Skip to Content

iMark Mobile App – Data Privacy Policy


Effective Date: September 19, 2025

Last Updated: September 19, 2025


iMark (“we,” “our,” or “us”) is an attendance application with facial recognition features, designed to capture and verify employee attendance for integration with the employer’s Human Resource Information System (HRIS).


This Data Privacy Policy explains how we collect, use, store, share, and protect your personal data in compliance with the Data Privacy Act of 2012 (RA 10173), its Implementing Rules and Regulations (IRR), and related issuances of the National Privacy Commission (NPC).


1. Personal Data Collected


When you use the iMark app, we may collect and process the following:


  • Personal Information


  • Name, employee ID, and other identifiers provided by your employer.


  • Sensitive Personal Information


  • Facial images and biometric facial recognition data (used solely for identity verification).


  • Geolocation data (if enabled by your employer).


  • Attendance Data


  • Time and date of login/logout records.


  • Device details and app logs (for security and troubleshooting).


2. Purpose of Processing


Your personal data will be processed only for the following legitimate purposes:


  • Employee identity verification using facial recognition.


  • Recording attendance (login/logout) and syncing with the employer’s HRIS.


  • Supporting payroll and HR administrative functions.


  • Ensuring security, integrity, and accuracy of attendance records.


  • Compliance with labor laws and other lawful obligations.


We do not use your data for marketing, commercial profiling, or any purpose unrelated to attendance monitoring.


3. Legal Basis for Processing


The processing of your personal and sensitive personal information is based on:


  • Consent – You provide consent upon registration and use of iMark.


  • Contractual Necessity – Processing is necessary to fulfill your employment contract obligations regarding attendance and payroll.


  • Legal Obligations – Compliance with labor laws and related regulations.


  • Legitimate Interest – Protecting company assets and ensuring efficient HR operations.


4. Data Sharing and Disclosure


We may disclose your personal data only to:


  • Your Employer – For attendance, HR, and payroll processing.


  • Authorized Service Providers – Vendors providing cloud hosting, system support, and IT infrastructure, bound by confidentiality and data protection agreements.


  • Regulatory Authorities – When required by law, lawful order, or government regulation.


We do not sell, lease, or trade your personal data.


5. Data Retention and Disposal


Attendance and biometric data will be retained only for as long as necessary to fulfill their purpose or as required by law.


Once retention periods expire, data will be securely deleted or anonymized using industry-standard deletion methods.


6. Data Protection Measures


We adopt organizational, physical, and technical measures to safeguard your personal data, including but not limited to:


  • Encryption of biometric and attendance data.


  • Role-based access controls to limit authorized access.


  • Secure data transmission (HTTPS/TLS).


  • Regular security audits and penetration testing.


  • Data privacy policies and training for authorized personnel.


7. Your Rights as a Data Subject


In accordance with the Data Privacy Act of 2012, you have the right to:


  • Right to Be Informed – Know how your data is collected and processed.


  • Right to Object – Withhold or withdraw consent, subject to legal and contractual limitations.


  • Right to Access – Request a copy of the personal data we hold about you.


  • Right to Rectification – Correct inaccuracies or outdated information.


  • Right to Erasure or Blocking – Suspend, withdraw, or request deletion of your data when no longer necessary.


  • Right to Data Portability – Obtain a copy of your personal data in an electronic format, where applicable.


  • Right to File a Complaint – Lodge complaints with the National Privacy Commission (NPC).


Requests may be coursed through your employer’s Data Protection Officer (DPO) or directly to us (see contact details below).


8. Contact Information


For questions, concerns, or to exercise your data privacy rights, you may contact:


Data Protection Officer (DPO)

OBANANA CORP. / iMark Operator Name

16F 273 PMI Tower, Pablo Ocampo Sr. Ext, Makati, 1203 Metro Manila

Email: obananadpo@gmail.com

Phone: 0917 722 6002


You may also file a complaint directly with the:


National Privacy Commission

5th Floor, Delegation Building, Philippine International Convention Center (PICC) Complex, Vicente Sotto St., Pasay City, Metro Manila

Website: https://www.privacy.gov.ph


Email: complaints@privacy.gov.ph


9. Changes to This Policy


We may revise this Data Privacy Policy from time to time to comply with laws, regulations, and best practices. Significant changes will be communicated through the app or via your employer.