This Privacy Policy describes how Hi MC FI ("we", "our", or "the App") collects, uses, stores, and protects your personal information when you use our mobile application. By using the App, you agree to the practices described in this policy.
This policy complies with Apple App Store requirements and Vietnamese Personal Data Protection regulations (Decree No. 13/2023/ND-CP).
1. Information We Collect
1.1 Account & Identity Information
- Email address and password (used for authentication)
- User profile details (name, role within your organisation)
- Authentication tokens (JWT, session tokens)
1.2 Location Data
- GPS coordinates (latitude and longitude) collected when you perform check-in or check-out actions
- Reverse-geocoded address derived from coordinates
- Predefined work site locations associated with your organisation
Location data is collected only while the App is in active use (foreground). We do not track your location in the background.
1.3 Camera, Microphone & Media
- Photos and videos captured via the in-app camera to document work completion, issues, or reports
- Images selected from your device's photo library
- Audio recordings captured for work reports and field documentation
1.4 Device Information
- Device model, operating system version, and unique device identifiers
- Network connectivity status (Wi-Fi / mobile data)
- Screen dimensions and orientation
1.5 Work & Business Data
- Issues, tasks, and work orders you create or update
- Form submissions and field values
- KPI values and performance records
- Inventory and stock transaction records
- Organisation and project membership information
- Roles and access permissions assigned to your account
2. Device Permissions Requested
| Permission |
Purpose |
| Location (When In Use) |
Record GPS coordinates during check-in / check-out; retrieve workplace address |
| Camera |
Capture photos and videos to confirm task completion and create visual reports |
| Microphone |
Record audio notes and video with audio for field documentation |
| Photo Library |
Upload existing images from your device; save media captured in-app to your library |
| Face ID |
Biometric authentication for quick, secure login (optional) |
Each permission is requested only when the relevant feature is first used. You may deny a permission; however, the associated feature will be unavailable.
3. How We Use Your Information
- Providing the service – enabling workforce management, check-in/check-out, issue tracking, form submissions, and inventory management
- Authentication & security – verifying your identity and protecting your account
- Synchronisation – keeping your data consistent across devices and with your organisation's backend
- Notifications – sending push notifications related to tasks and updates within your organisation
- Improving the App – diagnosing technical issues and improving performance (using aggregated, non-identifiable data only)
We do not use your personal data for advertising, profiling, or selling to third parties.
4. Data Sharing & Third-Party Services
We do not sell, rent, or trade your personal information. Data is shared only as described below:
4.1 Supabase (Backend Infrastructure)
All app data — including authentication, database records, and uploaded media — is stored and processed on
Supabase.
Supabase provides database (PostgreSQL), authentication, and file storage services.
Please review the Supabase Privacy Policy for details on how they handle data.
4.2 Your Organisation
Work data you create (issues, forms, check-ins, KPIs, inventory) is visible to authorised members of your organisation within the App. This is necessary for the collaborative nature of the service.
4.3 Legal Requirements
We may disclose your information if required by Vietnamese law or a valid legal order from a competent authority.
5. Data Retention
Your personal data is retained for as long as your account is active or as needed to provide the service. If you request account deletion, we will delete or anonymise your personal data within 30 days, except where retention is required by law.
Media files (photos, videos, audio) uploaded to storage are retained until you or an authorised administrator deletes them.
6. Data Security
- All data is transmitted over encrypted HTTPS connections
- Authentication uses industry-standard JWT tokens managed by Supabase Auth
- Database access is controlled by Row Level Security (RLS) policies — users can only access data they are authorised to view
- We apply the principle of least privilege: each user's access is limited to their assigned roles and organisations
While we implement strong security measures, no system is completely immune to threats. We encourage you to use a strong, unique password and to keep your device secure.
7. Your Rights (Vietnamese Law – Decree 13/2023/ND-CP)
Under Vietnamese personal data protection regulations, you have the right to:
- Know – be informed about the collection and processing of your personal data
- Consent / Withdraw consent – provide or withdraw consent for data processing (noting that withdrawal may affect your ability to use the App)
- Access – request a copy of the personal data we hold about you
- Correct – request correction of inaccurate or incomplete data
- Delete – request deletion of your personal data, subject to legal retention obligations
- Restrict processing – request that we restrict how your data is processed in certain circumstances
- Object – object to processing of your personal data
- Data portability – receive your data in a structured, commonly used format
- Complain – lodge a complaint with the Ministry of Public Security's Department of Cybersecurity and Hi-Tech Crime Prevention (A05)
To exercise any of these rights, contact us at mr.minhhien@gmail.com. We will respond within 72 hours for urgent requests and within 30 days for standard requests.
8. Children's Privacy
Hi MC FI is a professional workforce management application intended for adults in business environments. We do not knowingly collect personal data from anyone under the age of 13. If you believe a child has provided us with personal data, please contact us immediately so we can delete it.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you via the App or email. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the App after changes constitutes acceptance of the updated policy.
10. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact: