Privacy Policy

Last updated: February 23, 2026

1. Introduction

JagoFlutter ("we", "us", or "our") operates the GajiPro application, available as a web platform and mobile application (collectively, the "Service"). This Privacy Policy informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.

By using GajiPro, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Personal Information

  • Account Information: Name, email address, phone number, and password for authentication purposes.
  • Company Information: Company name, address, tax ID (NPWP), and industry type.
  • Employee Data: Name, date of birth, address, identity number, employment information, and salary data.
  • Transaction Data: Payment and billing information.

2.2 Biometric Data (Mobile App)

  • Facial Recognition Data: We collect facial biometric data (face embeddings) for the purpose of verifying employee identity during attendance check-in and check-out. Facial data is processed on-device using machine learning models (Google ML Kit and TFLite). The resulting face embeddings are stored securely on our servers. Raw facial images are not permanently stored.

2.3 Location Data (Mobile App)

  • GPS Location: We collect precise location data (latitude and longitude) only during attendance check-in and check-out to validate that employees are within designated office areas. Location data is not collected in the background or outside of attendance activities.

2.4 Automatically Collected Information

  • Usage Data: Activity logs, features used, and access times.
  • Device Information: Device manufacturer, model, operating system version, and browser type.
  • Push Notification Tokens: We use Firebase Cloud Messaging (FCM) to deliver work-related notifications. A device token is collected for this purpose.
  • Cookies: Used on the web platform to enhance user experience.

3. How We Use Your Information

We use the information collected for the following purposes:

  • Providing and maintaining our Service
  • Processing transactions and sending related notifications
  • Calculating employee salaries, taxes, and benefits
  • Verifying employee attendance through face recognition and GPS location
  • Sending push notifications for work-related updates and announcements
  • Providing customer support
  • Detecting and preventing fraud
  • Complying with legal obligations
  • Analyzing and improving our Service

4. Information Sharing

We do not sell your personal data. We only share information in the following circumstances:

  • With Your Employer: Employee attendance records, profile data, and payroll information are shared with your employer's HR/management team as part of the HR management system.
  • With Consent: When you provide explicit permission.
  • Service Providers: Third parties that help us operate our Service (hosting, payment processing, Firebase by Google for push notifications).
  • Legal Compliance: If required by law or legal process.
  • Rights Protection: To protect the rights, property, or safety of JagoFlutter and its users.
  • Business Transactions: In the event of a merger, acquisition, or asset sale.

5. Data Security

We implement reasonable security measures to protect your data:

  • Encryption of data in transit (HTTPS/TLS) and at rest (AES-256)
  • Facial biometric embeddings are encrypted and stored securely
  • Authentication tokens are stored using encrypted local storage on mobile devices
  • Role-based access control
  • Regular data backups
  • Regular security testing and monitoring

While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

Your data is retained as long as your account is active or as needed to provide the Service. Specific retention periods:

  • Employee data: Duration of active employment + 5 years after termination
  • Payroll data: In accordance with Indonesian tax requirements (minimum 10 years)
  • Attendance data: 3 years
  • Activity logs: 1 year

After the retention period ends, data will be securely deleted or anonymized.

7. Account Deletion

You have the right to delete your account at any time:

  • Mobile App: Go to Profile > Delete Account (Hapus Akun).
  • Web Platform: Go to Settings > Delete Account.

Upon requesting account deletion, your account will be deactivated immediately. Your data will be retained for a 30-day recovery period, during which you may contact us to restore your account. After 30 days, all associated data will be permanently and irreversibly deleted from our servers.

8. Your Rights

In accordance with applicable data protection regulations, you have the right to:

  • Access: Request a copy of your personal data.
  • Correction: Update inaccurate or incomplete data.
  • Deletion: Request deletion of your data (subject to certain limitations).
  • Restriction: Restrict the processing of your data.
  • Portability: Receive your data in a machine-readable format.
  • Object: Object to processing for marketing purposes.
  • Withdraw Consent: Revoke device permissions (camera, location) through your device settings at any time. Note that revoking certain permissions may limit app functionality.

To exercise these rights, please contact us at hey@jagoflutter.com.

9. Mobile App Permissions

The GajiPro mobile application requires the following device permissions:

Permission Purpose
Camera Face recognition for attendance verification and face enrollment
Location (GPS) Validate employee presence at office location during attendance check-in/out
Internet Communicate with backend servers for data synchronization
Media / Gallery Profile image selection
Push Notifications Receive work-related notifications and announcements via Firebase Cloud Messaging

10. Cookies and Tracking Technologies

On our web platform, we use cookies and similar technologies for:

  • Essential Cookies: Required for basic site functionality.
  • Preference Cookies: Remember your settings.
  • Analytics Cookies: Understand how the Service is used.

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of the Service.

11. Third-Party Services

Our Service may contain links to third-party sites or use the following third-party services:

  • Firebase (Google): Push notification delivery via Firebase Cloud Messaging. See Google's Privacy Policy.
  • Google ML Kit: On-device face detection processing. Data is processed locally on the device.
  • Payment Gateway: For payment processing.
  • Cloud Storage Provider: For secure data storage.

We are not responsible for the privacy practices of third parties. We encourage you to read their respective privacy policies.

12. Children's Privacy

GajiPro is a workplace application and is not intended for use by anyone under the age of 17. We do not knowingly collect personal information from children. If you become aware that a child has provided personal data to us, please contact us.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be published on this page with an updated "Last updated" date. We will notify you via email or in-app notification for significant changes.

14. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact:

JagoFlutter

Email: hey@jagoflutter.com

Website: https://jagoflutter.com

Back to Home