This Privacy Policy explains how Petroleum & Energy Logistics and Services Co. Ltd. (Petrogistix) ("Petrogistix",
"we", "us") collects, uses, stores, and protects information when
you use the X2 workforce management mobile application and the
X2 administration web dashboard (together, the "Service").
X2 is provided as an internal tool for our employees and the
employees of our client organizations. It is not a consumer
product and is not generally available on the open market. Use
of the Service is governed by your employment agreement with the
organization that deployed it.
1. Information We Collect
1.1 Account & Identity Data
Full name, employee code, job title, department, position, and shift assignment
Mobile phone number (used for one-time-password login)
Work email address (where applicable)
Profile photograph (for supervisor identification within the dashboard)
Hire date and employment status
1.2 Biometric Data
A facial recognition vector (a mathematical representation of
your face, not the photo itself) generated by Amazon Rekognition
from a one-time selfie taken during onboarding. This vector is
used solely to verify that the person punching in or out is the
employee whose account is being used. The original selfie is
stored in our cloud storage as your profile photo.
Selfies taken at each punch-in or punch-out, used in the same
way to verify identity for that specific attendance event. These
are retained alongside the corresponding attendance record.
Where available and explicitly enabled by you, on-device
biometrics (Face ID on iOS, fingerprint or face unlock on
Android) are used as a faster alternative to the selfie flow.
On-device biometric data never leaves your device
— X2 only receives a yes/no result from the operating system.
1.3 Location Data
Precise GPS coordinates captured when you punch in, punch out,
or move across the geographic boundary ("geofence") of an
assigned work site.
Periodic location updates while you are clocked in, used to
confirm you are at the work site and to detect when you leave
the site so the system can prompt you to clock out.
"Background location" (location access while the app is closed)
is used only for the geofence feature described above. We do
not track your location outside of work hours or while you
are clocked out.
1.4 Device & Security Data
A device identifier (Android device ID or iOS vendor ID) used to bind your account to a single device for fraud prevention
Device model, operating system, and operating system version
Whether the device shows signs of being rooted, jailbroken, or running in an emulator
Whether developer mode is enabled on the device
Network IP address from which API requests originate
Firebase Cloud Messaging token, used to deliver push notifications about shifts, leave approvals, and supervisor messages
Crash and error reports (sent to Sentry, a third-party error-monitoring service) — these reports are automatically scrubbed of personally identifiable information such as GPS coordinates, phone numbers, and authentication tokens before leaving your device
1.5 Attendance & Operational Data
Punch-in and punch-out timestamps with associated work site, GPS coordinates, and verification status
Daily and weekly aggregated work hours, overtime, and attendance status
Incident reports submitted through the Service, including any photos you attach
2. How We Use Your Information
Attendance verification — confirming that you are physically present at the assigned work site at the time of each punch-in and punch-out
Identity verification — using facial recognition and on-device biometrics to ensure that punches are made by the actual account holder, not by another person on your behalf
Payroll and labour-law compliance — generating timesheets, calculating hours, overtime, and absences; producing records required by Saudi labour law
Workforce management — assigning shifts, crews, and projects; scheduling work; managing leave and overtime approvals
Fraud prevention — detecting punch-in attempts from outside the geofence, mock-GPS use, time-tampering, rooted or compromised devices, and unauthorized device transfers
Notifications — sending push notifications about shift reminders, geofence events, supervisor approvals, and operational announcements
Service operation — debugging, security monitoring, and improving the Service
3. How We Store and Protect Your Information
All X2 data is stored within Amazon Web Services
(ap-south-1 region, Mumbai). Specifically:
Selfies and profile photos are stored in Amazon S3, accessible only to authenticated X2 servers and your supervisors and administrators
Facial recognition vectors are stored in Amazon Rekognition's managed face collection, isolated to your organization
Attendance, account, and operational records are stored in an Amazon RDS PostgreSQL database
Push notification tokens are stored in the same database and only used to deliver Firebase Cloud Messaging messages
All data in transit between your device and our servers is
encrypted using HTTPS / TLS. Authentication tokens stored on your
device are protected by the iOS Keychain or Android Keystore. We
operate role-based access controls so that supervisors can only
see employees in their assigned departments and crews.
4. Who Has Access to Your Information
You — through the X2 mobile application, for your own attendance, leave, and profile data
Your direct supervisors and your assigned project managers
Authorized administrators within your organization
Petrogistix engineering and operations personnel, only as strictly necessary to operate, debug, and secure the Service
Third-party service providers acting as data processors, each operating
under their respective Data Processing Agreements with Petrogistix:
Amazon Web Services — cloud infrastructure, database hosting, object storage, and facial recognition (Rekognition)
Google Firebase — push notifications via Cloud Messaging
Google Maps Platform — map display and geofence visualization within the app (your location data is sent to Google's servers only for map rendering)
Sentry — error and crash monitoring (receives only PII-scrubbed diagnostic data, not personal information)
We do not sell, rent, or share your personal data
with advertising networks, data brokers, analytics platforms, or
any third party that is not strictly required for the operation
of the Service.
5. Data Retention
We retain your personal data for as long as you remain an active
user of the Service through your employer, and afterward only for
the period required by Saudi labour and tax law (typically several
years for payroll-related records). When the legally-required
retention period expires, your data is deleted or irreversibly
anonymized.
On-device data — secure storage tokens, cached employee data,
local attendance records — is removed when you sign out of the
application or uninstall it.
6. Account Deletion
You can request deletion of your X2 account at any time
through one of the following channels:
From within the mobile app: open Settings →
Account → Delete Account, then confirm your request. An
optional reason field lets you tell your administrator why.
From a web browser: visit
app.petrogistix.com/delete-account
and submit your phone number. This option is intended for
users who no longer have access to the mobile app.
By email: contact
info@petrogistix.com
from your registered email address with the subject "Account
Deletion Request".
Because X2 accounts are managed by your employer, your
deletion request is forwarded to your administrator for review.
Once approved, the following data is irreversibly removed:
Your name, mobile number, work email, and profile photograph
Your facial recognition vector (deleted from Amazon Rekognition)
All authentication tokens and device bindings
All push-notification tokens
The following data is retained in anonymized form
for the period required by Saudi labour and tax law (typically
five years from your last day of employment), as we are legally
required to maintain accurate payroll and attendance records:
Daily timesheets and attendance records (linked to an anonymized identifier, not your name)
Payslips and overtime records
Approved leave records
Audit logs of administrative actions
After the legal retention period expires, these records are also
deleted. Until then, the anonymized data cannot be linked back
to you by anyone, including Petrogistix engineering staff.
7. Your Rights
Under the Saudi Arabia Personal Data Protection Law (Royal Decree
M/19/1443H), you have the right to:
Be informed about how your personal data is collected and used (this Privacy Policy)
Access your personal data held by us
Request correction of inaccurate data
Request deletion of your data, subject to legal retention requirements
Object to or restrict certain types of processing
Withdraw consent for biometric processing (which will require switching to an alternative attendance verification method, where available, and may affect your ability to use the Service)
File a complaint with the Saudi Data & AI Authority (SDAIA) if you believe your rights have not been respected
To exercise any of these rights, contact us at the email address
listed at the top of this document. We will respond within 30
days. Most requests should be initiated through your employer's
Human Resources function, since the data is processed on their
behalf.
8. Children's Data
The Service is intended exclusively for adult employees of
Petrogistix and our client organizations. We do not knowingly
collect data from anyone under the age of 18.
9. Changes to this Policy
We may update this Privacy Policy from time to time to reflect
changes in the Service or in applicable law. The "Last Updated"
date at the top of this page indicates when the current version
was published. Material changes will be communicated through the
application or through your employer.
10. Contact
If you have any questions about this Privacy Policy or how your
personal data is handled, please contact:
Petroleum & Energy Logistics and Services Co. Ltd. (Petrogistix)
Email: info@petrogistix.com
Country: Saudi Arabia