OperationSavvy
Get a demo
OperationSavvy Privacy

Privacy Policy

OperationSavvy (also referred to as "OpSavvy") is a workforce operations platform provided by Foundry One PTY LTD (ABN 23 694 421 380). This Privacy Policy explains how information is handled when you use OpSavvy as part of your employment.

Last updated: April 2026 Back to home

1. How OpSavvy works

OpSavvy is used by organisations to manage their workforce. If you use OpSavvy, it is because your employer has provided you access to perform work-related tasks.

These may include:

  • clocking in and out of shifts,
  • submitting reports and forms,
  • recording attendance and activity, and
  • completing required workplace actions.

Your employer controls how OpSavvy is configured and how your information is used within it.

2. Who controls your data

Your employer is the data controller. Foundry One acts as a service provider (data processor).

This means:

  • your employer decides what data is collected,
  • your employer decides how long data is kept, and
  • your employer decides how data is used.

Foundry One only processes data:

  • to operate the OpSavvy platform,
  • to provide support and technical services, and
  • under instructions from your employer.

3. Information we process

We process information provided by your employer and generated through your use of OpSavvy.

a. Account information

Provided by your employer:

  • name,
  • email address,
  • phone number, and
  • employee or role-related identifiers.

b. Work activity data

Generated through your use of the app:

  • clock-in and clock-out times,
  • shift records,
  • task activity,
  • NFC scans, such as checkpoints, and
  • form submissions, such as incident reports.

c. Location data

If enabled by your employer, GPS location may be collected:

  • at clock-in and clock-out,
  • during shifts, approximately every 5 minutes, and
  • when submitting forms or scanning checkpoints.

Location data may be used for timesheet validation, safety monitoring, and operational oversight.

Employers may view this data in real time.

d. Photos and media

Depending on how your employer configures OpSavvy, photos may be captured and uploaded, including for:

  • incident reports,
  • site documentation, and
  • shift-related evidence.

e. Face verification (optional feature)

Some employers may enable a face verification feature for attendance.

If enabled:

  • a photo is captured during clock-in,
  • basic liveness checks may occur on your device, such as blink or movement checks, and
  • the image is used to verify that you are the correct person.

Important:

  • this feature is optional and controlled by your employer,
  • we store only the image associated with the shift, such as a JPG,
  • we do not store biometric templates or facial recognition profiles, and
  • images are used only for identity verification and compliance.

We recommend employers configure automatic deletion of these images, such as after 30 to 90 days.

f. Device and technical data

We may collect limited technical data such as:

  • IP address,
  • device type and operating system, and
  • application diagnostics needed for debugging and reliability.

This is used strictly for debugging, performance monitoring, and improving reliability.

4. How information is used

Information processed through OpSavvy is used to:

  • enable workforce operations,
  • record attendance and activity,
  • support compliance and reporting,
  • improve system performance, and
  • provide customer support.

We do not use your information for:

  • advertising,
  • selling personal data, or
  • profiling unrelated to your work.

5. Data sharing

We do not sell personal information.

We may share data only in the following cases:

a. With your employer

Your employer has full access to data within their organisation.

b. With trusted service providers

We use trusted infrastructure and service providers to operate OpSavvy, including:

  • cloud hosting and storage, and
  • authentication services.

These providers are contractually required to protect your data and use it only for providing services to us.

c. Legal requirements

We may disclose information if required by law or to protect legal rights.

6. Data storage and security

We take reasonable steps to protect information, including encryption in transit (HTTPS), secure cloud infrastructure, and access controls and audit logging.

Data is primarily stored in Australia.

Some processing, such as verification services, may involve temporary transmission internationally, but data is not stored outside Australia.

7. Data retention

Data is retained according to your employer's policies.

  • Employers determine how long records are kept.
  • Employers can delete data at any time.
  • Face verification images can be automatically deleted after a set period.

When your employment ends, your employer decides how your data is handled.

8. Your rights

Because your employer controls your data, requests for access, correction, or deletion should be made through your employer.

Foundry One will assist employers in fulfilling these requests where required.

9. App permissions

OpSavvy may request the following permissions:

Camera

Used for capturing photos for reports and optional face verification.

Location (foreground and background)

Used for recording attendance, tracking location during shifts, and safety and operational purposes.

Notifications

Used to send work-related updates and notify you about tasks or shifts.

NFC

Used for scanning checkpoints or site tags.

10. Age requirements

OpSavvy is intended for workplace use and is not designed for individuals under 18.

11. Changes to this policy

We may update this Privacy Policy from time to time. Updates will be made available through the app or via your employer.

12. Contact

For questions about this policy:

Foundry One PTY LTD

ABN: 23 694 421 380

Please contact your employer first for any data-related requests.