Legal

Privacy Policy

We are committed to protecting your privacy and being transparent about how we handle your data.

Last Updated: January 1, 2025

1. Overview

Welcome to EMS (Employee Management System). This Privacy Policy explains how EMS ("we," "us," or "our") collects, uses, stores, and protects information when you visit our website or use our platform.

By accessing or using EMS, you agree to the terms of this Privacy Policy. If you do not agree, please do not use our services.

This policy applies to all users of EMS, including administrators, managers, and employees. Organization administrators are responsible for ensuring their employees are informed about the use of EMS within their workplace.

2. Data We Collect

Account Information

  • Full name, email address, and job title
  • Organization name and department
  • Login credentials (passwords are stored in encrypted form)
  • Profile photo (if provided)

Operational Data

  • Attendance check-in and check-out timestamps
  • Leave requests, types, and approval status
  • Work submission records and task descriptions
  • Announcements created or received

Technical Data

  • IP address and browser type
  • Device operating system and version
  • Pages visited and time spent on each page
  • Error logs and performance data

3. How We Use Your Data

We use the data we collect solely to provide, improve, and operate the EMS platform. Specifically:

  • To authenticate your identity and manage your account
  • To display attendance records, leave status, and work history
  • To send notifications related to your account activity
  • To generate analytics and reports for administrators
  • To troubleshoot technical issues and improve platform stability
  • To comply with applicable laws and legal obligations

We do not use your data to make automated decisions that significantly affect you without human review.

4. Employee Monitoring

EMS offers a Desktop Agent that enables live screen monitoring as part of the platform's workforce management features. This section explains how this works and your rights.

Screen monitoring is only activated when the EMS Desktop Agent is installed by the employee or their organization. Installation implies consent to monitoring during work hours.

What May Be Monitored

  • Screen activity during designated work hours
  • Application usage logs
  • Activity and inactivity periods
  • Login and logout timestamps via the agent

What Is Never Monitored

  • Personal communications on private accounts
  • Activity outside of designated work hours (if configured correctly)
  • Audio, microphone, or webcam input
  • Keystrokes or passwords typed by the employee

Organizations are responsible for informing their employees about monitoring in compliance with local labor laws before deploying the Desktop Agent.

5. Data Sharing

We do not sell, rent, or trade your personal data to any third party. Data is shared only in the following limited circumstances:

  • Within Your Organization: Administrators can view data belonging to their employees as part of the platform's core function.
  • Service Providers: We may share data with trusted technology partners (e.g., hosting, email delivery) who are contractually bound to protect your data.
  • Legal Requirements: We may disclose data if required by law, court order, or government authority.
  • Business Transfer: In the event of a merger or acquisition, data may be transferred to the new entity under the same privacy protections.

6. Cookies & Tracking

EMS uses cookies and similar technologies to keep you logged in, remember your preferences, and improve your experience. We use the following types of cookies:

  • Essential Cookies: Required for the platform to function. These cannot be disabled.
  • Analytics Cookies: Help us understand how users interact with EMS so we can improve it.
  • Preference Cookies: Remember your settings such as language and layout preferences.

You can control cookies through your browser settings. Note that disabling essential cookies may prevent EMS from working correctly.

7. Advertising

EMS's public-facing website (home, about, contact pages) may display advertisements served by third-party advertising networks, including Google AdSense.

About Google AdSense

Google AdSense is a service provided by Google LLC. Google uses cookies to serve ads based on your prior visits to this and other websites. You may opt out of personalized advertising by visiting Google Ads Settings.

  • Google AdSense may use cookies to track user behavior for ad personalization
  • Third-party vendors, including Google, use cookies to serve ads based on prior visits
  • Users may opt out of personalized ads via aboutads.info
  • Our internal EMS dashboard (admin/employee portals) does not display advertisements

Advertisements are only shown on public pages. Your workplace data, attendance records, and organizational information are never used for ad targeting purposes.

8. Data Security

We implement industry-standard security measures to protect your data from unauthorized access, disclosure, alteration, or destruction:

  • All data is encrypted in transit using TLS (HTTPS)
  • Passwords are hashed using secure cryptographic algorithms
  • Regular security audits and vulnerability assessments
  • Access controls ensuring only authorized personnel can access systems
  • Automated monitoring for suspicious activity

While we take every precaution, no system is 100% secure. In the event of a data breach affecting your information, we will notify affected users as required by applicable law.

9. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Specifically:

  • Account data is retained while your organization account is active
  • Attendance and leave records are retained for up to 3 years for compliance purposes
  • Screen monitoring data is retained for a maximum of 90 days
  • Upon account deletion, personal data is removed within 30 days
  • Some data may be retained longer if required by law

10. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request that we correct inaccurate or incomplete data
  • Deletion: Request deletion of your personal data (subject to legal obligations)
  • Portability: Request your data in a portable, machine-readable format
  • Objection: Object to certain types of processing, such as marketing
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at privacy@yourdomain.com.

11. Children's Privacy

EMS is designed for use by adults in a professional workplace context. Our platform is not intended for use by individuals under the age of 18.

We do not knowingly collect personal information from anyone under the age of 18. If you believe we have inadvertently collected such data, please contact us immediately and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we will:

  • Update the "Last Updated" date at the top of this page
  • Notify active users via email or an in-platform notification
  • Provide a summary of the key changes made

Continued use of EMS after any changes constitutes your acceptance of the updated policy. We encourage you to review this page periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to all privacy-related inquiries within 10 business days.