A.
Aires
Time & attendance

Privacy Policy

Last updated: June 12, 2026

This Privacy Policy describes how General Computer Solution Company Limited ("we", "us") collects, uses, and shares information when you use the Aires website at https://aires.club and the Aires Monitor, Aires Notify, Aires Meet, Aires Web, Aires Monitor Lite, Sidekin, and Aires Attendance Pro mobile applications (collectively, the "Service").

1. Data we collect

When you create an account or use the Service, we collect:

  • Name and email address — to identify and authenticate your account.
  • Phone number — when you choose to verify your phone via SMS / Firebase Phone Authentication. Used solely for verification and (if you enable it) for SMS-channel monitor alerts.
  • Account identifier (User ID) — an internal numeric ID assigned at sign-up.
  • Device push token (Device ID) — a unique token issued by Apple (APNs) or Google (FCM) when you install the mobile app, used only to deliver push notifications you have subscribed to.
  • Customer support messages — chat messages between you and our support team via the in-app chat.
  • Monitor configurations and probe results — the URLs, intervals, and thresholds you configure, plus the up/down history we generate by probing them.
  • Attendance records (Aires Attendance Pro only) — clock in/out timestamps, regular and overtime durations, and optional shift, QR check-in, and geofence data. If you join a team, the team owner/administrator can view your attendance summary, individual punches, and — where geofencing is enabled — the location at which you clocked in or out.
  • Location (Aires Attendance Pro only) — when you tap clock in or clock out, and only if your employer has enabled geofencing for your team, the app reads your device GPS location once to confirm you are inside the designated workplace. Location is read only at the moment you punch; the app never tracks your location in the background or while it is closed. See section 3.

2. How we use your data

We use the data above only to operate the Service: to authenticate you, deliver notifications you have subscribed to, run scheduled checks against the URLs you configure, provide customer support, and — in Aires Attendance Pro — record your work hours and, where your employer enables it, confirm you are at the workplace when you clock in or out. We do not sell your data, share it with data brokers, or use it for third-party advertising.

3. Location data (Aires Attendance Pro)

This section applies only to Aires Attendance Pro. The other Aires apps do not request your location.

  • When it is collected — only at the instant you tap Clock in or Clock out (including overtime), and only when your employer/team has turned on geofenced attendance. There is no continuous, background, or "always" location access.
  • What is collected — a single GPS coordinate (latitude and longitude) and its accuracy, captured at the moment you punch.
  • How it is used — to measure the distance between you and the workplace your team configured and decide whether the punch is allowed (you must be at the workplace to clock in or out). The coordinate is stored on that attendance record so your team owner can confirm where the punch happened.
  • Sharing — location is visible only to you and, if you belong to a team, to that team owner/administrators. It is never sold, shared with data brokers, or used for advertising.
  • Control — you grant location permission through your operating system and can revoke it at any time in iOS or Android Settings. If geofencing is not enabled for your team, the app does not request location at all.
  • Retention — clock in/out coordinates are kept as part of your attendance history and are erased when you or your team owner delete the record, or when you delete your account.

4. Third-party services

To deliver the Service we rely on the following processors:

  • Apple Push Notification service (APNs) and Google Firebase Cloud Messaging (FCM) — to deliver push notifications to your device.
  • Firebase Phone Authentication — to verify phone numbers via SMS one-time codes.
  • Email, SMS, Telegram, and LINE providers — only when you enable the corresponding notification channel.
  • Payment processors (Stripe, Omise) — only if you create a paid subscription on the website. Payment card data is entered on the processor's page and never reaches our servers.

5. Face data (identity verification)

When you choose to verify your identity from Profile → Identity verification, you upload two images: a photo of your government-issued ID and a selfie taken with your device camera. We use these images solely to confirm that the face on the ID matches your live face. They are processed as follows:

  • What is collected — Two images you submit during the verification flow: an ID-document photograph and a selfie. The app derives from them a numeric similarity score (0–10000) and a verification timestamp.
  • How it is used — Solely to compute a face-match similarity score and, on a successful match, grant a "Verified" trust badge on your account. Face data is never used for advertising, profiling, or sharing with any third party.
  • Where it is processed — Both images are forwarded once to our internal face-comparison service (InsightFace) hosted on our private network in Thailand. The comparison runs server-side and returns only a similarity score.
  • Sharing with third parties — Face data is NOT shared with any third party. The comparison runs on our own infrastructure; no cloud face-recognition vendor (AWS Rekognition, Azure Face, Google Cloud Vision, etc.) is contacted, and no image leaves our network.
  • Retention — Raw face images are NOT retained. They exist only in a temporary upload directory during the single HTTP request and are deleted immediately after the comparison completes. Only the numeric similarity score and the verification timestamp are stored on your user record. Both are erased when you delete your account (Profile → Delete account).
  • Optional and revocable — Identity verification is entirely optional. You can use Aires without it. If you have verified and want the verification removed, email support@aires.club or delete your account.

6. Biometric authentication (Face ID / Touch ID)

Separately from the optional identity verification described above, each Aires mobile app supports unlocking the app with Face ID or Touch ID after your first sign-in. This is a convenience feature distinct from identity verification:

  • Implementation — Apple’s LocalAuthentication framework handles the entire biometric check on-device.
  • What we receive — Only a Boolean success or failure result. No facial scan, fingerprint, or biometric template is collected by Aires, stored on our servers, transmitted off the device, or shared with any third party.
  • Where the data lives — Apple’s biometric system performs the match inside the device’s Secure Enclave; the Aires app is never given access to the underlying biometric data.
  • Fallback — If biometric authentication fails or is unavailable, the app falls back to standard email/password sign-in.
  • Opt-out — You can disable biometric unlock at any time from iOS Settings → the relevant Aires app → Face ID (or Touch ID).

7. Data retention and deletion

Account data is retained while your account is active. You can delete your account at any time from inside the app (Profile → Delete account) or by emailing the contact address below. On deletion we remove your account, monitors, attendance records, chat history, device tokens, and the face-verification similarity score within 30 days.

8. Subscriptions and in-app purchases

This section applies to the Aires apps that offer an optional paid subscription — Aires Monitor Lite, Sidekin, and Aires Attendance Pro. The other Aires apps do not use in-app purchases.

  • Payments are processed by the app store you installed from (Apple App Store or Google Play). We never receive or store your card number, bank details, or billing address — those are handled by Apple or Google under their own privacy policies.
  • To unlock paid features we process your subscription status (trial, active, or expired), the product you purchased, and the purchase token or receipt. We verify the receipt with Apple or Google and store the resulting entitlement against your account. We do not use this information for advertising.
  • Free tiers and trials are time-limited; no payment is taken until a trial converts to a paid subscription. You can manage or cancel your subscription at any time in your app store account — cancelling stops future renewals and access continues until the end of the period you have already paid for.

9. Security

Data is transmitted over HTTPS. Passwords are hashed using industry-standard algorithms (bcrypt). Push tokens are stored encrypted at rest. Sensitive identifiers such as phone numbers are stored in encrypted form where possible.

10. Your rights

You may at any time request a copy of the data we hold about you, request correction of inaccurate data, or request deletion. Send requests to the contact email below.

11. Children

The Service is not directed at children under 13 and we do not knowingly collect data from them.

12. Changes

We may update this Policy from time to time. Material changes will be announced via email or an in-app banner before they take effect.

13. Contact

General Computer Solution Company Limited
Email: support@aires.club