1. What Data We Process
- Account data: name, email, role, branch assignment, and authentication metadata.
- Business data: accounting records, contacts, invoices/quotations, inventory and finance entries.
- HR data (if enabled): employee records, leave requests, timesheets, and related approvals.
- Technical data: audit logs and security events associated with actions performed in the system.
2. Why We Process Data
- To provide system functionality (accounting, finance, inventory, HR modules).
- To enforce permissions and business scoping (role-based access control).
- To secure the platform, detect abuse, and support auditing and troubleshooting.
3. Access Controls
Access is controlled by user roles and permissions. Users should only see information for the business they are assigned to, subject to administrator configuration.
4. Sharing
Data is intended for use within your organization. Data may be shared with authorized administrators and users as required for operations. Any external sharing should follow your organization’s policies and applicable law.
5. Retention
Records and audit logs may be retained to meet operational, reporting, and compliance needs. Retention periods depend on your organization’s requirements and configuration.
6. Security
- Connections are protected using HTTPS/TLS where deployed correctly.
- Audit logging may record actions for security and accountability.
- Two-factor authentication may be available for additional protection.
7. Your Responsibilities
- Only access data you are authorized to access.
- Report suspected security incidents to your administrator.
- Use exports responsibly and protect downloaded files.
8. Questions
For privacy questions, contact your system administrator.
This page is a practical privacy notice for system users. If you need jurisdiction-specific or regulatory language, adapt this text to your organization’s requirements.