Privacy policy.

How Horizon Clock collects, uses, and protects your data. Compliant with Quebec Law 25 and the EU General Data Protection Regulation (GDPR).

Effective date: May 21, 2026

1. Who we are

Horizon Clock is a monday.com marketplace application operated by 9153-3133 Québec Inc., a corporation registered in Quebec, Canada, doing business as Horizon Nord. We are the data controller responsible for processing personal information collected through the Horizon Clock application.

Privacy contact: Eric McGee, Director of Operations
Email: support@horizonnord.com
A mailing address is available upon request.

2. What information we collect

Horizon Clock is designed to collect the minimum data required to verify time worked. We do not run continuous location tracking, capture audio or video, or collect biometric data.

Information you provide

  • Worker identification: name and email address, as added by your account administrator to your monday.com Employees board.
  • Project information: project names, addresses, and geofence radii configured by your account administrator on your monday.com Projects board.
  • Account information: the monday.com account that installs Horizon Clock (admin name, email, account ID) for billing and support.

Information collected automatically when a worker clocks in or out

  • Timestamp: the exact date and time of the clock-in or clock-out event.
  • GPS coordinates: latitude and longitude captured at the moment of the event, along with the device-reported accuracy in metres.
  • Device-reported geofence status: whether the GPS reading fell inside, outside, or could not be verified against the project geofence.
  • Mock-location flag: when the operating system signals that a mock or simulated GPS location is in use, we record that flag so administrators can review the shift.

GPS is captured only at the moment of clock-in and clock-out. We do not continuously track location while a shift is in progress.

Information we do not collect

  • Continuous or background location.
  • Microphone, camera, or screen content.
  • Contacts, calendar, photos, or other device data unrelated to time tracking.
  • Browsing history outside the Horizon Clock view.

3. How we use your information

We use the data we collect to:

  • Operate the Horizon Clock service: record shifts on your monday.com Time Entries board, calculate hours and overtime, and display the supervisor "Today's Crew" view.
  • Verify clock-in events against the project geofence configured by your administrator.
  • Provide customer support when you contact us.
  • Send service-related notifications (billing receipts, security notices, important policy changes).
  • Detect and prevent fraud, abuse, or violations of our Terms of Service.
  • Comply with legal obligations, court orders, and lawful requests from authorities.

We do not sell your personal information. We do not use your data for advertising or for training third-party machine-learning models.

4. Legal basis for processing

Under Quebec's Law 25 and the European GDPR, we process personal information on the following legal bases:

  • Performance of a contract: processing required to deliver the Horizon Clock service to you and your workers.
  • Legitimate interest: verifying that workers are at the correct job site, preventing fraud, and improving service quality.
  • Legal obligation: retaining shift records for the periods required by employment, tax, and labour law in your jurisdiction.
  • Consent: the worker grants device-level location permission at first clock-in. The worker can withdraw consent at any time by revoking location permission in their device settings, in which case clock-in will not be possible.

5. Sharing your information — third parties

We share data only with sub-processors strictly necessary to operate Horizon Clock. Each sub-processor is bound by a data processing agreement.

  • monday.com Ltd. (Israel/EU): the platform Horizon Clock runs inside. Shift data is written to your monday.com Time Entries board. Subject to monday.com's own privacy terms.
  • monday code (managed by monday.com): hosts our application logic and webhooks.
  • Supabase Inc. (USA, hosted in EU/Canada region): stores Horizon Clock's internal database (employee mapping, project geofences, audit logs).
  • Mapbox (USA): renders geofence maps inside the supervisor view. Only the project address is shared; no worker data leaves your monday.com workspace.
  • Sentry (USA): captures application error reports to help us fix bugs. Personal data is scrubbed from error payloads.
  • Payoneer / monday billing: processes subscription payments. We never see or store payment card details.

We do not transfer your data to any other third party except (a) with your written consent, (b) when required by law or court order, or (c) in the context of a business transaction such as a merger, acquisition, or asset sale, in which case the acquirer assumes the obligations under this policy.

6. International transfers

Your data may be stored or processed in Canada, the European Union, or the United States, depending on the sub-processor. Where data is transferred outside Quebec, we rely on standard contractual clauses, adequacy decisions, or other safeguards permitted by Quebec Law 25 and the GDPR.

7. How long we keep your information

  • Shift records on your monday.com Time Entries board: retained as long as your monday.com workspace exists. You control this data and can delete it at any time.
  • Horizon Clock internal database (Supabase): deleted within 10 days after you uninstall Horizon Clock from your monday.com workspace, as required by the monday.com marketplace.
  • Application logs and error reports: retained for up to 90 days, then automatically deleted.
  • Billing records: retained for 7 years to comply with Canadian tax and accounting law.

8. Your rights

Depending on where you reside, you have the following rights regarding your personal information:

  • Access: request a copy of the personal information we hold about you.
  • Rectification: request correction of inaccurate or incomplete information.
  • Deletion: request deletion of your personal information, subject to legal retention obligations.
  • Portability: request a structured, machine-readable export of your data.
  • Restriction or objection: request that we restrict or stop a specific use of your data.
  • Withdraw consent: withdraw any consent previously given, without affecting the lawfulness of prior processing.
  • Lodge a complaint: in Quebec with the Commission d'accès à l'information; in the EU with your local supervisory authority.

To exercise these rights, contact support@horizonnord.com. We respond within 30 days. If your worker would like to exercise these rights, they should contact their employer (our customer) first, who can then contact us; we will assist promptly.

9. Security

We protect your information using industry-standard safeguards:

  • All data is transmitted over HTTPS / TLS 1.2 or higher.
  • All data at rest in Supabase is encrypted using AES-256.
  • Access to production databases is restricted to authorised Horizon Nord personnel using multi-factor authentication.
  • We log access to personal data and review the logs regularly.
  • We follow secure software development practices and patch known vulnerabilities promptly.

No system is perfectly secure. In the event of a personal information breach that presents a serious risk of harm, we will notify affected customers and the relevant supervisory authorities as required by Law 25 and the GDPR.

10. Children's privacy

Horizon Clock is a workplace application for adults. We do not knowingly collect personal information from anyone under the age of majority (18 in most Canadian provinces; 16 under GDPR). If you believe a minor's information has been submitted to Horizon Clock, please contact us so we can delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify account administrators by email and post the updated policy with a revised "Effective date" at the top of this page at least 30 days before they take effect.

12. Contact us

Questions, requests, or complaints about your personal information should be sent to:

Eric McGee, Director of Operations & Privacy Officer
9153-3133 Québec Inc. (operating as Horizon Nord)
Email: support@horizonnord.com
Quebec, Canada