Entry-IQ Technologies
ISMS – Intelligent Security Management System
Privacy Policy Terms of Service GDPR & PDPA Aligned
Legal Overview

Legal Notice & Quick Links

This page contains the official Privacy Policy and Terms of Service for the ISMS mobile apps and web portal operated by Entry-IQ Technologies. It is intended for employees, contractors, security personnel, and administrators who use ISMS for attendance, patrolling and incident reporting.

Privacy Policy — Data collection, permissions, security & rights Terms of Service — Rules of use, liability, governing law Contact & Requests — How to reach Entry-IQ

Last Updated: 29 October 2025 • Effective: 29 October 2025

Privacy

Privacy Policy

1) Who We Are

Entry-IQ Technologies (“Entry-IQ”, “we”, “us”) provides enterprise software and mobile applications to help organizations manage attendance, guard patrols, and incident reporting. We are committed to protecting personal data in accordance with applicable laws, including the Personal Data Protection Act 2010 (Malaysia) (“PDPA”) and, where relevant, the EU/UK General Data Protection Regulation (“GDPR”).

Controller vs. Processor: for most workforce data, your employer or client acts as the Data Controller. Entry-IQ typically acts as a Data Processor on their instructions. For our website visitors, support, billing contacts, and service analytics, Entry-IQ may act as Data Controller.

2) Scope

  • ISMS Mobile Apps (attendance, patrolling, incident capture)
  • ISMS Web Portal (administration, reporting, analytics)
  • Support Channels (email/helpdesk/telemetry)

3) What We Collect

  • Identification: Name, Employee/Guard ID, Client/Site ID, role/department, contact info, optional profile photo
  • Authentication & Device: Device ID, OS/app version, IP address, login timestamps, audit & crash logs
  • Attendance: Clock-in/out timestamps, selfie photo, QR/Barcode scans, site code (e.g., JB0002), geolocation at check time, sync status
  • Patrolling: Checkpoint scans (QR/NFC), sequence & time, guard ID, GPS coordinates (including optional background tracking during duty windows), alerts for missed/out-of-sequence points
  • Incidents: Form fields (category/severity/narrative), attachments (photos/videos/docs), escalation recipients, delivery status
  • Admin/HR: Timesheets, shift assignments, device/app registrations and reasons, exports
  • Cookies & Analytics (portal): Session/security cookies and first-party metrics; no third-party advertising cookies

4) Sources

Data may come directly from users, from employer administrators, automatically from device sensors (with OS permission), and from support interactions.

5) Purposes & Legal Bases

PurposeExamplesLegal Basis
Core functionalityAttendance verification, patrol tracking, incident logging, analyticsContract; Legitimate Interests
Security & integrityAudit trails, abuse detection, access controlLegitimate Interests; Legal Obligation
ComplianceHealth & safety, HR audits, legal requestsLegal Obligation; Legitimate Interests
CommunicationsOperational notifications, escalationsContract; Legitimate Interests
Support & improvementTroubleshooting, crash analyticsLegitimate Interests
Consent-only featuresBackground location while on duty; optional media uploadsConsent

No automated decision-making or profiling is performed that produces legal or similarly significant effects.

6) Mobile Permissions (Transparency)

  • Location (Precise & Background): verify presence within registered perimeter; confirm patrol routes. Background location is limited to duty/patrol windows.
  • Camera: selfie verification, QR/Barcode scanning, incident evidence capture.
  • Storage/Photos: user-initiated upload of incident attachments.
  • Internet: secure syncing with ISMS cloud and portals.

7) Sharing & Disclosures

  • Employer/Client Admins for workforce, payroll, compliance, and investigations
  • Service Providers/Sub-Processors (e.g., reputable cloud hosting, email/SMS gateways, analytics) under confidentiality and DPAs
  • Authorities if required by law or to protect life/safety/rights
  • Corporate Transactions (merger/acquisition) with appropriate safeguards

We do not sell personal data.

8) International Transfers

Where data is processed outside your country, we apply safeguards (e.g., Standard Contractual Clauses, encryption, access controls) and assess vendor protections regularly.

9) Retention

  • Attendance & Patrol Logs: typically 12–36 months (per customer policy)
  • Incident Records: up to 5 years for audit/investigation or per policy
  • Account/Device Data: while active + limited archival
  • Support & Analytics: typically 30–180 days

After expiry, data is deleted or anonymized unless legal preservation is required.

10) Security

  • Encryption in transit (TLS) and at rest
  • Role-based access control and least-privilege
  • Backups, integrity checks, and security logging
  • Vulnerability management and vendor risk reviews

No system is 100% secure; users/admins must protect credentials and follow company security policies.

11) Your Rights

Depending on your jurisdiction and Controller policies, you may have rights to access, rectify, erase, restrict, object, portability, and withdraw consent. Requests should be sent to your employer’s admin (Controller). You may also contact us and we’ll coordinate with your employer.

12) Children

ISMS is for authorized adult personnel in a workplace context and is not directed to children under 16.

13) Cookies (Portal)

We use strictly necessary cookies for authentication and first-party analytics to improve performance. No third-party advertising cookies.

14) Changes

We may update this Policy. The “Last Updated” date reflects the current version. Material changes will be communicated via portal/app or through customer admins.

Terms

Terms of Service

1) Agreement

By installing, accessing, or using ISMS, you agree to these Terms. If you do not agree, do not use the Services.

2) Service Description

  • Attendance: QR/Barcode scans, selfies, timestamps, geolocation checks
  • Patrolling: checkpoint verification with timestamps and optional GPS background tracking during duty
  • Incidents & Analytics: capture, attachments, severity, escalations, dashboards
  • Administration: user/device management, timesheets, exports, alerts

3) Eligibility & Account

Only authorized users designated by a subscribing organization may use the Services. Keep credentials confidential. You are responsible for actions performed under your account and for accuracy of data you submit.

4) Employer/Controller Duties

  • Maintain lawful basis for processing workforce data
  • Configure features (e.g., background location) in line with law and internal policy
  • Manage access control, retention schedules, and off-boarding
  • Respond to data subject requests in a timely manner

5) Acceptable Use

  • No copying/modifying/reverse-engineering except as permitted by law
  • No bypassing security controls or accessing others’ data
  • No unlawful, defamatory, or malicious content
  • No use that violates applicable law, workplace rules, or third-party rights

6) Intellectual Property

ISMS software, documentation, and all associated IP are owned by Entry-IQ and its licensors. We grant a limited, non-exclusive, non-transferable license to use the Services for internal operations during the subscription term.

7) Data Ownership & Roles

Customer/Employer owns operational data (attendance, patrol, incident). Entry-IQ processes such data as Processor and may also process limited data as Controller for service operation, billing, and security, as described in the Privacy Policy. Upon termination or written request, Customer may export data and request deletion subject to retention laws.

8) Availability, Maintenance & Updates

We strive for high availability but do not guarantee uninterrupted service. We may perform maintenance, deploy patches, or update features. Users may need to update the app for security and functionality.

9) Support

Support is available via entry.iq360@gmail.com. We use reasonable efforts to address issues, prioritizing security and service integrity.

10) Third-Party Services

The Services may rely on reputable third-party providers (cloud hosting, messaging, analytics). We are not responsible for their terms but use reasonable care in vendor selection and implement DPAs and safeguards.

11) Confidentiality

Each party must protect the other’s confidential information and use it only for the Services, except where required by law.

12) Warranties & Disclaimers

The Services are provided “as is” and “as available” without warranties of any kind, express or implied, including merchantability, fitness for a particular purpose, and non-infringement. We do not warrant that the Services will be error-free, uninterrupted, or meet specific performance outcomes.

13) Limitation of Liability

To the maximum extent permitted by law, Entry-IQ will not be liable for indirect, incidental, special, consequential, or punitive damages, or for loss of profits, revenue, data, or use. Our aggregate liability for all claims relating to the Services shall not exceed the total fees paid by the Customer for the Services in the twelve (12) months preceding the event giving rise to liability.

14) Indemnification

You agree to indemnify and hold harmless Entry-IQ from claims, damages, losses, and expenses (including legal fees) arising from your use of the Services, your violation of these Terms, or your violation of third-party rights.

15) Suspension & Termination

We may suspend or terminate access if you violate these Terms or applicable laws, if there is a security risk, or if required by the Customer. Upon termination, your right to use the Services ceases immediately. Provisions on IP, confidentiality, disclaimers, and limitations survive termination.

16) Changes

We may modify the Services or these Terms to improve features, address legal requirements, or enhance security. Material changes will be notified via portal/app or to Customer admins. Continued use signifies acceptance.

17) Compliance & Export

You must comply with applicable laws and represent that you are not prohibited from using the Services under sanctions/export controls.

18) Governing Law & Disputes

These Terms are governed by the laws of Malaysia. The parties submit to the exclusive jurisdiction of the courts of Selangor, Malaysia.

19) Miscellaneous

  • Severability: If any provision is unenforceable, the remainder remains in effect.
  • No Waiver: Failure to enforce a provision is not a waiver.
  • Assignment: You may not assign rights without our written consent.
  • Entire Agreement: These Terms + Privacy Policy + any Customer agreement form the entire agreement.
Contact

Contact & Requests

Entry-IQ Technologies
Lot No. 8-1, Jalan Eco Sanctuari 8/1B, Eco Sanctuari,
42500 Kuala Langat, Selangor, Malaysia

Email: entry.iq360@gmail.com • Phone: +60 16-214 4242

For privacy requests (access, correction, deletion), please contact your employer’s administrator first (Controller). You may also reach us, and we’ll coordinate with your employer.