1. Introduction
This Privacy Policy explains how we collect, use, process, and protect your personal information when you use our website, GrowchainAI platform, and related services.
Legal Compliance: This policy complies with Information Technology Act, 2000 and SPDI Rules, 2011.
Privacy Commitment: Stragure is committed to protecting your privacy and personal data with industry-leading security practices.
🔹 Personal Information
- Contact Information: Name, email, phone, company details
- Account Information: Username, password, preferences
- Voice Data: Voice recordings and speech transcripts processed only with explicit user consent for AI-powered voice assistant functionality
- Biometric Information: When facial attendance features are enabled, the platform may generate and store a facial biometric template (embedding) for identity verification and attendance purposes. Original facial images captured during enrollment or attendance verification are processed solely for identity verification, liveness detection, and generation of biometric templates, and are not retained after processing unless required for operational, legal, audit, or compliance purposes.
- Liveness Verification Data: The platform may process liveness detection signals to verify that attendance submissions originate from a live person and to prevent spoofing attempts.
🔹 Technical Information
- Device Data: IP address, browser type, device identifiers
- Usage Analytics: Pages visited, interaction patterns
- Tracking: Cookies and similar technologies
Voice AI Special Note: Voice data is processed with advanced encryption and stored only with your explicit consent for platform functionality.
Biometric Privacy Notice: Facial attendance functionality uses biometric templates generated from facial images for attendance verification. Original facial images are not retained after processing. Only biometric templates required for matching are stored securely.
- Platform Services: Provide and maintain GrowchainAI platform
- Voice AI Processing: Process voice recordings, speech transcripts, and AI-powered enterprise workflow requests using secure backend infrastructure and OpenAI APIs
- Security: Authentication and account protection
- Support: Customer service and platform improvements
- Compliance: Legal requirements and business operations
🔹 AI Voice Assistant & Third-Party AI Processing
GrowchainAI includes AI-powered voice assistant and natural-language processing features.
When users interact with voice assistant functionality, certain data may be securely transmitted to and processed by trusted third-party AI service providers, including OpenAI APIs, solely for the purpose of providing requested functionality such as:
- Speech recognition and transcription
- Natural-language understanding
- AI-powered responses and workflow assistance
This processing may include:
- Voice recordings captured while actively using voice assistant features
- Speech transcripts generated from user voice input
- Work-related operational requests such as leave applications, payroll queries, approvals, employee search, attendance requests, inventory queries, procurement workflows, and other enterprise operations initiated by the user
- Authenticated user account context required to fulfill enterprise workflow requests
Voice and AI processing occurs only after the user provides explicit in-app consent.
Data is transmitted over encrypted connections and is not sold to third parties.
Voice recordings are processed transiently for transcription and are generally not retained after processing by our backend proxy infrastructure unless required for operational, legal, audit, or compliance purposes.
Data transmitted through OpenAI APIs is not used to train AI models.
AI Privacy Commitment: Users should avoid submitting highly sensitive personal information such as passwords, banking credentials, or government identification numbers through AI voice interactions.
🔹 Facial Recognition & Attendance Verification
The platform may provide facial-recognition-based attendance functionality for organizations that enable this feature.
Facial biometric templates and liveness verification data are used solely for:
- Employee identity verification
- Attendance recording and validation
- Prevention of impersonation and attendance fraud
- Liveness verification and anti-spoofing protection
Biometric data is not used for advertising, profiling, marketing, or purposes unrelated to attendance management and authorized workforce operations.
Biometric templates are retained only for as long as required to provide attendance verification services, comply with legal obligations, or satisfy organizational record-retention requirements, after which they are securely deleted.
Transparency Promise: We never sell your data to third parties. Your information is used solely to provide and improve our services.
4. Location Data
GrowchainAI may collect precise location information from authorized users of the Sales Representative application.
🔹 Data Collected
- Precise GPS location captured during attendance punch-in, punch-out, and field-visit check-ins.
- Device-generated location coordinates and timestamps.
- Background location updates may be collected on supported platforms, such as Android, where continuous duty tracking is enabled and the user has granted the required permissions.
🔹 Purpose of Collection
Location data is collected solely for legitimate business purposes, including:
- Employee attendance verification
- Field-visit and customer visit verification
- Route and field activity tracking where enabled
- Workforce management and operational reporting
- Safety and compliance monitoring
🔹 Platform-Specific Location Behavior
On iOS devices, GrowchainAI collects precise location information only while the application is actively in use. The iOS application does not request 'Always' location permission and does not perform background location tracking.
On supported platforms and configurations where duty tracking is enabled, the application may collect background location information after obtaining the necessary permissions from the user.
🔹 Data Sharing
Location data is not sold to third parties. Location information may be shared only with:
- The user's employer organization using GrowchainAI
- Service providers required to operate the platform
- Government authorities when required by applicable law
🔹 Data Retention
Location records are retained according to the organization's configured retention policies and applicable legal requirements.
🔹 User Controls
Users may disable location permissions through device settings. On iOS, users can manage permissions by navigating to Settings → Privacy & Security → Location Services → GrowchainAI. Disabling location access may limit attendance verification, field-visit check-ins, and field-tracking functionality.
Location Privacy Notice: GrowchainAI collects precise location information for attendance verification, field operations, and authorized workforce management purposes. On iOS, location is collected only while the app is in use. Background location tracking is available only on supported platforms and configurations where users have granted the required permissions.
5. Google Workspace and Google Calendar Data
GrowchainAI may integrate with Google Workspace services, including Google Calendar, when a user explicitly authorizes access through Google's OAuth consent process.
🔹 Information We Access
- Google Calendar events and schedules
- Meeting details and event metadata
- Calendar availability and free/busy information
- User profile information required for authentication and account linking
- Other Google Workspace information explicitly authorized by the user
🔹 How We Use Google User Data
Google Workspace and Google Calendar information is accessed and processed solely to provide user-requested functionality within the GrowchainAI platform.
- Calendar synchronization
- Meeting scheduling and coordination
- Appointment and event management
- Workflow automation initiated by the user
- Productivity and collaboration features
- Enterprise operations and business process management
🔹 Sharing, Transfer and Disclosure of Google User Data
GrowchainAI does not sell Google user data to third parties.
Google user data may be shared, transferred, or disclosed only in the following circumstances:
- To the authenticated user who authorized the access
- To authorized administrators within the user's organization where required for enterprise operations requested by the user
- To cloud hosting, infrastructure, security, monitoring, backup, email delivery, and support service providers strictly required to operate, maintain, and secure the GrowchainAI platform
- To comply with applicable laws, regulations, court orders, legal processes, or governmental requests
- With the user's explicit consent
Google Workspace and Google Calendar data are protected using industry-standard security controls and are accessed only for the purposes authorized by the user.
Google Data Protection: Google Workspace and Google Calendar information is used only to provide requested platform functionality and is never sold to third parties.
6. Google API Services User Data Policy Compliance
GrowchainAI's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Google Workspace API data is accessed, used, stored, and transferred only to provide user-facing features requested by the user and in accordance with Google's Limited Use requirements.
🔹 Limited Use Compliance
Information obtained through Google Workspace APIs is used only to provide or improve user-facing features that are visible, prominent, and directly requested by users.
GrowchainAI does not use Google Workspace API data for:
- Advertising purposes
- Marketing campaigns
- Building advertising or marketing profiles
- Selling user information to third parties
- Credit-worthiness determination
- Insurance eligibility determination
- Employment eligibility decisions unrelated to requested functionality
- Data brokerage activities
🔹 Artificial Intelligence and Machine Learning Restrictions
- Google Workspace API data is not used to develop, improve, train, fine-tune, evaluate, or operate generalized artificial intelligence (AI) models or machine learning (ML) models.
- Google Workspace API data is not used to train foundation models, large language models (LLMs), generative AI systems, or any generalized machine learning technologies.
- Google Workspace API data is not used to create datasets for training artificial intelligence systems.
- Any processing of Google Workspace API data is limited solely to providing user-requested functionality within the GrowchainAI platform and is performed in accordance with the Google API Services User Data Policy and Limited Use requirements.
- No Google Workspace API data is used for model training, model improvement, analytics unrelated to user-requested functionality, advertising, marketing, or product development purposes.
Compliance Statement: GrowchainAI's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Google Workspace API data is never sold and is never used to train, improve, fine-tune, evaluate, or operate generalized artificial intelligence or machine learning models.
7. Data Security
- 🔐 Encryption: Military-grade encryption in transit and at rest
- 🛡️ Access Controls: Multi-factor authentication & role-based access
- 🎙️ Voice Protection: Advanced encryption for voice data processing
- 🤖 AI Processing Security: Audio and AI-related data is transmitted through encrypted connections and processed through secured backend proxy infrastructure
- 👤 Biometric Protection: Facial biometric templates are stored securely using industry-standard security controls. Access is restricted to authorized personnel and system processes required for attendance verification.
- 🔍 Regular Audits: Continuous security assessments
Enterprise Security: Government-grade security measures protect your sensitive business data, voice interactions, and biometric templates.
8. Your Rights and Choices
- 📥 Access: Get a copy of your personal data
- ✏️ Correct: Fix inaccurate or incomplete information
- 🗑️ Delete: Request removal of personal information
- 📧 Opt-out: Unsubscribe from marketing communications
- 🚫 Withdraw: Remove consent for data processing
- 👤 Biometric Data: Request information regarding biometric data associated with your account and, where permitted by organizational policy and applicable law, request its deletion.
For questions about this Privacy Policy or our data practices:
Privacy Inquiries: privacy@stragure.com