Data Safety Summary

Last updated: May 11, 2026 · Single source of truth for the Google Play Data Safety form and the Apple App Store App Privacy nutrition labels.

This page lists every category in Google Play's Data Safety form, in order, with the answers we provide for the HRFlowTech mobile app (com.hrflowtech.hrpro_mobile). The same answers populate the Apple App Privacy section in App Store Connect. The full narrative is in the Privacy Policy.

Across the entire app:

All collected data is encrypted in transit (TLS 1.2+).
Users can request deletion of their data on the Account Deletion page or in-app at Profile → Delete my account.
We follow the Google Play Families policy: the app is not directed to children.
We have committed to follow the Google Play Developer Policy and have completed a security review.
No data is shared with advertising networks or data brokers. No data is sold.

Personal info

Type	Collected?	Shared?	Optional?	Purpose
Name	Yes	No	Required (set by tenant)	Account management, app functionality
Email address	Yes	No	Required	Account management, communications
User IDs (staff ID, tenant ID)	Yes	No	Required	Account management, app functionality
Address	No	—	—	—
Phone number	Optional (only if added to employee profile)	No	Optional	Account management
Race, ethnicity, sexual orientation, political views, religious beliefs	No	—	—	—
Other personal info (position, department, hire date)	Yes	No	Required (set by tenant)	App functionality

Financial info

Type	Collected?	Shared?	Optional?	Purpose
Payment info	No (Stripe handles billing on the web only)	—	—	—
Purchase history	No	—	—	—
Credit score	No	—	—	—
Other financial info (payslip data, salary, deductions)	Yes — visible to the employee only	No	Required by tenant	App functionality (payroll self-service)

Health and fitness

Not collected.

Messages

Type	Collected?	Shared?	Optional?	Purpose
Emails	No	—	—	—
SMS or MMS	No	—	—	—
Other in-app messages (AI Assistant prompts and replies)	Yes	Sent to the AI model provider for processing only; not used for training	Required when using the Assistant	App functionality (AI Assistant)

Photos and videos

Not collected.

Audio files

Not collected. The app does not access the microphone.

Files and docs

Not collected. Payslip PDFs are streamed from server to device for viewing; they are not uploaded from the device's file system.

Calendar

Not collected.

Contacts

Not collected.

App activity

Type	Collected?	Shared?	Optional?	Purpose
App interactions (attendance punches, leave submissions, payslip views)	Yes	No	Required by tenant	App functionality
In-app search history	No	—	—	—
Installed apps	No	—	—	—
Other user-generated content	Yes (leave reasons, AI Assistant prompts)	No	Optional	App functionality
Other actions	No	—	—	—

Web browsing

Not collected.

App info and performance

Type	Collected?	Shared?	Optional?	Purpose
Crash logs	Yes — aggregated, no user content	TODO: confirm whether sent to a third-party crash service (Sentry / Crashlytics) before publishing	Required	App diagnostics
Diagnostics (OS version, app version)	Yes	No	Required	App diagnostics
Other app performance data	No	—	—	—

Device or other IDs

Type	Collected?	Shared?	Optional?	Purpose
Device or other IDs (push token, device install ID)	Yes	Sent to APNs / Firebase Cloud Messaging for push delivery only	Required for push notifications; user can disable in OS settings	App functionality (push notifications, security)
Advertising ID (IDFA / GAID)	No	—	—	—

Location

Type	Collected?	Shared?	Optional?	Purpose
Approximate location	Optional — only when the tenant has enabled location-verified attendance and the user has granted permission	No	Optional — user can deny the OS permission	App functionality (attendance verification)
Precise location	No	—	—	—