← All posts
Compliance

Geofencing for Employees: Legal, Practical, and How to Roll It Out

April 29, 2026·8 min read·By ClockOut Team

Geofencing has a PR problem. The word sounds dystopian — a digital fence around your employees. The reality is much smaller and much more useful: it’s a one-time check at clock-in that the employee is where they say they are. No background tracking. No ride-along surveillance. Here’s what geofencing actually means in 2026, what’s legal in the U.S., and how to roll it out in a way that your team accepts (or at least doesn’t mutiny over).

What is geofencing, really?

A geofence is a virtual perimeter — usually a circle — drawn around a physical place. Geofence-aware software does one thing: it asks “is this device inside or outside the circle right now?”

For time tracking, “right now” means at the moment an employee taps Clock In. The app captures coordinates, checks them against the geofence, and either accepts the punch or flags it. That’s the entire mechanic. The location is not stored continuously. The phone is not tracked between punches.

Why this isn’t “tracking”

The legal and ethical bright line is continuous location data vs. event-based location data.

  • Continuous trackingrecords location every minute or every kilometer. This is how delivery and field dispatch software works. It requires “Always” location permission and is genuinely surveillance-adjacent. It deserves serious consent and policy.
  • Event-based locationcaptures a single coordinate at one specific moment (clock in, clock out, break) and uses it for one specific purpose (verifying the punch). It requires only “While Using App” permission and does not collect data when the app is closed.

ClockOut is event-based by design. We don’t want continuous location data and we don’t collect it. The product would be worse if we did.

Is geofencing legal in the U.S.?

Yes, in all 50 states, when:

  • The employee is notified in the employee handbook or onboarding paperwork.
  • The location is captured only at work-related events (clock in, clock out, break start/end).
  • The data is limited in retentionto what’s necessary for payroll and audit.
  • The employee can see and request deletion of their data.

Some states (California under CCPA/CPRA, Illinois under BIPA for biometrics, Connecticut under recent state law) layer in additional disclosure or consent requirements. None of them prohibit location-based clock-in. Consult counsel for your specific state if you’re scaling past 100 employees.

How to roll geofencing out without a mutiny

1. Tell people first, in plain English

One paragraph in the team chat is enough. “Starting next Monday, we’re moving from honor-system clock-ins to GPS-verified clock-ins. The app captures location only when you tap Clock In or Clock Out. Nothing tracked in the background. This protects the company and protects you against wage disputes.”

2. Update the handbook

Add a single paragraph: what’s collected, when, why, and for how long. Have employees acknowledge in writing.

3. Start in flag mode, not block mode

For week one, set out-of-bounds clock-ins to flag for review instead of block. You see who the system is misclassifying — usually employees with bad GPS chips or who park across the street — and adjust the radius before frustration sets in.

4. Walk the perimeter

Take a phone, walk the four corners of where employees legitimately need to clock in (parking, entrance, break area, manager’s spot, dumpster). Every legitimate spot must pass. Widen the radius until they all do.

5. Switch to block mode after one week

Once the radius is calibrated, flip out-of-bounds to block. The team has been notified, the system has been tuned, the complaints are minimal.

Handling employee pushback

The two most common objections, with honest responses:

  • “I don’t want my location tracked.” Walk through what’s actually captured: one coordinate, at one moment, for one purpose. No background tracking. Show them the privacy policy. Most concerns ease.
  • “What if my GPS is glitchy and I can’t clock in?” Real concern, real solution. Use flag mode for week one; enable kiosk-mode backup; allow admin override. Nobody loses a paycheck because of a GPS bug.

When NOT to geofence

Geofencing isn’t for everyone. Skip it if:

  • Your team is fully remote and clocks in from home offices.
  • Your job sites change daily and drawing perimeters is impractical.
  • You have a deeply trusted long-tenure team and cultural fit matters more than the 2% time savings.

For these cases, kiosk PINs, scheduled clock-in windows, or plain honor-system tracking with an exception inbox are reasonable alternatives.

FAQ

Is geofencing legal in California?
Yes. California permits location-based time tracking when employees are notified, the data is limited to work-related events, and CCPA/CPRA disclosures are honored. Continuous background tracking requires additional consent — but event-based clock-in does not.
How do I notify employees?
A short paragraph in the employee handbook plus a written acknowledgment at onboarding is the standard. Some employers add a one-time in-app consent screen; this is good practice, not strictly required.
Can geofencing track employees on lunch breaks?
Only if you configure it to. Best practice is to capture location at meal-break start and end (to verify the break was taken) but not during the break itself.
What happens if an employee’s GPS is wrong?
Use flag mode while you calibrate, allow admin override, and keep kiosk mode available as a backup. Nobody should lose pay because of a buggy GPS chip.
Keep reading
Compliance

Clocking in and out policy template (free, defensible)

Compliance

How to Stop Buddy Punching: 7 Methods That Actually Work

Comparisons

ClockOut vs Hubstaff: which is right for your team in 2026