Privacy Policy

Account Information

When you create a Site Secure account, we collect:

• • Name and email address
• • Phone number, including for one-time password (OTP) sign-in when your organization enables phone authentication
• • Organization or company name
• • Job title or role

We collect this information to create and manage your account, provide customer support, and send you service-related notifications.

Location Data

For workers using our mobile app during active shifts, we collect:

• • GPS coordinates and precise location data
• • Background location data only where enabled, needed for the workflow, and permitted by the device and platform
• • Clock-in/clock-out locations
• • Geofence checks used to verify on-site presence during punch workflows

We collect location data to help verify worker presence on job sites, support timecard accuracy, review incidents, and provide job-site activity records to the worker's organization. Location data is intended to be collected only when a worker has actively clocked in or is using a workflow that requires location. Users must grant location permissions on their device, and platform behavior may differ between iOS, Android, and web.

Photos and Images

We collect photos and images for:

• • Worker certification documents (licenses, cards, etc.)
• • Worker documents uploaded for organization review
• • Safety inspection photos
• • Incident documentation and evidence
• • Site conditions and equipment checks
• • Selfie images captured during clock-in when your organization enables selfie verification

Photos are collected to maintain worker and job-site records, document safety conditions, and support incident review.

Digital Signatures

We collect:

• • Digital signatures on toolbox talks and safety documents
• • Timestamps of signature events
• • Signature metadata and context

We collect signature data to create records of worker acknowledgment, including timestamps and related context.

Work Hours and Timecards

We collect:

• • Clock-in and clock-out times
• • Break duration and timing
• • Job site assignments
• • Hours worked per project or job

This data is collected to track worker attendance, generate payroll records, and provide accurate project time allocation.

Safety Training Records

We collect:

• • Toolbox talk completion records
• • Training completion dates and times
• • Certification expiration dates
• • Safety or training status shown to your organization

We collect training data to track assigned trainings, certification renewals, and worker readiness for job-site workflows.

Messages and Communications

When your organization uses in-app messaging, we collect:

• • Message content and replies you send in the app
• • Message timestamps and delivery status
• • Organization broadcast and reminder content sent through the platform

Messages are shared with your organization and used for crew communication, reminders, and workplace coordination.

Incident Reports

When you submit or participate in incident reporting, we collect:

• • Incident descriptions, notes, and classifications
• • Related photos, signatures, and timestamps
• • Job site, worker, and organization context linked to the report

Incident data supports safety review, organization records, insurance, and dispute handling.

Time Off and Scheduling

When your organization enables these modules, we collect:

• • Time-off requests, dates, and approval status
• • Shift assignments and schedule changes
• • Calendar and crew scheduling context

This information helps organizations manage staffing, coverage, and worker availability.

Push Notification Tokens

We collect device tokens to send you real-time push notifications about:

• • Expiring certifications
• • Pending toolbox talk assignments
• • Incident reports and site alerts
• • Schedule changes and important updates

Usage Data and Product Analytics

To understand how the Services are used and improve reliability, we collect product interaction and diagnostic data:

• • On the web app: page views, feature usage events, and optional in-depth analytics events when enabled in your account settings
• • On the mobile app: screen and navigation activity, taps, session activity, app version adoption, custom workflow events (such as authentication, timecard, document, certification, and alert interactions), and related device metadata
• • Crash logs, error reports, and performance diagnostics

Web analytics are processed through Vercel Analytics. Mobile product analytics are processed through Vexo Analytics when analytics is enabled for the mobile build. On mobile, signed-in users are associated with a hashed analytics identifier rather than a raw account identifier. Vexo may also support product analytics features such as funnels, dashboards, heatmaps, and session replay for troubleshooting and product improvement. Analytics data is used for product analytics only and is not used for third-party advertising, ad attribution, ad measurement, data sale, or data brokerage.

Device Information

We collect:

• • Device type and model
• • Operating system and version
• • Mobile app version
• • Device identifier

We collect device information for app optimization, troubleshooting, crash reporting, mobile product analytics, and ensuring compatibility across different platforms.

Within Your Organization

Your personal information may be shared with:

• • Organization administrators and managers (to manage crew, assignments, and compliance)
• • Payroll and HR departments (for timekeeping and payroll processing)
• • Project managers and site supervisors (for scheduling and site management)

Admins can only access data appropriate to their role within your organization.

Service Providers

We share data with carefully selected vendors who help us operate the platform:

• • Supabase (PostgreSQL): Database hosting and storage
• • Vercel: Web application hosting, deployment, and web usage analytics
• • Sentry: Error tracking and crash reporting
• • Vexo Analytics: Mobile app product analytics, including usage events, session activity, and related diagnostics when mobile analytics is enabled. See Vexo's Privacy Policy.
• • Expo: Push notification delivery for the mobile app
• • Resend: Transactional email delivery for account, notification, and service messages

All service providers are bound by confidentiality agreements and are only permitted to use your data as necessary to provide their services. Vexo Analytics is used for product analytics only and is not used for advertising, ad attribution, ad measurement, data sale, or data brokerage.

Legal and Safety

We may disclose your information when:

• • Required by law, court order, or government request
• • Necessary to prevent fraud, security threats, or physical harm
• • Required for regulatory compliance or safety investigations
• • Necessary to protect our legal rights or enforce our agreements

No Third-Party Marketing

We do not sell, license, or share your personal information with third parties for their marketing or advertising purposes. The Site Secure mobile app does not contain third-party advertisements or ad-network tracking pixels. Vexo Analytics is used for product analytics only. Your data is only shared as described in this Privacy Policy.

Right to Access

You may request a copy of personal information associated with your account. Contact us at team@pulsecommunityagency.com with your request.

Right to Correct

You may correct or update inaccurate personal information through your account settings or by contacting us.

Right to Deletion

You may request deletion of your account and associated personal information. Account deletion is permanent and cannot be undone. Some historical records, such as timecards, incident records, signatures, or organization documents, may be retained where needed for organization records, dispute handling, security, backups, or legal obligations.

Right to Opt-Out

You may opt out of push notifications and marketing emails through account or device settings where available. On the web app, you can disable in-depth analytics in your account dashboard preferences. Disabling operational notifications or required analytics needed for app operation may affect reminders, timecards, certifications, or other app workflows.

Right to Data Portability

Where applicable and technically feasible, we can provide personal information associated with your account in a portable, machine-readable format.

Right to Withdraw Consent

You may withdraw consent for location tracking or other optional data collection through your device settings or account preferences where available. Some workflows may stop working if required permissions are disabled.