Maxfiylik siyosati

Sizning maxfiyligingiz biz uchun muhim. Bu siyosat WorkTime One shaxsiy ma'lumotlaringizni qanday yig'ishini, ishlatishini va himoya qilishini tushuntiradi.

Oxirgi yangilangan: 2025 yil 18 noyabr

Mundarija

1. Kirish

WorkTime One-ga xush kelibsiz. Biz shaxsiy ma'lumotlaringizni va maxfiylik huquqingizni himoya qilishga majburmiz. Bu maxfiylik siyosati vaqtni kuzatish va xodimlarni boshqarish platformamizdan foydalanganingizda ma'lumotlaringizni qanday yig'ishimiz, ishlatishimiz, oshkor qilishimiz va himoya qilishimizni tushuntiradi.

WorkTime One-dan foydalanib, siz ushbu siyosatga muvofiq ma'lumotlarni yig'ish va foydalanishga rozilik bildirasiz.

Important: This Privacy Policy is fully compliant with GDPR, CCPA, and other major privacy regulations. We take your privacy seriously and implement industry-leading security measures.

2. Yig'iladigan ma'lumotlar

2.1 Siz taqdim etadigan ma'lumotlar

  • Akkount ma'lumotlari: Ism, email manzil, parol, kompaniya nomi va to'lov ma'lumotlari
  • Xodim ma'lumotlari: Xodim ismlari, ID-lari, bo'limlari, lavozimlari, ish haqi ma'lumotlari va ish jadvallari
  • Aloqa ma'lumotlari: Telefon raqamlari, manzillar va shoshilinch aloqa kontaktlari
  • Communication Data: Messages, support tickets, and correspondence with our team
  • Payment Information: Credit card details, billing addresses (processed securely through third-party payment processors)

2.2 Avtomatik yig'iladigan ma'lumotlar

  • Vaqtni kuzatish ma'lumotlari: Kirish/chiqish vaqtlari, ish soatlari, qatnashish yozuvlari va aqlli qulflardan joylashuv ma'lumotlari
  • Qurilma ma'lumotlari: IP manzillar, brauzer turlari, operatsion tizimlar, qurilma ID-lari
  • Foydalanish ma'lumotlari: Ko'rilgan sahifalar, ishlatilgan xususiyatlar, platformada o'tkazilgan vaqt
  • Smart Lock Data: TTLock integration data including lock access logs, RFID/NFC card scans, fingerprint recognition data, PIN code usage
  • Location Data: Geographic location from smart lock installations and IP addresses
  • Cookies and Analytics: Session data, preferences, and analytics information

2.3 Biometrik ma'lumotlar

TTLock aqlli qulflari orqali barmoq izi autentifikatsiyasidan foydalanganingizda biz biometrik ma'lumotlarni yig'amiz va qayta ishlaymiz. Bu ma'lumotlar:

  • AES-256 shifrlash yordamida shifrlangan
  • Xeshlangan formatda saqlanadi va teskari muhandislik mumkin emas
  • Faqat xodimni aniqlash va vaqtni kuzatish maqsadlarida ishlatiladi
  • Never shared with third parties except as required by law
  • Deleted upon employee termination or account closure

3. How We Use Your Data

We use the collected information for the following purposes:

3.1 Service Provision

  • Tracking employee attendance and work hours
  • Calculating payroll, overtime, and penalties
  • Generating reports and analytics
  • Managing employee records and organizational structures
  • Integrating with TTLock smart locks for automatic time tracking

3.2 Communication

  • Sending automated email notifications about penalties, reports, and system updates
  • Providing customer support and responding to inquiries
  • Sending important service announcements and security alerts
  • Marketing communications (with your consent, and you may opt-out anytime)

3.3 Security and Fraud Prevention

  • Detecting and preventing unauthorized access
  • Protecting against fraudulent activity and time theft
  • Ensuring data integrity and system security
  • Enforcing our Terms of Service

3.4 Improvement and Analytics

  • Analyzing usage patterns to improve our services
  • Developing new features and functionalities
  • Conducting research and statistical analysis
  • Testing and optimizing platform performance

3.5 Legal Compliance

  • Complying with legal obligations and regulations
  • Responding to lawful requests from authorities
  • Maintaining records for accounting and tax purposes
  • Protecting our legal rights and interests

4. Ma'lumotlarni ulashish va oshkor qilish

Biz sizning shaxsiy ma'lumotlaringizni sotmaymiz. Ma'lumotlaringizni quyidagi hollarda ulashishimiz mumkin:

4.1 Xizmat provayderlari

Biz platformamizni boshqarishda yordam beradigan ishonchli uchinchi tomon xizmat provayderlari bilan ma'lumotlarni ulashamiz:

  • Firebase (Google): Autentifikatsiya, ma'lumotlar bazasi va hosting xizmatlari
  • SendGrid: Email bildirishnomalarini yetkazish
  • TTLock API: Aqlli qulf integratsiyasi va kirishni nazorat qilish
  • Payment Processors: Secure payment processing (they never receive full credit card details)
  • Cloud Infrastructure: Data storage and server hosting

All service providers are bound by strict confidentiality agreements and are only permitted to use your data to provide services to us.

4.2 Qonuniy talablar

Qonun talab qilsa yoki quyidagilarga javob sifatida ma'lumotlaringizni oshkor qilishimiz mumkin:

  • Sud buyruqlari, chaqiruv qog'ozlari yoki qonuniy jarayonlar
  • Huquqni muhofaza qilish organlari yoki davlat organlarining so'rovlari
  • Protection of our rights, property, or safety
  • Investigation of fraud or security issues

4.3 Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred to the new entity. We will notify you of any such change and provide options regarding your data.

4.4 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

5. Ma'lumotlar xavfsizligi

Biz shaxsiy ma'lumotlaringizni himoya qilish uchun soha yetakchi xavfsizlik choralarini amalga oshiramiz:

5.1 Texnik himoya choralari

  • Shifrlash: Tinch holatdagi ma'lumotlar uchun AES-256 va o'tkaziladigan ma'lumotlar uchun TLS 1.3
  • Autentifikatsiya: Google Authenticator va email orqali ikki faktorli autentifikatsiya (2FA)
  • Kirishni nazorat qilish: Rolga asoslangan kirishni nazorat qilish (RBAC) va eng kam imtiyoz printsipi
  • Firewalls: Network-level protection and intrusion detection systems
  • Muntazam auditlar: Xavfsizlikni baholash, penetratsiya testi va zaifliklarni skanerlash
  • Secure Backups: Encrypted, geographically distributed backups with disaster recovery

5.2 Organizational Safeguards

  • Employee training on data protection and privacy best practices
  • Confidentiality agreements with all staff and contractors
  • Limited access to personal data on a need-to-know basis
  • Incident response plan for security breaches
  • Regular security awareness programs

5.3 Xavfsizlik buzilishi haqida xabardor qilish

Shaxsiy ma'lumotlaringizga ta'sir qiluvchi ma'lumotlar buzilishining ehtimolsiz holatida biz GDPR va boshqa qo'llaniladigan qoidalar talab qilganidek 72 soat ichida sizga xabar beramiz.

6. Ma'lumotlarni saqlash

Biz shaxsiy ma'lumotlaringizni faqat ushbu Maxfiylik siyosatida ko'rsatilgan maqsadlarni bajarish uchun zarur bo'lgan vaqt davomida saqlaymiz:

  • Faol akkountlar: Akkountingiz faol bo'lganida ma'lumotlar saqlanadi
  • Xodim yozuvlari: Ishdan bo'shatilgandan keyin 7 yil saqlanadi (qonuniy va soliq muvofiqlik uchun)
  • Vaqtni kuzatish ma'lumotlari: 7 yil saqlanadi (mehnat qonunlari talab qilganidek)
  • Biometrik ma'lumotlar: Xodimning ishdan ketishidan keyin yoki so'rov bo'yicha 30 kun ichida o'chiriladi
  • Financial Records: Retained for 7 years (for tax and accounting purposes)
  • Marketing Data: Deleted immediately upon opt-out request
  • Backup Data: Deleted from backups within 90 days of primary deletion

Upon account closure, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

7. Sizning huquqlaringiz

GDPR, CCPA va boshqa maxfiylik qoidalariga ko'ra, sizda quyidagi huquqlar bor:

7.1 Kirish huquqi

Siz biz saqlagan barcha shaxsiy ma'lumotlaringizning nusxasini so'rashingiz mumkin. Biz ushbu ma'lumotni 30 kun ichida tuzilgan, ko'p ishlatiladigan va mashina o'qiy oladigan formatda beramiz.

7.2 Tuzatish huquqi

Siz noto'g'ri yoki to'liq bo'lmagan shaxsiy ma'lumotlarni tuzatishni so'rashingiz mumkin.

7.3 O'chirish huquqi (unutilish huquqi)

Siz ma'lum qonuniy istisnolarga bo'ysungan holda shaxsiy ma'lumotlaringizni o'chirishni so'rashingiz mumkin.

7.4 Right to Restrict Processing

You can request that we limit how we use your data in certain circumstances, such as when you contest its accuracy.

7.5 Ma'lumotlarni ko'chirish huquqi

Siz ma'lumotlaringizni ko'chiriladigan formatda olishni yoki ularni to'g'ridan-to'g'ri boshqa xizmat provayderiga o'tkazishni so'rashingiz mumkin.

7.6 Right to Object

You can object to processing of your personal data for direct marketing purposes or based on legitimate interests.

7.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw consent at any time without affecting the lawfulness of prior processing.

7.8 Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

Huquqlaringizni qanday amalga oshirish: So'rovingiz bilan [email protected] manziliga murojaat qiling. Biz 30 kun ichida javob beramiz.

8. Cookie va kuzatish texnologiyalari

8.1 Cookie nima?

Cookie - bu qurilmangizda saqlanadigan va xizmatlarimizni taqdim etish va yaxshilashga yordam beradigan kichik matnli fayllar.

8.2 Biz foydalanadigan Cookie turlari

  • Zarur Cookie: Platformaning asosiy funksionalitgi uchun kerak (kirish, xavfsizlik, sessiyani boshqarish)
  • Unumdorlik Cookie: Foydalanuvchilar platformamiz bilan qanday muloqot qilishini tushunishga yordam beradi
  • Funksional Cookie: Sizning tanlovlaringizni eslab qoladi (til, vaqt mintaqasi)
  • Marketing Cookies: Used to deliver relevant advertisements (only with your consent)

8.3 Third-Party Cookies

We use the following third-party cookies:

  • Google Analytics: Website analytics and usage statistics
  • Firebase: Authentication and session management
  • SendGrid: Email tracking (open rates, click rates)

8.4 Managing Cookies

You can control cookies through your browser settings. Note that disabling essential cookies may affect platform functionality. Most browsers allow you to:

  • View and delete existing cookies
  • Block third-party cookies
  • Block all cookies
  • Delete cookies when closing the browser

9. Uchinchi tomon xizmatlari

Bizning platformamiz quyidagi uchinchi tomon xizmatlari bilan integratsiyalanadi:

9.1 TTLock aqlli qulflari

Biz aqlli qulf kirish jurnallarini olish uchun TTLock API bilan integratsiyalanamiz.

9.2 Firebase (Google)

Biz autentifikatsiya, ma'lumotlar bazasi va hosting uchun Firebase-dan foydalanamiz.

9.3 SendGrid

Email notifications are sent via SendGrid. They process email addresses and message content but do not use your data for their own purposes.

9.4 Payment Processors

We use PCI DSS compliant payment processors. We never store full credit card details on our servers.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your jurisdiction, including the United States and EU. We ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs): EU-approved contracts for data transfers
  • Adequacy Decisions: Transfers to countries with adequate data protection laws
  • Privacy Shield (legacy): For US-based service providers where applicable
  • Encryption: All international data transfers are encrypted

EU users' data is primarily stored in EU-based data centers to minimize international transfers.

11. Bolalarning maxfiyligi

WorkTime One 18 yoshdan kichik shaxslar uchun mo'ljallanmagan. Biz bolalardan shaxsiy ma'lumotlarni atayin yig'maymiz. Agar biz 18 yoshdan kichik boladan ma'lumotlar yig'ganimizni aniqlasak, uni darhol o'chiramiz.

Agar siz ota-ona yoki vasiy bo'lsangiz va bolangiz bizga shaxsiy ma'lumot berganiga ishonsangiz, [email protected] manziliga murojaat qiling.

12. Ushbu maxfiylik siyosatidagi o'zgarishlar

Biz amaliyotlarimizdagi, qonuniy talablardagi yoki xizmat xususiyatlaridagi o'zgarishlarni aks ettirish uchun ushbu Maxfiylik siyosatini vaqti-vaqti bilan yangilashimiz mumkin.

  • Yangilangan siyosatni yangi "Oxirgi yangilangan" sanasi bilan veb-saytimizda joylashtirish
  • Ro'yxatdan o'tgan foydalanuvchilarga email bildirishnomalarini yuborish
  • Displaying in-app notifications for significant changes

O'zgarishlar kuchga kirgandan keyin WorkTime One-dan foydalanishni davom ettirish yangilangan Maxfiylik siyosatini qabul qilishni bildiradi.

13. Aloqa ma'lumotlari

Ushbu maxfiylik siyosati yoki ma'lumotlar amaliyotlarimiz haqida savollaringiz, tashvishlaringiz yoki so'rovlaringiz bo'lsa, biz bilan bog'laning:

Email: [email protected]

Ma'lumotlarni himoya qilish bo'yicha ofitser: [email protected]

Yordam: [email protected]

Veb-sayt: https://worktime.one

Javob vaqti: Biz maxfiylik so'rovlariga 30 kun ichida javob beramiz

EU Representatives: For users in the European Union, you can contact our EU representative for GDPR-related inquiries at [email protected]

Related Legal Documents

Terms of Service

User agreements and service terms

Security

Our security measures and compliance

GDPR Compliance

EU data protection rights