LoggerIQ
Sign inStart free

Privacy policy

What LoggerIQ collects, why, and the choices you have. LoggerIQ provides location-verified, AI-checked attendance, leave and expense records.

Last updated 1 June 2026

Who we are

LoggerIQ operates the LoggerIQ service. Your employer or engaging business is the controller of the timesheet records created about you, and LoggerIQ processes that data on their instructions. For the LoggerIQ account and billing relationship, LoggerIQ is the controller.

What we collect

  • Account data: name, work email, role and the business you belong to.
  • Location at punch events only: a single reading when you clock in or out, to verify you were at the site. LoggerIQ does not track location continuously or between punches.
  • Authenticity signals: device and integrity signals used to detect spoofed locations and impossible travel.
  • Timesheet, leave and expense data: shifts, hours, time off, claims and approvals.
  • Usage and support data: logs needed to run, secure and support the service.

How we use it

  • To verify punches and build accurate timesheets, leave and expense records.
  • To detect fraud, spoofing and anomalies that affect pay integrity.
  • To run the IQ assistant on redacted data, with a human in the loop for pay actions.
  • To provide support, secure the service and meet legal obligations.

Location, captured less on purpose

Location is recorded only at the moment of a punch and is used to confirm presence at a configured site. Retention is configurable by the business and locations auto-purge on a schedule. LoggerIQ does not sell location data and does not use it for advertising.

The IQ assistant and native AI

LoggerIQ runs its AI in house. Your data is not sent to any third-party AI or LLM provider, and we do not train models on customer data.

  • Receipt OCR runs on an AI service we run in house. The image is processed inside our own environment and is not sent to any third-party AI or LLM provider.
  • The authenticity scoring engine runs in our own backend and receives only minimal, redacted, tokenised signals. It never sees raw personal information and never raw coordinates.
  • We do not train models on your data, and no third-party AI provider receives your data.

Any action that affects pay is proposed for human approval and written to an audit log.

Security

  • The most sensitive fields are encrypted before storage with per-business keys: precise punch coordinates and contact details such as phone numbers, addresses and emergency contacts. Names and email addresses are kept in plain form because they are needed to run your workspace. All data sits on top of encryption at rest and in transit.
  • Tenant isolation prevents any query from crossing a business boundary.
  • Role-based access controls and an append-only audit log over every action.
  • Single sign-on for larger customers is on the roadmap.

Sharing

LoggerIQ shares data with the business you work for, with sub-processors that help operate the service under contract and where required by law. Approved hours can be synced to a customer's systems at their direction. LoggerIQ does not sell personal data.

Sub-processors

We use a small set of trusted sub-processors to operate the service under contract. Our in-house AI is not a separate AI sub-processor that exports your data.

  • Managed Postgres database, hosted in Australia.
  • Transactional email and SMS delivery, hosted in Australia.
  • Encrypted object storage and a global edge with WAF and DDoS protection.
  • Application and marketing hosting (edge routing outside Australia).
  • A PCI-compliant payment provider (card details tokenised, never stored by us).

Cross-border disclosure (APP 8)

Under Australian Privacy Principle 8, some data is handled outside Australia by our sub-processors. Your client database and email stay in Sydney.

  • Billing is processed by a payment provider in the United States and receives only billing email and tokenised card references.
  • Application and edge routing use providers in the United States and globally and do not receive client documents.
  • Any document that transits the edge is encrypted.

Your rights

Subject to your local law, you can request access to, correction of or erasure of your personal data. Where your employer is the controller, please raise the request with them and LoggerIQ will support it. Region-pinned data residency is available.

Retention

Timesheet records are retained for as long as the business needs them and as required by employment and tax law. Location readings follow the configured retention window and are then purged.

Contact

Questions about this policy? Email support@loggeriq.io. For how we protect your data, see our data security page.