use, captured during the one-time Face ID setup.
We store a mathematical template — a sequence of 128 numbers describing facial geometry — not a photo, and not something that can be reversed back into an image.
The live camera image used to verify a clock-in is processed on the device and is not retained afterwards.
A worker can withdraw consent at any time; their facial template is then deleted permanently.

Under UK GDPR, facial data used to identify a person is "special category" data. Temporra gives you the consent and deletion controls you need; as the employer you remain responsible for your lawful basis and for completing a Data Protection Impact Assessment (DPIA) where required.

How we handle location (GPS)

GPS is captured only at the moment a worker clocks in or out — never continuously and never in the background.
The coordinates are stored with that single timesheet entry to confirm the worker was on site.
Geofencing is configurable per job: the admin sets the site by postcode and chooses the allowed radius.

Access, isolation and payments

Per-tenant separation — each business's data is kept separate from every other business on the platform.
Restricted production access — servers are firewalled and access to live systems is limited.
Payments via Stripe — card details never touch our servers; we receive only a confirmation and the last four digits for billing display.

Data retention & your rights

We keep personal data only as long as needed or as required by UK law, and support the full set of UK GDPR rights — access, rectification, erasure, restriction, objection, portability and withdrawal of consent. Full detail is in our Privacy Policy and GDPR Compliance page, including our offer of a signed Data Processing Agreement (DPA) for businesses that need one.

Questions?

Security or data-protection question, or need a DPA? Email support@temporra.app — you'll reach the team that builds the product.