Agenz

Privacy Policy

Agenz Mobile Application

Last updated: February 26, 2026


1. Introduction

Agenz ("we", "our", "us") operates the Agenz mobile application (the "App"). This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the App.

By using the App, you agree to the collection and use of information as described in this policy. This policy complies with the EU General Data Protection Regulation (GDPR) and French data protection law (Loi Informatique et Libertés).

2. Information We Collect

2.1 Account Information

When your employer creates your account, we collect:

  • Email address — used for authentication and account recovery
  • Name — used to identify you within the App
  • Employee ID — assigned by your employer

2.2 Location Data

The App collects precise location data (GPS) for the following purposes:

  • Check-in/check-out — to verify you are at your assigned work site
  • Geofencing — to confirm you remain within the site perimeter during your shift
  • Guard tours — to verify checkpoint completion at specific locations

Location data is primarily used during active shifts for attendance and tour verification. The App may request background location access to support geofencing features.

2.3 Camera and Microphone

The App may request access to your device's camera and microphone for:

  • Photos and videos — to capture visual evidence during incident reporting and observations
  • Voice recordings — to record voice notes during guard tours and incident reports

Media is captured only when you actively initiate a recording or photo. The App does not access your camera or microphone in the background.

2.4 Calendar

The App may request access to your device calendar to add upcoming shifts for your convenience. This is optional and requires your explicit permission.

2.5 Device Information

We collect limited device information for:

  • Push notification tokens — to send you shift alerts and notifications via Firebase Cloud Messaging (FCM)
  • Error and crash reports — device model, OS version, and app state at the time of a crash, sent to our error monitoring service (Sentry) to help us fix bugs

2.6 Usage Data

We collect anonymised usage data to improve the App's performance and reliability. This does not include personal content such as photos, videos, or voice recordings.

3. Legal Basis for Processing (GDPR Article 6)

PurposeLegal Basis
Authentication and account managementPerformance of contract
Location verification (check-in, geofencing)Legitimate interest of employer (workforce management)
Guard tour trackingPerformance of contract
Shift schedules and notificationsPerformance of contract
Incident and observation reportingLegitimate interest (security operations)
Shift reports for employerPerformance of contract
Crash reports and error monitoringLegitimate interest (service reliability)
Camera, microphone, calendar accessConsent (you grant permission on your device)

4. How We Use Your Information

We use the collected information to:

  • Authenticate you and manage your account
  • Verify your presence at assigned work sites
  • Track guard tour completion
  • Deliver shift schedules and notifications
  • Enable incident and observation reporting
  • Generate shift reports for your employer
  • Monitor and fix technical issues (crash reports)
  • Improve the App's performance and features

5. Data Sharing

5.1 Your Employer

As Agenz is a workforce management tool, your employer (the security company) has access to:

  • Your shift attendance records (check-in/check-out times and locations)
  • Guard tour completion data
  • Incident reports and observations you submit
  • Shift reports

5.2 Third-Party Services

We use the following third-party services to operate the App:

ServicePurposeData Shared
Amazon Web Services (AWS Cognito)AuthenticationEmail, password (encrypted)
Firebase (Google)Push notificationsDevice push token
MapboxMap displayAnonymised location for map tiles
SentryError monitoringDevice info, crash logs (no personal data)

We do not sell your personal information to any third party.

5.3 Legal Requirements

We may disclose your information if required by law, regulation, or legal process.

6. Data Storage and Security

  • All data is transmitted over encrypted connections (HTTPS/TLS)
  • Authentication is handled by AWS Cognito, which encrypts passwords and manages sessions securely
  • Location data, photos, videos, and voice recordings are stored on secure servers
  • We retain your data for as long as your account is active or as required by your employer's data retention policies

7. Data Retention

  • Account data is retained while your account is active and for a reasonable period after deactivation
  • Shift and attendance records are retained according to your employer's policies and applicable labour laws
  • Crash reports are retained for up to 90 days
  • Push notification tokens are removed when you uninstall the App or revoke notification permissions

8. Your Rights (GDPR Articles 15–22)

Under GDPR, you have the following rights:

  • Right of access (Article 15) — obtain a copy of your personal data
  • Right to rectification (Article 16) — correct inaccurate or incomplete data
  • Right to erasure (Article 17) — request deletion of your data (subject to legal and contractual obligations)
  • Right to restrict processing (Article 18) — limit how we use your data
  • Right to data portability (Article 20) — receive your data in a structured, machine-readable format
  • Right to object (Article 21) — object to processing based on legitimate interest
  • Right to withdraw consent — for processing based on consent (e.g., camera, microphone, calendar)

To exercise any of these rights, contact us at the address below. We will respond within 30 days as required by GDPR.

You also have the right to lodge a complaint with the CNIL (Commission Nationale de l'Informatique et des Libertés), the French data protection authority: www.cnil.fr

9. Children's Privacy

The App is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the App or by email. The "Last updated" date at the top of this page indicates when the policy was last revised.

11. Data Controller

The data controller responsible for processing your personal data is:

For any questions regarding this Privacy Policy, your personal data, or to exercise your GDPR rights, please contact us at the email address above.