Privacy Policy

Last updated: March 7, 2026

1. Who we are

Tempo (“we”, “us”, “our”) is a time-tracking service for construction teams, operated at tempo.li. This policy explains what personal data we collect, why we collect it, and how we protect it.

2. Data we collect

  • Account data: name, email address, and organisation name provided during sign-up.
  • Worker data: worker names and PIN hashes added by organisation administrators.
  • Clock entries: clock-in and clock-out timestamps, project association, optional GPS coordinates, and activity notes.
  • Location data: GPS coordinates are recorded at clock-in and clock-out only when you grant location permission. We do not track location continuously.
  • Photos: optional clock-in selfies uploaded by workers to verify attendance.
  • Usage data: standard server logs (IP address, browser type, pages visited) retained for up to 90 days.

3. How we use your data

  • To provide the time-tracking and timesheet approval service.
  • To authenticate administrators via Google OAuth or email/password.
  • To generate weekly timesheets and payroll-ready exports.
  • To improve reliability and fix bugs (aggregated, anonymised).
  • We do not sell your data to third parties.
  • We do not use your data for advertising.

4. Legal basis (GDPR)

For users in the EU/EEA, we process personal data under the following lawful bases: contract performance (to deliver the service you signed up for) and legitimate interest (security, fraud prevention, service improvement). Where we rely on consent (e.g. location permission), you may withdraw it at any time.

5. Data sharing

We share data only with the following sub-processors, under contractual data-protection obligations:

  • Supabase – database and authentication hosting (EU region).
  • Vercel – application hosting and CDN.
  • Google – OAuth sign-in (if you choose “Sign in with Google”).

6. Data retention

We retain your account and timesheet data for as long as your organisation account is active. You may request deletion at any time by emailing us (see §9). After deletion, data is removed from our systems within 30 days.

7. Cookies & storage

We use a single HTTP-only session cookie to keep you signed in. We do not use tracking or advertising cookies. Local Storage is used only to remember your last-used project and worker selection on the same device.

8. Your rights

You have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data (“right to be forgotten”).
  • Export your data in a portable format.
  • Object to or restrict processing in certain circumstances.

To exercise any of these rights, contact us at the address below.

9. Contact

For privacy questions or data requests, email us at privacy@tempo.li.

10. Changes to this policy

We may update this policy from time to time. When we do, we will update the date at the top of this page. Continued use of Tempo after changes constitutes acceptance of the updated policy.