Legal & Privacy

Privacy Policy

Last Updated: March 27, 2026 MemoFaceAI - Face Recognition Attendance System
Select App
Table of Contents
  1. Introduction
  2. Information We Collect
  3. How We Use Your Information
  4. Biometric Data (Face Recognition)
  5. Location Data & Geofencing
  6. App Permissions
  7. Data Storage & Security
  8. Data Sharing & Third-Party Services
  9. Background Processing
  10. Notifications
  11. Data Retention
  12. Data Deletion Policy
  13. Your Rights
  14. Children's Privacy
  15. Changes to This Policy
  16. Contact Us

1 Introduction

Welcome to MemoFaceAI ("we", "us", "our"). MemoFaceAI is a face-recognition-based attendance tracking application designed for both corporate organizations and educational institutions to manage attendance efficiently and securely.

This Privacy Policy explains what information we collect, how we use it, and the choices you have regarding your data when you use our mobile application ("App"). By using MemoFaceAI, you agree to the collection, use, and handling of your information as described in this policy.

Terminology Note: Throughout this policy, the term "member" refers to any registered user within the App - this may be an employee (for corporate organizations) or a student (for educational institutions), depending on the type of organization using MemoFaceAI.

We are committed to protecting the privacy and security of your personal information in compliance with applicable data protection laws and regulations.

2 Information We Collect

a) Personal Information

When your organization registers you on the App, the following personal information may be collected:

  • Full name
  • Member ID (Employee ID for corporate organizations; Student/Roll Number for educational institutions)
  • Email address
  • Phone/contact number
  • Parent/guardian contact (if applicable)
  • Department and section/class assignment
  • Role within the organization (e.g., staff, accountant, student)

b) Biometric Data

  • Facial images: Multiple photographs of your face captured during the registration process
  • Biometric face templates: Compact mathematical representations derived from your facial images, used solely for identity verification during attendance marking. These cannot be reverse-engineered into facial images.
  • Liveness detection data: Processed during attendance to verify you are physically present (anti-spoofing)

c) Attendance Records

  • Entry and exit timestamps
  • Date of attendance
  • Associated department and section
  • Synchronization status (whether the record has been uploaded to the server)

d) Device Information

  • Device identifier (Android ID or iOS identifier)
  • Device brand and model name
  • Device type

e) Location Data

  • GPS coordinates (latitude and longitude) - collected only when geofencing is enabled by your organization and only at the time of marking attendance

f) Authentication Data

  • Username and login credentials (encrypted)
  • Session tokens for secure authentication
  • Tenant/organization identifiers

3 How We Use Your Information

We use the collected information strictly for the following purposes:

Data TypePurpose
Facial images & face templatesMember registration, identity verification, and attendance marking
Liveness detection dataPreventing fraudulent attendance using spoofed images or videos
Personal informationMember identification, organization management, and attendance records
Attendance recordsTracking entry/exit times for organizational reporting
Location dataVerifying the member is within the authorized geofenced area when marking attendance
Device informationDevice registration, session management, and ensuring authorized device usage
Authentication dataSecure login, session validation, and access control

We do not use your data for advertising, marketing, profiling, or any purpose unrelated to attendance management.

4 Biometric Data (Face Recognition)

Our App uses on-device machine learning models to process facial data. We take the handling of biometric data very seriously:

How Face Recognition Works

  1. Face Detection: The App uses an on-device model to detect faces in the camera feed. No images are sent to external servers for this step.
  2. Face Template Generation: A recognition model running entirely on your device converts facial images into a compact numerical template. This is a mathematical representation - not a photograph - used solely for verifying identity.
  3. Liveness Verification: An on-device anti-spoofing model checks that a real, physically present person is in front of the camera, protecting against fraudulent use of photographs or recordings.
  4. Identity Matching: The generated template is compared locally on the device against previously registered templates to confirm identity before recording attendance.

Key Safeguards:

  • All face detection, recognition, and liveness checks are performed entirely on-device - your facial images are never streamed to any external cloud service for processing.
  • Face templates are mathematical representations and cannot be reverse-engineered back into a facial image.
  • Facial images captured during registration are stored securely on the device and securely transmitted directly to your organization's encrypted server for backup and multi-device synchronization. This face data is securely stored and never shared with third parties.

5 Location Data & Geofencing

The App includes an optional geofencing feature that may be enabled by your organization. When geofencing is active:

  • Your GPS location is accessed only when you attempt to mark attendance.
  • Your location is compared against your organization's predefined geofence boundary to determine if you are within the authorized area.
  • If you are outside the geofenced area, the App displays a warning and prevents attendance from being marked.
  • Location data is processed in real-time and is not stored or transmitted - it is used only for the instant geofence check.

Note: If geofencing is disabled by your organization, no location data is collected or accessed at any time. Location access is never used for tracking your movement outside of the attendance marking flow.

6 App Permissions

The App requests only the permissions necessary for its core functionality:

PermissionWhy It's Needed
CameraCapturing facial images for member registration and real-time face recognition during attendance marking
Location (Fine & Coarse)Geofence verification - confirming the member is within the authorized area (only when geofencing is enabled)
InternetCommunicating with your organization's server for data synchronization, authentication, and member management
NotificationsDisplaying local notifications about pending attendance sync status and background sync results
Wake LockEnsuring background sync tasks complete reliably without interruption
Boot CompletedRestarting scheduled background sync tasks after the device is rebooted
Battery Optimization ExemptionRequested to ensure reliable background attendance sync - the user can choose to deny this
Photo Library / StorageAllowing selection of existing photos for member profile registration

All permissions are requested at runtime with clear explanations. You may deny any permission; however, doing so may limit certain features of the App.

7 Data Storage & Security

Local Storage (On-Device)

  • SQLite Database: Member profiles, biometric face templates, attendance records, department and section data, and attendance policy configurations are stored locally in an encrypted database on your device.
  • Shared Preferences: Session tokens, application settings, tenant configuration, and geofence parameters are stored in the device's secure key-value storage.
  • Local Files: Face images captured during registration are temporarily stored on the device file system.

Server Storage

  • Attendance records, member registration data (including facial images and face templates), and organizational configurations are synchronized with your organization's dedicated MemoFaceAI server.
  • All data transmission between the App and server uses authenticated API requests with Bearer token authentication (JWT).

Security Measures

  • Token-based authentication (JWT) for all API communications
  • Session validation to prevent unauthorized access
  • On-device biometric processing - face data is not sent to third-party cloud services
  • Automatic session expiration and re-authentication requirements

8 Data Sharing & Third-Party Services

We Do NOT Share Your Data With Third Parties

Your personal information, face data (including facial images and biometric templates), attendance records, and location data are never sold, rented, or shared with any third-party advertisers, data brokers, analytics providers, or external entities. All face data remains strictly confidential and is used solely for the attendance verification purposes described in Section 4.

On-Device Processing Libraries

The following libraries are used entirely on-device and do not transmit any data externally:

  • On-Device ML Runtime: Runs face detection, recognition, and liveness detection models locally on your device. No biometric data is sent to any third-party server.
  • Location Services Library: Accesses the device GPS solely for geofence verification. Location data is processed locally and not transmitted to any third party.

The App does not integrate any analytics services, advertising SDKs, crash reporting tools, or social media trackers.

9 Background Processing

The App uses background processing mechanisms (such as Android's WorkManager and iOS Background Tasks) to perform periodic background operations:

  • Attendance Sync: When the device has an internet connection, unsynced attendance records stored locally are automatically uploaded to your organization's server at regular intervals.
  • Member Data Sync: Member registration data is fetched from the server to keep the local database up to date.
  • Boot Persistence: After a device reboot, sync tasks are automatically rescheduled to ensure no attendance data is lost.

Background processing does not access your camera, microphone, or location. It only transfers previously recorded attendance data to the server.

10 Notifications

The App uses local notifications only (not push notifications from external servers) to inform you about:

  • Pending attendance records that have not yet been synced to the server
  • Background sync task status (success or failure)

No marketing, promotional, or third-party notifications are ever sent through the App.

11 Data Retention

  • Face Data: Facial images and biometric face templates are securely retained on our servers while the member's profile is active or deactivated by the organization. All associated face data is permanently deleted from our servers only upon explicit request or when the organization permanently deletes the user's account.
  • On-Device Data: Attendance records and member data are retained on the device until successfully synchronized with the server.
  • Server Data: Your organization controls the retention period for attendance records and member data stored on the MemoFaceAI server. The server securely stores this data even if an account is temporarily deactivated, until a deletion request is made.
  • Account Deactivation: When a member is deactivated by the administrator, access to the App is revoked and all local biometric data on their device is purged. However, their data on the server remains securely stored until graduation, termination, or an explicit deletion request is submitted.
  • Session Data: Authentication tokens expire automatically and are cleared upon logout.

12 Data Deletion Policy

We are committed to honoring your right to have your personal data - including sensitive biometric data - deleted upon request.

What Data Can Be Deleted

  • Facial images and biometric face templates
  • Personal information (name, member ID, contact details, department/class assignments)
  • Attendance records, subject to your organization's legal retention obligations
  • Device identifiers associated with your account
  • All active session tokens and authentication records

How to Request Data Deletion

To request deletion, email us at loveneesh@metaguard.in with the subject line "Data Deletion Request". Please include your full name, Member ID, and organization name.

Processing Timeframe

  • On-device data: Deleted immediately upon member deactivation or app uninstallation.
  • Server-side data: Processed within 30 days of a verified request.
  • Biometric data: Deletion is prioritized and completed within 15 business days.

Important: Because member accounts are created and managed by your organization, deletion of server-side data requires authorization from your administrator or a direct verified request to us.

13 Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Correction: Request correction of inaccurate or incomplete personal data.
  • Right to Deletion: Request deletion of your personal data, including biometric data, subject to your organization's policies and legal obligations.
  • Right to Restrict Processing: Request that we limit the processing of your personal data under certain circumstances.
  • Right to Withdraw Consent: Withdraw your consent for data processing at any time.
  • Right to Data Portability: Request your data in a structured, machine-readable format where technically feasible.

14 Children's Privacy

MemoFaceAI is designed for use in corporate organizations and educational institutions. While the App may be used by students in institutional settings, it is the responsibility of the institution to obtain appropriate parental or guardian consent for members under the age of 13 (or the applicable minimum age in your jurisdiction) before registering them in the App. We do not knowingly collect personal or biometric data from minors without proper organizational authorization.

15 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes:

  • The "Last Updated" date at the top of this policy will be revised.
  • We may notify your organization's administrator of significant changes.
  • Continued use of the App after changes are posted constitutes acceptance of the updated policy.

We encourage you to review this policy periodically.

16 Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact us:

If you have concerns about how your data is being handled by your organization through MemoFaceAI, please first contact your organization's administrator or data protection officer.

Table of Contents
  1. Introduction
  2. Information We Collect
  3. How We Use Your Information
  4. App Permissions
  5. Data Storage & Security
  6. Data Sharing & Third-Party Services
  7. Notifications
  8. Data Retention
  9. Data Deletion Policy
  10. Your Rights
  11. Children's Privacy
  12. Changes to This Policy
  13. Contact Us

1 Introduction

Welcome to MemoFace Parent ("we", "us", "our"). MemoFace Parent is a mobile companion application designed for parents and guardians whose children are enrolled in institutions using the MemoFaceAI attendance platform.

This app allows parents and guardians to monitor their child's school attendance in real time, receive instant push notifications for check-ins, check-outs, late arrivals, and absences, and review detailed daily and monthly attendance reports - directly from their smartphone.

Important: MemoFace Parent does not perform any face recognition, AI processing, biometric data collection, or location tracking. It is a read-only companion viewer app that receives and displays attendance data from your institution's MemoFaceAI system. No camera access is required or requested.

By using MemoFace Parent, you agree to the collection, use, and handling of your information as described in this policy. We are committed to protecting your privacy in compliance with applicable data protection laws and regulations.

2 Information We Collect

MemoFace Parent collects only the minimum information necessary to authenticate you and display your child's attendance data.

a) Authentication Credentials (entered by you at login)

  • Parent Contact Number: Your registered phone number, used to identify your parent account with the institution.
  • Student ID: Your child's unique identifier (e.g., STU-2024-001), used to retrieve the correct child's attendance data.
  • Institute ID (Tenant ID): Your institution's unique identifier, used to connect to the correct institution's server.

b) Data Returned by the Server After Login

  • Parent Name: Your name as registered with your institution - displayed in the app dashboard.
  • Secure Session Token: A temporary token issued by the server and stored locally on your device to keep you logged in between sessions. This is cleared immediately when you log out.
  • Child Profile Data: Your linked child's name, student ID, department, section, class, and institution name - displayed on the dashboard and report screens.

c) Device Identifier (for Push Notifications)

  • Push Notification Identifier: A unique identifier automatically generated for your device by Apple's or Google's notification service. This identifier is sent to your institution's server so that it can deliver attendance alerts directly to your phone. It does not identify you personally and cannot be used to track you.

d) Locally Stored Data on Your Device

  • Session preferences: Your login state, parent name, contact number, tenant ID, and authentication token - stored in the app's local secure storage (SharedPreferences) to keep you logged in between sessions.
  • Push notification history: The last 10 push notifications received (title, body, timestamp, and type) - stored locally on your device only. Never transmitted to any server.
  • Theme preference: Your selected light or dark mode preference - stored locally.

We do not collect: No biometric data, no facial images, no GPS location, no camera access, no microphone access, no contacts, no files, and no browsing history. This app collects only what is listed above.

3 How We Use Your Information

All data collected is used strictly for the following purposes:

DataPurpose
Parent contact, Student ID, Institute ID Authenticate your account with your institution's MemoFaceAI server
Secure session token Maintain your logged-in session and authorize data requests to the server
Parent name & child profile data Display the correct information on the dashboard and report screens
Push notification identifier Enable the institution's server to send you attendance alerts for your child directly to your device
Notification history (local) Display your last 10 attendance alerts in the Notifications screen - stored on-device only
Theme preference Remember your light/dark mode setting across app sessions

We do not use your data for advertising, profiling, marketing, analytics, or any purpose other than delivering the attendance information described above.

4 App Permissions

MemoFace Parent requests only the permissions strictly required to deliver its functionality. It does not request camera, microphone, location, contacts, or storage access.

PermissionWhy It's Needed
Internet Required to communicate with your institution's server to authenticate your account and retrieve attendance data, and to connect to Firebase Cloud Messaging for push notifications
Push Notifications Required on iOS and Android 13+ to display push notification alerts when your child's attendance is recorded. Without this, notifications cannot be shown.
Receive Boot Completed Allows the app to restore its Firebase Cloud Messaging listener after the device is restarted, ensuring you continue to receive attendance notifications after a reboot
Battery Optimization Exemption (optional) Optionally requested (on Android devices) to prevent the OS from killing the app's background notification delivery. You will be prompted and can freely choose to deny this - the app will still work, but background notifications may occasionally be delayed by battery-saving modes on some devices

All permissions are requested at runtime with clear explanations. Denying the notification permission means you will not receive push alerts, but all other app features (attendance reports, dashboard) will continue to work normally.

5 Data Storage & Security

What Is Stored Locally on Your Device

The following data is stored in the app's local secure storage on your device only:

  • Login state (whether you are currently logged in)
  • Parent contact number, tenant ID, and parent name
  • Secure session token (to keep you logged in between sessions)
  • Push notification identifier (to receive attendance alerts)
  • Last 10 push notifications received (title, body, timestamp, type)
  • Dark/light mode preference

This data is stored only on your personal device and is never shared with any third-party service (except your device's push notification identifier, which is shared with the institution's server as described in Section 3).

Communication with Your Institution's Server

All API requests from the app to your institution's MemoFaceAI server are secured with:

  • Session token authentication - every request is authorized with a valid session token
  • Encrypted connection \(HTTPS\) - all data in transit is encrypted

The app reads attendance data (daily logs, monthly reports) from the server but does not write or modify any attendance records. It is a read-only viewer.

What Happens When You Log Out

Tapping "Logout" in the Settings screen immediately clears all locally stored session data from your device - your contact number, session token, push notification identifier, parent name, and institution ID are all permanently deleted from local storage. Your notification history is also cleared.

6 Data Sharing & Third-Party Services

Your Institution's Server

During login and while using the app, the following data is transmitted to your institution's MemoFaceAI server:

  • Parent contact number, Student ID, and Institute ID (for authentication)
  • A push notification identifier for your device (so that the server can send attendance alerts to your phone)

This server is operated by your institution and is governed by your institution's data policies. MemoFace Parent only reads attendance data from this server - it does not upload any attendance records.

Push Notification Services

The app uses platform push notification services (such as Google Firebase for Android and Apple Push Notification Service for iOS) to receive attendance alerts. When the app registers for notifications, a unique device identifier is automatically generated and stored on your device. This identifier is then sent to your institution's server so that it can route attendance alerts to your specific device.

The use of data through these notification platforms is governed by their respective providers' privacy policies (e.g., Google and Apple). No personal information beyond this device identifier is shared with these services.

What We Do NOT Share

  • Your data is never sold to any third party.
  • The app contains no advertising SDKs, analytics libraries, crash reporting tools, or social media trackers.
  • Your phone number, Student ID, attendance records, and notification history are never shared with any entity other than your institution's own server.

7 Notifications

MemoFace Parent uses push notifications to deliver real-time attendance alerts directly from your institution's server to your device. These are triggered by your institution's system when your child's attendance is recorded - not by us.

Notification Types

  • Check-In Alert: Sent when your child enters school (attendance recorded as "Entry")
  • Check-Out Alert: Sent when your child exits school (attendance recorded as "Exit")
  • Absent Alert: Sent when your child is marked absent
  • Late Alert: Sent when your child's check-in is recorded as late

How Notifications Are Stored

  • When a notification is received, it is saved to the app's local device storage only - it is not transmitted to any server.
  • Only the last 10 notifications are retained. Older ones are automatically removed as new ones arrive.
  • All notification history is permanently deleted when you log out or uninstall the app.

No marketing, promotional, or unrelated notifications are ever sent through MemoFace Parent.

8 Data Retention

  • Local session data (login credentials, tokens, preferences) is retained on your device until you log out or uninstall the app.
  • Notification history is retained locally on your device - capped at the last 10 notifications. It is cleared when you log out or uninstall the app.
  • Attendance records and child profile data displayed in the app are stored on and controlled by your institution's MemoFaceAI server. The retention of this server-side data is governed by your institution's policies and applicable law.
  • Push notification identifier registered with your institution's server persists until you log in again (which generates a fresh identifier) or until your institution's administrator removes your account.

9 Data Deletion Policy

Deleting Local Data Instantly

You can delete all locally stored data on your device at any time by tapping Settings ? Logout inside the app. This immediately and permanently removes:

  • Your login credentials and session token from local storage
  • Your parent name, contact number, and institution ID
  • Your push notification identifier from local storage
  • Your notification history (all stored alerts)
  • Your theme preferences

Alternatively, uninstalling the app from your device will also remove all locally stored data.

Requesting Deletion of Server-Side Data

For deletion of your account or attendance data from the institution's server, please contact your institution's administrator directly. If you wish to request deletion of any data held by MetaGuard Mobitech, please email us at loveneesh@metaguard.in with the subject "Data Deletion Request - MemoFace Parent" and include:

  • Your full name and parent contact number
  • Your student's name and Student ID
  • Your institution name

We will process verified requests within 30 days and confirm deletion via email.

Note: Attendance records on the institution's server are managed by the institution. We will coordinate with the institution on your behalf but cannot unilaterally delete data the institution is legally required to retain.

10 Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right to Access: Request a summary of the data we hold about you.
  • Right to Correction: Request correction of incorrect personal data (e.g., phone number) by contacting your institution's admin.
  • Right to Deletion: Request deletion of your locally stored and server-side data as described in Section 9.
  • Right to Restrict Processing: Request that we limit the processing of your personal data under certain circumstances.
  • Right to Withdraw Consent: Withdraw your consent at any time by logging out of the app and contacting your institution's admin to remove your account.
  • Right to Data Portability: Request a copy of your data in a structured format where technically feasible.

To exercise any of these rights, contact your institution's administrator or reach out to us using the contact details in Section 13.

11 Children's Privacy

MemoFace Parent is an app used by parents and guardians - not by children. The app is intended for adults (18+) who are the registered parents or guardians of students enrolled in institutions using the MemoFaceAI platform.

The app displays attendance data belonging to enrolled students (who may be minors), but this data is provided by the institution's server and was collected under the institution's consent policies. The MemoFace Parent app itself does not directly collect any personal data from or about children - it only displays data that the institution's system has already authorized for the parent to see.

If you believe your child's attendance data is being shared without proper authorization, please contact your institution's administrator and us at loveneesh@metaguard.in immediately.

12 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, applicable law, or app functionality. When we make material changes:

  • The "Last Updated" date at the top of this page will be revised.
  • For significant changes, we may send a notification through the app or notify you via email.
  • Continued use of the MemoFace Parent app after changes are posted constitutes acceptance of the updated policy.

We encourage you to review this policy periodically. The latest version is always available at this URL.

13 Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data in the MemoFace Parent app, please contact us:

We aim to respond to all privacy-related inquiries within 5 business days.

Table of Contents
  1. Introduction
  2. Information We Collect
  3. How We Use Your Information
  4. Pass Management Data
  5. App Permissions
  6. Data Storage & Security
  7. Data Sharing
  8. Notifications
  9. Data Retention
  10. Data Deletion
  11. Your Rights
  12. Children's Privacy
  13. Changes to This Policy
  14. Contact Us

1 Introduction

Welcome to MemoAccess ("we", "us", "our"). MemoAccess is a comprehensive Institute Management System application designed for educational institutions. It enables staff, wardens, and administrators to manage student records, attendance, hostel operations, library usage, pass issuance, and more - all from a single mobile interface.

This Privacy Policy explains what data we collect through the MemoAccess app, how we use it, and the controls available to you. By using MemoAccess, you agree to the practices described in this policy.

Who uses this app? MemoAccess is used exclusively by authorized staff of institutions (teachers, wardens, administrators, supervisors). Students' data is processed on their behalf by institutional staff who are bound by institutional data governance policies.

2 Information We Collect

a) Staff Account Information

  • Full name, username, and encrypted password
  • Email address and contact number
  • Role and department assignment
  • Profile photograph (optional)
  • Session tokens for secure authentication

b) Student Records (Processed on Behalf of Institution)

  • Student ID (EmployeeAppID), full name, date of birth, gender
  • Contact number and parent/guardian contact
  • Father's name and emergency contacts
  • Department, section, course, and batch assignment
  • Hostel room and bed assignment
  • Library and seat assignment
  • Profile photograph

c) Pass Management Records

  • Pass type (Room Pass, Gate Pass, Mobile Pass, Home Break Pass)
  • Pass issuance datetime and expected return datetime
  • Purpose of pass and any accompanying remarks
  • Companion information (e.g., "Alone", "Parent", "Guardian", "Group")
  • Parent/guardian contact provided at pass issuance
  • Device name and reason (for Mobile Passes)
  • Actual return datetime and closing remarks
  • Identity of the staff member who issued or closed the pass

d) Attendance Records

  • Student check-in and check-out timestamps
  • Attendance status (present, absent, late, on-leave)
  • Associated class, section, and subject details

e) Hostel & Library Records

  • Room occupancy status and bed assignments
  • Library entry/exit logs and seat allocation records

f) Device & Session Information

  • Device model and operating system (for session management)
  • Login timestamps and session identifiers

3 How We Use Your Information

Data TypePurpose
Staff account dataAuthentication, role-based access control, and audit logging
Student personal dataStudent identification, record management, and institutional operations
Pass recordsIssuing, tracking, and closing student movement passes; discipline analytics
Attendance recordsGenerating attendance reports for staff and institutional administration
Hostel & library recordsOccupancy management, resource allocation, and facility tracking
Device & session dataSecuring sessions and preventing unauthorized access

We do not use any data collected through MemoAccess for advertising, marketing, profiling, or any purpose unrelated to institutional management operations.

4 Pass Management Data

MemoAccess includes a Pass Management module that enables authorized staff to issue, track, and close student movement passes. We handle this data with particular care:

Pass Types Supported

  • Room Pass - Authorizes a student to leave their room for a specified purpose and time period within the campus.
  • Gate Pass - Authorizes a student to exit the campus premises temporarily and return by a specified time.
  • Mobile Pass - Authorizes a student to use their mobile device for a specified duration.
  • Home Break Pass - Authorizes a multi-day home visit with departure and return dates.

How Pass Data is Used

  • Pass records are created when an authorized staff member issues a pass for a specific student.
  • Records include the issuing staff member's identity for full accountability.
  • Pass closure records the actual return time and the staff member who confirmed the return.
  • Historical pass data is used for discipline analytics - identifying on-time vs. late return patterns to assist institutional administration.

Access Controls: Only staff members with an active, authorized account within your institution can issue or close passes. All actions are logged with timestamps and staff identity for full audit traceability.

Retention of Pass Records

Pass records are retained as part of the student's institutional record for the duration of their enrollment plus one additional year, or as directed by your institution's data governance policy, whichever is longer.

5 App Permissions

PermissionWhy It's Needed
Internet AccessRequired to connect to the institution's server to fetch and sync all data.
CameraUsed for scanning student QR codes or capturing profile photos during registration or pass issuance.
Storage / MediaUsed to upload student profile photos and access saved documents.
NotificationsUsed to alert staff of important events such as expired passes, pending approvals, or announcements.

All permissions are requested at the point of use and can be revoked at any time through your device settings. Revoking a permission may limit related app functionality.

6 Data Storage & Security

  • All data is stored on secured, encrypted servers hosted by your institution or a cloud provider contracted by MetaGuard Mobitech.
  • All data transmission between the app and the server is encrypted using HTTPS/TLS.
  • Authentication tokens are stored securely on-device and are invalidated upon logout or session expiry.
  • Passwords are stored as one-way hashed values - they are never stored in plain text and cannot be retrieved by anyone including MetaGuard Mobitech staff.
  • All sensitive operations (pass issuance, closures, record edits) are logged in a tamper-evident audit trail.
  • Access to data is scoped strictly to your institution - no data is accessible across tenant boundaries.

7 Data Sharing

We do not sell, rent, or trade any data. Data may be shared only in the following limited circumstances:

  • Within the institution: Data is accessible to authorized staff of the same institution based on their role and access permissions.
  • Technical service providers: We use trusted infrastructure providers (e.g., hosting) bound by data processing agreements to provide the service.
  • Legal obligations: We may disclose data if required by law, court order, or regulatory authority with proper jurisdiction.

Student data processed through MemoAccess is owned by the institution and is never used by MetaGuard Mobitech for any purpose beyond operating and maintaining the platform.

8 Notifications

MemoAccess may send push notifications to authorized staff for the following purposes:

  • Alerts about passes that have expired (student has not returned by the deadline)
  • Institutional announcements from the administration
  • System maintenance or service alerts

Notification preferences can be managed within the app settings. Disabling notifications will not affect core app functionality but may mean you miss time-sensitive operational alerts.

9 Data Retention

  • Active student records are retained for the full duration of enrollment.
  • Pass records are retained for a minimum of 1 year after a student's enrollment ends.
  • Attendance records are retained as required by institutional and regulatory requirements (typically 3-5 years).
  • Staff account data is retained while the account is active, and for up to 1 year after deactivation for audit purposes.
  • Audit logs are retained for a minimum of 2 years.

Institutions may request custom data retention policies in accordance with their local legal obligations.

10 Data Deletion

To request deletion of data associated with MemoAccess:

  • Individual staff accounts can be deactivated and deleted by the institution's super-administrator through the web dashboard.
  • Student records can be archived or deleted by authorized admin staff as required.
  • Full institutional data deletion can be requested by contacting us directly at loveneesh@metaguard.in. We will complete verified deletion requests within 30 days.

Upon confirmed deletion, all associated records including pass history, attendance records, and profile data are permanently removed from our systems. This action is irreversible.

11 Your Rights

As a staff user or as an institution, you have the following rights regarding data held in MemoAccess:

  • Right to Access: You can request a copy of the data we hold about you or your institution.
  • Right to Correction: Inaccurate personal data can be corrected directly in the app or by contacting us.
  • Right to Deletion: You can request the permanent deletion of your account and associated data (see Section 10).
  • Right to Restriction: You can request that we restrict processing of your data in certain circumstances.
  • Right to Data Portability: Institutions may request an export of their data in a structured format.

To exercise any of these rights, contact us at loveneesh@metaguard.in.

12 Children's Privacy

MemoAccess is an administrative tool for institutional staff and is not intended to be directly used by children or minors. However, the system does process student records which may include minors.

When student data includes minors:

  • Data is collected and processed solely at the direction of the educational institution, which is responsible for obtaining any required parental consents.
  • MetaGuard Mobitech processes this data strictly as a data processor under the institution's data governance obligations.
  • We do not knowingly collect personal data from minors directly or use it for any purpose beyond operating the platform.

13 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in the app's features or legal requirements. When we make significant changes:

  • The "Last Updated" date at the top of this page will be revised.
  • A notification may be pushed to active users within the app.
  • Continued use of MemoAccess after changes are posted constitutes acceptance of the updated policy.

We encourage you to review this policy periodically. The latest version is always available at this URL.

14 Contact Us

If you have any questions, concerns, or data requests regarding this Privacy Policy or the handling of data within MemoAccess, please contact us:

We aim to respond to all privacy-related inquiries within 5 business days.