Skip to main content

Privacy Policy

Last updated: 01/01/2025

1. Introduction

Criarflix Tecnologia Ltda. ("we", "our" or "UsePonto"), registered under CNPJ 62.669.747/0001-94, is the data controller for personal data collected through the UsePonto application and web platform. This Privacy Policy describes how we collect, use, store, share, and protect your personal information.

This policy applies to the use of the UsePonto mobile application (available on Google Play Store and Apple App Store) and the web platform useponto.com.br.

2. Information We Collect

We collect the following types of information to provide and improve our services:

Identification Data

  • Full name
  • Email address
  • Phone number
  • CPF (Brazilian Individual Taxpayer Registry)
  • PIS/PASEP (when applicable)

Biometric Data

  • Facial image for facial recognition
  • Facial features processed for identity verification

Biometric data is used exclusively for identity verification at the time of time clock registration and is processed with encryption.

Location Data

  • Geographic location (GPS) at the time of time clock registration
  • IP address

Geolocation is collected only at the time of time clock registration, as required by Brazilian labor regulations (Ordinance MTP No. 671/2021).

Device Data

  • Device model and manufacturer
  • Operating system and version
  • Unique device identifier
  • Browser type (when applicable)

Usage Data

  • Access and navigation logs
  • Time clock registration timestamps
  • Application interactions
  • Error logs and diagnostics

3. How We Use Your Information

We use your personal information for the following purposes:

Service Delivery

Register electronic time clock entries, generate work time reports, and process adjustment requests.

Identity Verification

Confirm your identity through facial recognition to prevent fraud and ensure record integrity.

Legal Compliance

Comply with Brazilian labor regulations (Ordinance MTP No. 671/2021), including generation of AFD (Data Source File) and AEJ (Electronic Work Time File).

Communication

Send notifications about your work time, compliance alerts, and service updates.

Service Improvement

Analyze application usage to identify issues, improve features, and develop new functionality.

Security

Protect against unauthorized access, detect suspicious activity, and prevent fraud.

4. Data Sharing

We may share your information with:

Your Employer

Work time data (entry, exit, break times) is shared with the company where you work for human resources management and payroll purposes.

Service Providers

We use third-party services for data hosting (Hostinger), payment processing, and notification delivery. These providers have limited access to data necessary to perform their functions.

Legal Authorities

We may disclose data when required by law, court order, or request from competent authorities, including labor inspection agencies.

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5. Data Storage and Security

We implement technical and organizational measures to protect your information:

  • End-to-end encryption (TLS 1.2 or higher) for data transmission
  • At-rest encryption for stored sensitive data
  • Storage in certified data centers located in Brazil
  • Role-based access control (RBAC)
  • Immutable audit logs for traceability
  • Automatic backups with geographic redundancy
  • Passwords stored with bcrypt hash (minimum cost 10)

Retention Period

Time clock registration data (AFD) is stored for a minimum of 5 (five) years, as required by law. After this period, data may be anonymized or deleted, unless there is a legal obligation for additional retention.

6. Your Rights (LGPD)

Under the Brazilian General Data Protection Law (Law No. 13,709/2018), you have the following rights:

Access

Request a copy of the personal data we hold about you.

Correction

Request correction of incomplete, inaccurate, or outdated data.

Deletion

Request deletion of your personal data, when applicable and there is no legal retention obligation.

Portability

Request transfer of your data to another service provider.

Consent Revocation

Revoke your consent at any time, when processing is based on consent.

Opposition

Object to data processing in certain circumstances.

Information

Be informed about entities with whom we share your data.

To exercise any of these rights, contact us at contato@useponto.com.br. We will respond to your request within 15 (fifteen) business days.

7. Children's Privacy

UsePonto is intended for users over 18 years of age. We do not intentionally collect personal information from minors. If we become aware that we have collected data from a minor, we will take steps to delete such information as soon as possible.

Use of the system by minor apprentices (from 14 years old) must be authorized by the employer and legal guardian.

8. Cookies and Similar Technologies

We use cookies and similar technologies to:

  • Keep you logged into the service
  • Remember your preferences (language, theme)
  • Analyze service usage for improvements
  • Ensure session security

You can manage your cookie preferences in your browser settings. Note that disabling certain cookies may affect service functionality.

9. Changes to This Policy

We may update this Privacy Policy periodically. When we make significant changes, we will notify you by email or through a notice in the application before the changes take effect.

We recommend that you review this policy regularly to stay informed about how we protect your information.

10. Contact

If you have questions, concerns, or requests related to this Privacy Policy or the processing of your personal data, please contact us:

Criarflix Tecnologia Ltda.

CNPJ: 62.669.747/0001-94

Email: contato@useponto.com.br

We will respond to all requests within 15 (fifteen) business days.

Back to home page