Privacy Policy

1. Introduction and scope

This Privacy Policy describes how Legend Systems ("we", "us", "our") collects, uses, and shares information in connection with the LORO mobile application and LORO web platform (together, "LORO" or the "App"). LORO is a workforce management, attendance tracking, and field operations platform. By using LORO, you agree to the practices described in this policy. The entity named in the Google Play store listing for the LORO app is the same as the developer referenced in this policy.

2. Data we collect and how we use it

We collect and use the following categories of data to provide and improve the App, and to comply with legal obligations.

Account and authentication

We use Clerk to manage sign-in and account identity. This may include your email address, name, and profile information that you or your organisation provide. We use this data to authenticate you, manage your account, and sync your identity across the mobile and web apps.

Location (mobile app)

The LORO mobile app requests access to your device location (including in the background) to track your work location during active shifts and for attendance and visit-related features. Location data is collected only when you are clocked in or when the app is used for work-related activities. We do not use location for advertising. You can revoke location permission in your device settings at any time.

Camera and photos (mobile app)

The LORO mobile app may use your device camera and photo library to capture or attach images to visits and work activities (e.g. proof of visit, documentation). Photos you take or select are uploaded to our systems in connection with those features. We do not use camera or photo data for advertising.

Biometrics (mobile app)

The app may offer optional biometric authentication (e.g. Face ID, fingerprint) to unlock the app quickly and securely. Biometric data is processed locally on your device and is not sent to our servers or stored by us.

Notifications

We may send push notifications (e.g. shift reminders, attendance alerts, updates) if you enable notifications. You can disable these in your device or app settings.

Analytics and crash reporting

We use Sentry for error and crash reporting and to improve app stability. This may include device information, app version, and in some cases data that helps us diagnose issues (e.g. IP address or user context). We configure these tools in line with our need to fix bugs and improve the service.

Usage and web platform

When you use the LORO web platform, we receive information necessary to provide the service (e.g. requests to our servers, session data). We may use cookies or similar technologies for authentication and security. We do not sell your personal or sensitive data.

3. How we share data

We share data only as needed to operate the App and as described below. We do not sell your personal or sensitive user data.

• Service providers: We use Clerk (authentication) and Sentry (crash/error reporting). These providers process data on our behalf under contractual obligations to protect your data.
• Your organisation: If you use LORO through an organisation (e.g. employer), attendance, location, and visit-related data may be visible to that organisation for workforce and operations management.
• Legal and safety: We may disclose data where required by law or to protect rights, safety, or property.

4. Data retention and deletion

We retain your data for as long as your account is active or as needed to provide the service, comply with law, or resolve disputes. You may request deletion of your account and associated personal data. When you request account deletion, we will delete or anonymise your personal data in line with our retention and deletion policy, except where we must retain data for legal, security, or fraud-prevention reasons. Temporary deactivation or disabling of an account does not qualify as deletion. You can request account deletion from within the App or by contacting us (see Contact below).

5. Security

We implement appropriate technical and organisational measures to protect your personal and sensitive data against unauthorised access, alteration, disclosure, or destruction. This includes secure transmission (e.g. HTTPS), access controls, and secure handling of data by our systems and service providers.

6. Your rights

Depending on your location, you may have the right to access, correct, or delete your personal data, object to or restrict processing, or data portability. You can update account details in the App where available. To exercise your rights or submit a privacy inquiry, contact us using the details below. You may also have the right to lodge a complaint with a supervisory authority.

7. Contact

This Privacy Policy is issued by Legend Systems for the LORO application. For privacy-related questions, requests (including account or data deletion), or to submit inquiries, please contact:

Email: brandon@legendsystems.co.za

We will respond to legitimate requests in accordance with applicable law.

We may update this Privacy Policy from time to time. We will post the updated policy on this page and indicate the last updated date. Continued use of LORO after changes constitutes acceptance of the revised policy.