Privacy Policy

For Web Application Users (Administrators, Supervisors):

• Name, email address, and contact information
• Organization details (company name, address)
• User credentials (encrypted passwords)
• Profile information and preferences

For Field App Users (Technicians):

• Phone number (for device registration and OTP verification)
• Device information (model, operating system, unique device fingerprint)
• Professional credentials and role within organization

Field App - GPS Location:

• Precise Location (Foreground): Captured when technicians perform protocol steps to establish chain of custody for evidence
• Background Location: Used during evidence upload to maintain location metadata integrity. Required to ensure evidence authenticity when the app is backgrounded during upload processing
• Location data is tied to specific work executions and evidence captures
• Location history is not tracked outside of active job execution

Captured by Field App:

• Photos, videos, and audio recordings taken during protocol execution
• Timestamps (both device time and NTP-verified time when available)
• GPS coordinates at moment of capture
• Device sensor data (accelerometer, gyroscope, barometer) for forensic verification
• Cryptographic hashes and signatures for evidence integrity

All media is captured solely for the purpose of documenting industrial operations and creating tamper-proof audit trails. Media is encrypted during transmission and storage.

• IP address and browser information
• Device identifiers and operating system details
• App usage statistics and performance metrics
• Crash reports and error logs (anonymized)
• Network connectivity status (for offline operation management)

• Protocol definitions and workflow specifications
• Execution records (who performed what task, when, and where)
• Inspection results, defect reports, and quality metrics
• Asset and equipment information
• Approval and verification records

• Protocol Execution: Enable technicians to follow work procedures and capture evidence
• Chain of Custody: Maintain tamper-proof audit trails with location, time, and device verification
• Evidence Management: Store, process, and serve media files for compliance and verification
• Quality Assurance: Review execution replays and approve evidence quality
• Defect Tracking: Report, assign, and verify defect resolutions

• Authenticate users and authorize access to organization data
• Manage device binding and prevent unauthorized access
• Facilitate offline operation with background synchronization
• Send OTP codes and job notifications via SMS/push
• Monitor system performance and diagnose technical issues

• Comply with warranty, insurance, and regulatory requirements
• Respond to legal requests and prevent fraud or misuse
• Maintain records for audit and dispute resolution

Data is shared within your organization according to role-based access controls. Administrators can view all executions, supervisors can review their team's work, and technicians can only access their assigned jobs.

We use trusted third-party services to operate our platform:

• Cloud Storage (AWS S3): Encrypted media storage
• Database Hosting: Secure data storage and processing
• SMS Gateway: OTP delivery for device verification
• Analytics: Anonymized usage metrics (Google Analytics)

All service providers are bound by data protection agreements and process data only as instructed.

We may disclose information if required by law, court order, or governmental request, or to protect our rights, property, or safety.

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. You will be notified of any such change.

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

• Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Role-based permissions and multi-factor authentication
• Device Binding: Field app credentials are tied to specific devices
• Cryptographic Sealing: Evidence chains use SHA-256 hashing for tamper detection
• Secure Storage: Media files stored in isolated, access-controlled buckets

• Regular security audits and penetration testing
• Employee training on data protection practices
• Incident response procedures for data breaches
• Automatic session timeouts and secure credential storage

We retain data for as long as necessary to fulfill the purposes outlined in this policy or as required by law:

• Execution Records: Retained indefinitely for compliance and audit purposes (can be deleted upon request)
• Media Evidence: Stored according to your organization's retention policy
• User Accounts: Deleted within 30 days of account closure
• Logs and Analytics: Retained for 12 months for operational purposes

Field App users can manage location permissions:

• Android: Settings → Apps → Pruved → Permissions → Location
• iOS: Settings → Privacy → Location Services → Pruved

Note: Location is required for evidence chain of custody. Disabling it will prevent protocol execution.