PUNCTUA ("we", "our", "us") provides a modern attendance management application. This policy describes what data we collect, how we use it, and your choices.
What we collect and why
Camera (android.permission.CAMERA) Purpose: Scan QR codes presented by teachers to check into sessions. We do not capture, store, or transmit images or video from the camera. The camera feed is processed on-device solely to decode QR data.
Location (Approximate/Precise) Purpose: Verify proximity to the session location for attendance integrity. We compute your distance to the configured session location on-device. We do not store raw GPS traces. We may store a boolean result (e.g., within radius) and timestamp as part of the check-in record.
Bluetooth (Scan) Purpose: Detect the presence of a nearby BLE beacon/service the teacher configured to deter remote scans. We scan for specific service UUIDs. We do not pair with devices. We do not store device identifiers.
Account information Email, name, and user ID from your authentication provider (e.g., Firebase Auth) to identify your account and associate check-ins with you.
Attendance data Session identifiers, check-in timestamps, course/class info, and counters necessary for attendance records.
How we use your data
Provide the attendance functionality, verify proximity constraints (location/BLE), and record your presence in class.
Secure the platform (fraud prevention, abuse detection), and operate core features (teacher dashboards, admin reporting).
Data storage and retention
Attendance records are stored in Google Firebase (Firestore) in a region appropriate for the service.
We retain attendance records for institutional reporting or as required by policy; contact your institution or us to inquire about retention periods.
Sharing
We do not sell your data.
We share limited data with service providers (e.g., Firebase) to operate the app under appropriate data processing terms.
Your choices and rights
You can request access or deletion of your account data, subject to legitimate interests and institutional policies.
You can deny optional permissions (Location/Bluetooth). Without them, check-in may not work where proximity verification is required.
Security
We use industry-standard security controls, including authenticated access, access rules, and server-side verification (e.g., signed QR tokens).
Children
Use of the app may be provisioned by educational institutions. If you believe a minor’s data is processed improperly, contact us.