Last updated: June 30, 2025
We at Alaawah ("Alaawah", "we" or "us") are strongly committed to respecting your privacy and keeping secure any information you share with us. This privacy policy ("Privacy Policy") explains how we collect, use, disclose, and process your personal data when you use Alaawah's workforce management software, platform, APIs, Documentation, and related tools, including at the website at www.shark-force.com, and all related software made available by Alaawah to build, deploy, host, and manage workforce operations ("Service"). It also tells you how you can access and update your personal information and describes the data protection rights that may be available under your country's or state's laws. Please read this Privacy Policy carefully. By accessing or using the Service, you acknowledge you have been informed of and consent to our practices with regard to your personal information and data.
We collect the following categories of personal data: A) Personal data you provide directly: Account Information (name, email address, company details), Payment Information (for paid services), Workforce Data (employee information, schedules, time tracking data), Communication Information (support requests, feedback), and Feedback (ideas and suggestions for improvement). B) Personal data from your use of the Service: Device Information (device type, browser, operating system), Log Information (IP address, browser settings, error logs), Usage Data (access times, browsing history, interactions), Cookies & Similar Technologies (for platform functionality and analytics), and Location Information (for geofencing and time tracking features). C) Information we do not collect: We do not knowingly collect sensitive personal information such as genetic data, biometric data for identification, health information, or religious information. We do not knowingly collect information from children under 18.
We use personal data for the following purposes: To provide and maintain the Service, including optional features that enhance functionality and user experience; To create, manage, and administer your account, including facilitating payments and responding to inquiries; To improve and develop the Service and conduct research, including debugging and identifying or repairing issues; To communicate with you, including sending updates, information about the Service, and events; To prevent, detect, and investigate fraud, abuse, security incidents, and violations of our Terms of Service; To comply with legal obligations and protect the rights, safety, privacy, and property of users, Alaawah, or third parties; To investigate and resolve disputes or security issues; To enforce our Terms of Service and other applicable agreements. We do not use workforce data to train AI models unless explicitly agreed upon or for security review purposes.
Our platform currently uses artificial intelligence (AI) primarily for Facial Recognition Technology for employee check-ins and identity verification. We plan to expand AI capabilities to additional workforce management features in the future, which may include: Automated Time Tracking and Attendance Monitoring; Intelligent Scheduling and Workflow Automation; Anomaly Detection for security and compliance monitoring; and Predictive Analytics for workforce optimization. We process personal data including facial biometric data, location data, and behavioral patterns to provide these AI-powered features. We are committed to preventing discrimination and bias in our AI systems through regular testing, diverse training data, and algorithmic fairness measures. You have the right to: Request human review of automated decisions that significantly affect you; Opt-out of automated decision-making for non-essential features; Receive clear explanations of how AI systems make decisions; Object to automated processing that impacts your legal rights; and Report concerns about potential discrimination or bias in AI decision-making. We implement comprehensive safeguards to ensure AI systems are fair, transparent, accountable, and non-discriminatory. For questions about our AI systems or to report discrimination concerns, contact us at privacy@shark-force.com.
We may disclose your personal data in the following circumstances: Service Providers and Business Partners (hosting, cloud infrastructure, analytics, customer support, payment processing, compliance services); Business Transfers (in the event of merger, acquisition, restructuring, bankruptcy, or other corporate transaction); Legal Compliance and Protection of Rights (to government authorities or third parties when necessary to comply with laws, respond to lawful requests, protect safety and rights, prevent fraud, enforce our Terms of Service, or protect Alaawah against legal liability); Affiliates (entities that control, are controlled by, or are under common control with us); Third-Party Services and Integrations (when you choose to interact with third-party services); Business Account Administrators (if you create an account using an organization email, we may disclose account-related information to that organization); Other Users and Third Parties You Share Information With (when you voluntarily share information through Service features); With Your Consent (when you give us permission to do so). We do not sell personal data for advertising purposes.
We work with specific third-party services to provide our platform functionality. These include: Payment Processing (Stripe) - processes payment information and billing data; Analytics (PostHog, Google Analytics) - analyzes platform usage and performance; Communication Services (SendGrid, Twilio) - sends notifications and communications; Cloud Infrastructure (AWS, Vercel) - hosts our platform and stores data; Security Services (Cloudflare) - provides DDoS protection and security; Customer Support (Intercom, Zendesk) - manages customer inquiries and support; and Mapping Services (Google Maps, Mapbox) - provides location and geofencing features. Each third-party service has its own privacy policy, and we recommend reviewing their policies to understand how they handle your data. We only share data necessary for these services to function and maintain appropriate data processing agreements with all third-party providers.
We use cookies and similar tracking technologies to enhance your experience and provide essential platform functionality. Our cookie consent management system allows you to: Accept or reject non-essential cookies; Manage preferences for different cookie categories; Withdraw consent at any time through your account settings; and Access detailed information about each cookie's purpose and duration. Essential cookies (authentication, security, session management) cannot be disabled as they are necessary for platform functionality. Non-essential cookies (analytics, marketing, personalization) require your explicit consent. You can manage cookie preferences through: Your browser settings; Our platform's cookie management interface; and Third-party opt-out mechanisms for specific services. For detailed information about our cookie practices, please see our Cookie Policy.
Alaawah retains your personal data only for as long as necessary to operate the Service effectively and to support legitimate business needs such as legal compliance, safety, dispute resolution, and enforcement of our agreements. The appropriate retention period varies depending on the purpose for which the personal data was collected, its sensitivity, potential risks associated with its use or exposure, and any applicable legal requirements. Your settings may also influence how long we keep certain types of data. When personal data is no longer needed, Alaawah and its service providers will follow procedures to delete, erase, de-identify, or anonymize it in compliance with applicable laws.
We implement commercially reasonable technical and organizational measures designed to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, please remember that no method of transmission over the Internet or method of electronic storage is completely secure. You should use caution when deciding what information to share with the Service. We are not responsible for any circumvention of privacy settings or security features on the Service or on third-party websites linked through the Service.
In the event of a data breach that affects your personal data, we will: Notify you within 72 hours of becoming aware of the breach (where required by law); Provide clear information about the nature of the breach, affected data, and potential risks; Explain the measures we're taking to address the breach and prevent future incidents; and Provide guidance on steps you can take to protect yourself. We will notify you through: Email to your registered email address; In-platform notifications; and Public announcements on our website (for significant breaches). We maintain comprehensive incident response procedures and regularly test our security measures to minimize the risk of data breaches.
Depending on where you live and the laws that apply in your country of residence, you may have certain rights in relation to your personal data. These may include: Right to know what categories of personal data we collect, the purposes for which we use it, and the types of third parties with whom we share it; Access and portability, meaning you can request a copy of the personal data we hold about you and, where applicable, ask us to provide it in a portable format; Deletion of personal data collected from you in connection with your use of the Service, subject to certain exceptions; Correction of inaccurate personal data we maintain about you; Objection to certain types of processing; Restriction of our processing of your personal data in limited circumstances; Withdrawal of consent, where the legal basis for our processing is based on your consent; Right to lodge a complaint with your local data protection authority. To exercise any of these rights, contact us at privacy@shark-force.com. We may request information to verify your identity before processing your request. Alaawah processes your personal data on servers located in various jurisdictions, including the United States, and applies the protections outlined in this policy regardless of where it is processed.
We are committed to responding to your data subject requests promptly and efficiently. Response Timeframes: We will acknowledge your request within 3 business days and provide a complete response within 30 days (or 45 days for complex requests). Request Verification: We may require additional information to verify your identity, including government-issued ID, account verification, or other reasonable measures. Appeal Process: If we deny your request, you may appeal the decision within 30 days by contacting privacy@shark-force.com with 'Appeal' in the subject line. We will review appeals within 15 business days. Data Portability: You can request your data in a structured, machine-readable format (JSON, CSV) for transfer to another service. Right to Object: You can object to processing based on legitimate interests, direct marketing, or automated decision-making. We will stop processing unless we demonstrate compelling legitimate grounds. Right to Restriction: You can request restriction of processing while we verify accuracy, investigate objections, or prepare for legal proceedings. No Fee Policy: We do not charge fees for data subject requests unless they are manifestly unfounded or excessive.
Our platform is not intended for use by children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are under 18, please do not use our platform or provide any personal information to us. If we become aware that we have collected personal information from a child under 18, we will: Immediately delete the information from our systems; Notify the child's parent or guardian if we have their contact information; and Take steps to prevent future collection of children's data. For users between 13-17 years old who may be authorized by their employer or educational institution to use our platform, we require: Explicit parental or guardian consent; Verification of the relationship between the minor and the organization; and Additional safeguards for data processing. We comply with the Children's Online Privacy Protection Act (COPPA) and similar international laws protecting children's privacy.
As a workforce management and employee tracking platform, our core functionality requires comprehensive monitoring and data collection to provide essential services including time tracking, attendance monitoring, location verification, and productivity analytics. While we acknowledge Do Not Track (DNT) browser signals, we cannot honor DNT requests for the following reasons: (a) Our platform's primary purpose is employee monitoring and tracking, which would be fundamentally compromised by DNT compliance; (b) Employees consent to tracking through their employment agreements and employer policies, not through browser settings; (c) Employers have legitimate business interests and legal obligations that require employee monitoring; (d) DNT signals are not legally binding for workplace tracking platforms under current employment law; and (e) Essential platform features including security, compliance, payroll, and performance management require continuous data collection. For employees who object to tracking: You should discuss concerns with your employer, as they control the monitoring policies; Your employer may have legal obligations requiring certain types of monitoring; and Alternative employment arrangements may be available if tracking is incompatible with your preferences. We comply with applicable employment laws and data protection regulations, but DNT signals do not override legitimate workplace monitoring requirements or employer consent obtained through employment relationships.
Some jurisdictions require specific disclosures regarding how we handle your personal data. For users in the European Economic Area (EEA), when you access our Service, your personal data may be transferred to our United States servers or other countries outside the EEA and the UK. Where information is transferred outside the EEA or the UK, we require an adequate level of data protection. We do not make decisions based solely on automated processing that impact your legal rights, and we do not sell or share personal data for cross-contextual behavioral advertising or process personal data for targeted advertising purposes.
Your personal data may be transferred to and processed in countries outside your residence, including the United States. We ensure adequate protection for international transfers through: Standard Contractual Clauses (SCCs) approved by the European Commission; Adequacy decisions where applicable; and Additional technical and organizational safeguards. For EEA/UK users, we implement SCCs for all transfers to non-adequate countries. For California residents, we provide specific disclosures about data sharing and sales under the CCPA/CPRA. We maintain records of all international transfers and regularly review our transfer mechanisms to ensure continued compliance with evolving regulations.
Alaawah reserves the absolute right to migrate, relocate, or transfer our servers, data centers, and infrastructure to any jurisdiction worldwide without prior notice or consent. You acknowledge and agree that: (a) we may move servers between countries, regions, or continents for operational, economic, security, or strategic reasons; (b) data processing locations may change at any time, including to jurisdictions with different privacy laws; (c) we are not liable for any compliance issues arising from server migrations to new jurisdictions; (d) you waive all claims related to data sovereignty, residency requirements, or jurisdictional preferences; (e) server migrations may temporarily affect service availability without compensation; (f) we disclaim liability for any regulatory violations in new jurisdictions following migration; (g) cross-border data transfers resulting from migrations are at your sole risk; (h) we are not responsible for ensuring continued compliance with your local laws after migration; (i) you consent to processing in any jurisdiction where we operate servers; (j) force majeure events may necessitate emergency server relocations; (k) we may use multiple server locations simultaneously across different jurisdictions; (l) third-party hosting providers may change without notice, affecting data location; (m) we are not liable for any business disruption, data access issues, or compliance failures resulting from server migrations; (n) you waive rights to object to specific server locations or jurisdictions; and (o) this consent covers all future server migrations regardless of destination jurisdiction or applicable laws.
You acknowledge that our technical infrastructure may change at any time, and you assume all risks associated with such changes. This includes but is not limited to: (a) changes in cloud providers (AWS, Google Cloud, Azure, or any other provider); (b) migration between data centers within the same country or internationally; (c) adoption of new hosting technologies or architectures; (d) consolidation or distribution of data across multiple geographic locations; (e) changes in content delivery networks (CDNs) or edge computing locations; (f) modifications to backup and disaster recovery locations; (g) implementation of new security infrastructure that may affect data location; (h) compliance with government requests for data localization or restrictions; (i) economic factors requiring infrastructure optimization; (j) technical failures necessitating emergency relocations; (k) mergers, acquisitions, or business restructuring affecting infrastructure; (l) regulatory changes requiring infrastructure modifications; (m) performance optimization requiring geographic redistribution; and (n) any other infrastructure changes deemed necessary by Alaawah. We disclaim all liability for any consequences of infrastructure changes, including but not limited to compliance violations, service disruptions, data access issues, increased latency, or regulatory penalties.
We may update this Privacy Policy from time to time. When we do, we will publish an updated version and effective date at the top of this page, unless another type of notice is legally required. Your continued use of our platform after any change constitutes acceptance of such change.
We encourage you to contact us at privacy@shark-force.com if you have any questions about this Privacy Policy or our privacy practices. You may also have the right to lodge a complaint with your local data protection authority.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, ALAAWAH, ITS AFFILIATES, SUBSIDIARIES, DIRECTORS, OFFICERS, EMPLOYEES, AGENTS, LICENSORS, AND SERVICE PROVIDERS SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES ARISING OUT OF OR RELATING TO THIS PRIVACY POLICY OR OUR PRIVACY PRACTICES, INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOST PROFITS, LOST DATA, BUSINESS INTERRUPTION, OR ANY OTHER COMMERCIAL DAMAGES OR LOSSES, REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR OTHERWISE, EVEN IF ALAAWAH HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. OUR TOTAL AGGREGATE LIABILITY TO YOU FOR ANY AND ALL CLAIMS ARISING OUT OF OR RELATING TO THIS PRIVACY POLICY OR OUR PRIVACY PRACTICES SHALL NOT EXCEED ONE HUNDRED DOLLARS ($100.00). WE EXPLICITLY DISCLAIM ALL WARRANTIES REGARDING THE SECURITY, ACCURACY, COMPLETENESS, OR RELIABILITY OF ANY DATA PROTECTION MEASURES OR PRIVACY PRACTICES.
ALAAWAH shall not be liable for any failure or delay in performance of our privacy obligations due to circumstances beyond our reasonable control, including but not limited to: acts of God, natural disasters, war, terrorism, riots, civil disturbances, government actions, labor disputes, strikes, lockouts, epidemics, pandemics, public health emergencies, internet or telecommunications failures, power outages, cyber attacks, data breaches, third-party service failures, regulatory changes, compliance requirements, technical difficulties, system maintenance, force majeure events, or any other circumstances that are not within our reasonable control. In such events, we may suspend or modify privacy practices without liability and will use reasonable efforts to resume normal operations as soon as practicable.
While we implement reasonable privacy and security measures, we cannot guarantee that third-party services, integrations, or external factors will maintain the same level of protection. You acknowledge that: (a) third-party services have their own privacy policies and security practices; (b) we cannot control or guarantee the privacy practices of third-party providers; (c) data transmitted to or through third-party services may be subject to different privacy standards; (d) we are not liable for any privacy violations or security incidents caused by third-party services; (e) you should review third-party privacy policies independently; and (f) we disclaim all liability for any damages arising from third-party privacy practices or security incidents.
Privacy laws and regulations are complex and subject to change. While we strive to maintain compliance, you acknowledge that: (a) laws and regulations may change, affecting the compliance status of certain practices; (b) we may need to modify privacy practices to comply with new regulations; (c) compliance requirements may vary by jurisdiction and industry; (d) we do not provide legal advice regarding privacy compliance; (e) you are responsible for understanding applicable privacy laws in your jurisdiction; and (f) we are not liable for any regulatory violations or compliance failures beyond our reasonable control. You should consult with legal professionals regarding your specific privacy compliance requirements.
While we implement reasonable security measures, no system is completely secure. You acknowledge that: (a) data breaches and security incidents can occur despite reasonable precautions; (b) we cannot guarantee against all possible security threats or vulnerabilities; (c) third-party attacks or system failures may compromise data security; (d) we are not liable for damages arising from security incidents beyond our reasonable control; (e) you should implement your own security measures and backup procedures; and (f) our liability for security incidents is limited as provided in this policy. We will provide reasonable notice of security incidents as required by law, but disclaim liability for any damages beyond our control.
You agree to indemnify, defend, and hold harmless ALAAWAH, its affiliates, subsidiaries, directors, officers, employees, agents, licensors, and service providers from and against any and all claims, demands, actions, suits, proceedings, damages, losses, costs, expenses (including reasonable attorneys' fees and court costs), liabilities, and obligations of any kind arising out of or relating to: (a) your violation of this Privacy Policy or applicable privacy laws; (b) your failure to obtain necessary consents or permissions; (c) your misuse or unauthorized disclosure of personal data; (d) any claims by your employees, customers, or other third parties related to privacy practices; (e) your failure to comply with data protection requirements; and (f) any other privacy-related actions or omissions by you or your representatives. This indemnification obligation survives termination of your use of our services.
If any provision of this Privacy Policy is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary so that this Privacy Policy will otherwise remain in full force and effect and enforceable. The failure of ALAAWAH to exercise or enforce any right or provision of this Privacy Policy shall not constitute a waiver of such right or provision. No waiver of any provision of this Privacy Policy shall be effective unless in writing and signed by an authorized representative of ALAAWAH.
This Privacy Policy, together with our Terms of Service and Cookie Policy, constitutes the entire agreement between you and ALAAWAH regarding privacy matters and supersedes all prior or contemporaneous agreements, representations, warranties, and understandings regarding privacy. We reserve the right to modify this Privacy Policy at any time, in our sole discretion, with or without notice. Material changes will be communicated through reasonable means. Your continued use of our platform after any changes constitutes acceptance of the modified Privacy Policy. If you do not agree to the modified Privacy Policy, you must immediately stop using our services and terminate your account.