1. Introduction
Veeb Security ("we", "our", or "us") operates the Veeb Security mobile application (the "App"), a comprehensive security management platform designed for security guards and security companies. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our App.
By installing or using this App, you agree to the collection and use of information described in this policy. This App is intended solely for use by security personnel aged 18 and over who are employed by or contracted with organisations that have subscribed to the Veeb Security platform.
2. Information We Collect
2.1 Account and Identity Information
- Full name and employee ID
- Email address and phone number
- Authentication credentials (passwords are hashed and never stored in plaintext)
- PIN codes (stored in encrypted device-local secure storage only)
- Guard profile details including site assignments and rank
2.2 Location Data
- Precise GPS coordinates when you clock in or clock out of a shift
- Continuous location during an active shift for site-presence verification (background location)
- Location at the time of an emergency SOS alert
- Location data associated with site access check-ins
2.3 Operational Data
- Clock-in and clock-out timestamps and total shift duration
- Visitor records: names, contact details, vehicle registrations, and visit purposes
- Occurrence Book entries: incident descriptions, time, location, and any attached media
- Site access logs and visitor check-in/check-out history
2.4 Device Information
- Device model and operating system version
- Device identifier (used to link your push notification token to your account)
- Expo push notification token (to deliver shift alerts and notifications)
- App version
2.5 Camera and Media
- Photos or documents captured during incident documentation (Occurrence Book entries)
- QR code scans for visitor verification or location check-in
2.6 Usage Analytics
- Feature usage patterns and screen navigation (aggregated, not personal)
- App performance metrics and crash reports (used solely for service improvement)
3. How We Use Your Information
| Purpose | Data Used |
|---|---|
| Attendance tracking and shift verification | Location, clock timestamps |
| Site security management | Location, guard assignments |
| Incident documentation | Occurrence Book entries, camera media |
| Visitor management | Visitor records, site access logs |
| Emergency response (SOS) | Location, identity |
| Push notifications for shift alerts | Push token, device identifier |
| Service improvement and bug fixing | Crash reports, usage analytics |
| Legal and regulatory compliance | Attendance records, incident logs |
We do not use your data for advertising, profiling, or any purpose not listed above.
4. Data Sharing and Disclosure
We share your information only as follows:
- Your employer / client organisation: Supervisors and site managers authorised by your employer can view attendance records, occurrence entries, and visitor logs relevant to their site.
- Veeb Security platform administrators: For technical support and service operation.
- Legal requirements: We may disclose data if required by Kenyan law, court order, or to protect the safety of individuals.
- Emergency situations: Location and identity may be shared with emergency services if an SOS alert is triggered.
5. Data Retention
| Data Type | Retention Period |
|---|---|
| Attendance and clock records | Duration of employment + as required by labour law |
| Incident / Occurrence Book reports | Minimum 7 years (legal requirement) |
| Visitor access logs | Duration of site contract + applicable security regulations |
| SOS alert history | Minimum 3 years for safety and liability purposes |
| Account data | Until account is deleted, then 30 days before permanent removal |
| Push notification tokens | Refreshed on each login; removed on account deletion |
6. Data Security
We implement the following security measures to protect your information:
- Encryption in transit: All data is transmitted over HTTPS/TLS.
- Encryption at rest: Authentication tokens and PIN codes are stored using device-level encrypted secure storage (
expo-secure-store). - Access controls: Access to backend systems is restricted by role-based permissions. Guards can only see data from their assigned site.
- Monitoring: Automated monitoring for unauthorised access attempts.
- Periodic audits: Regular security reviews of our infrastructure.
Despite these measures, no system is completely secure. We will notify affected users and relevant authorities of any data breach in accordance with applicable law.
7. Permissions Used by This App
The App requests the following device permissions. You can manage these in your device Settings at any time, though disabling some permissions will limit core functionality.
| Permission | Why It Is Needed | Impact if Denied |
|---|---|---|
| Location (Precise) | GPS clock-in/out and site verification | Cannot clock in or verify site presence |
| Location (Background) | Continuous presence verification during an active shift | Shift tracking will be inaccurate |
| Camera | QR code scanning for visitor check-in; incident photo documentation | Cannot scan QR codes or attach photos to reports |
| Microphone / Audio | Audio recording for incident documentation | Cannot attach audio notes to occurrence entries |
| Notifications | Receive shift alerts, visitor arrivals, and system notifications | Will not receive real-time alerts |
| Internet | Required for all core functionality | App will not function |
8. Your Rights
Under applicable data protection law you have the right to:
- Access: Request a copy of the personal data we hold about you.
- Correction: Ask us to correct inaccurate or incomplete data.
- Deletion: Request deletion of your personal data, subject to legal retention obligations.
- Portability: Receive your data in a structured, machine-readable format.
- Objection: Object to certain types of processing (e.g. analytics).
- Withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting prior processing.
To exercise any of these rights, contact us at support@veeb.co.ke. We will respond within 30 days.
9. Children's Privacy
This App is intended exclusively for security professionals aged 18 and over. We do not knowingly collect personal data from anyone under 18. If we become aware that a user is under 18, their account will be suspended and their data deleted.
10. International Data Transfers
Your data is processed and stored on servers located in Kenya. If your organisation operates across borders, data may be accessed by authorised personnel in other jurisdictions. In such cases, we apply equivalent security standards as described in Section 6.
11. Cookies and Tracking Technologies
The mobile App does not use cookies or advertising tracking technologies. Usage analytics are collected in aggregate form and are not linked to individual identities for advertising purposes.
12. Third-Party Services
The App uses the following third-party services, each governed by their own privacy policies:
| Service | Purpose | Provider |
|---|---|---|
| Google Maps | Map display on dashboard and site views | Google LLC |
| Expo Notifications | Push notification delivery | Expo / Meta (via FCM) |
| EAS Build | App build and distribution | Expo |
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will:
- Update the "Last Updated" date at the top of this document.
- Display an in-app notification for material changes.
- Send an email notification to registered users for significant changes.
Continued use of the App after changes are published constitutes acceptance of the updated policy.