Privacy Policy

Last updated: May 11, 2026 · Applies to the HRFlowTech web application and the HRFlowTech mobile app (Android package com.hrflowtech.hrpro_mobile, iOS bundle com.hrflowtech.hrpro-mobile).

1. Introduction

IGEARS TECHNOLOGY LIMITED ("HRFlowTech", "we", "us", "our") operates the HRFlowTech multi-tenant HR SaaS platform and its companion mobile app. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the rights you have over it. It is written to satisfy the disclosure requirements of the Google Play Developer Policy (User Data and Account Deletion), the Google Play Generative AI policy, the Apple App Store Review Guidelines (1.2, 4.7, 5.1.1, 5.1.1(v)), the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Hong Kong Personal Data (Privacy) Ordinance (PDPO, Cap. 486), and the Personal Data Protection Acts of Singapore and Malaysia (PDPA).

HRFlowTech is provisioned per tenant (an employer organisation). When you use the mobile app or web app, you do so as an employee or HR administrator of that tenant. The tenant is the data controller of employment records; HRFlowTech acts as the data processor on the tenant's behalf.

2. Data we collect from the mobile app

2.1 Account information

Tenant domain or workspace identifier
Login identifier (email address or assigned username)
Staff ID, full name, position, department, and hire date supplied by the tenant administrator

2.2 Employment data

Attendance punch records — in/out timestamps, the punch type, and (when the tenant has explicitly enabled location verification) the coarse location of the punch
Leave requests — leave type, start and end dates, and any reason text you provide
Payslip data — gross amounts, deductions, allowances, and net pay rendered to you for self-service viewing
Employee directory entries — the same name/position/department visible to your colleagues inside your tenant workspace

2.3 AI Assistant communications

If you use the in-app AI Assistant, the prompts you send (HR policy questions, leave-message drafts, payroll anomaly queries) and the AI's responses are processed to generate replies. See our AI Use & Safety Policy for full detail, including the model provider, retention, and the safety filters we apply.

2.4 Authentication tokens

The mobile app stores a session token on your device using the operating system's encrypted secure storage (Android Keystore / iOS Keychain). Tokens are never copied to our analytics servers and are revocable from the web admin.

2.5 Device information

We log a small amount of device metadata for security and crash diagnostics:

Operating system name and major version (e.g. "Android 14", "iOS 17")
App version
Approximate IP-based country (for audit logs)

The mobile app does not request or collect: Advertising ID (IDFA / GAID), precise GPS location, contacts, calendar, microphone, camera, photo library, SMS, call logs, or installed-app inventory. It does not embed third-party advertising or analytics SDKs.

3. How we use your information

Provide HR self-service features (attendance, leave, payslips, directory) to authenticated employees of the tenant
Generate AI Assistant responses to your prompts
Maintain security and audit logs (login events, sensitive admin actions)
Comply with statutory record-keeping obligations (e.g. payroll/tax retention)
Diagnose crashes and operational issues

We do not use your data for advertising, profile-building, or sale to third parties.

4. Third-party processors

We engage the following sub-processors. Each is bound by a data-processing agreement; transfers outside your jurisdiction rely on Standard Contractual Clauses or equivalent safeguards.

Cloud hosting — AWS and/or Google Cloud Platform (TODO: confirm primary region and provider before publishing)
AI model provider — TODO: confirm whether OpenAI, Anthropic, or Google Vertex AI is used in production; update AI Policy with the same name
Transactional email — SMTP provider configured per-tenant (TODO: confirm default fallback provider, e.g. Amazon SES, Postmark, Resend)
Payments — Stripe (web only; not used in the mobile app)
Push notifications — Apple Push Notification service and Firebase Cloud Messaging for delivery only; payloads contain no personal content beyond a short notification title
Crash reporting — TODO: confirm whether Sentry / Crashlytics / none

We do not sell personal data.
We do not share personal data with advertising networks or data brokers.
We share data with the sub-processors listed above strictly to operate the Service.
Within your tenant, your data is visible to authorised HR administrators and, where required by their role, to your direct managers.
We disclose data when compelled by valid legal process, or to protect the rights, property, or safety of HRFlowTech, our users, or the public.

6. Retention

Account and operational data are retained for the duration of your employment at the tenant, plus a reasonable wind-down period.
Statutory payroll, MPF, and tax records are retained for the period required by law — seven (7) years in Hong Kong under the Inland Revenue Ordinance, with comparable periods in other jurisdictions.
AI Assistant chat logs are retained for 90 days for safety review, then deleted.
Audit logs are retained for 12 months.
You can request earlier deletion via the Account Deletion page; the response timeline and the data classes affected are described there.

7. Your rights

Depending on where you live, you have rights to:

GDPR (EEA / UK) — access, rectification, erasure, portability, restriction, objection, and the right to lodge a complaint with a supervisory authority.
CCPA / CPRA (California) — right to know, right to delete, right to correct, right to limit use of sensitive personal information, and right to opt out of sale or sharing. We do not sell or share your personal information for cross-context behavioural advertising, so the opt-out is satisfied by default.
PDPO (Hong Kong) — data access and correction requests under sections 18 and 22.
PDPA (Singapore / Malaysia) — access, correction, and withdrawal of consent.

To exercise any of these rights, email [email protected] or use the Account Deletion form. Because employment records are jointly controlled with your employer, we may need to coordinate the request with your tenant's HR administrator before completing it.

8. Children

HRFlowTech is a workplace tool for adults. The service is not directed at, and we do not knowingly collect personal data from, individuals under the age of 16. If you believe a child has used the service, contact [email protected] and we will delete the relevant records.

9. International transfers

Your data may be processed in jurisdictions other than your own, primarily Hong Kong, Singapore, the United States, and the European Union, depending on your tenant's hosting region. Cross-border transfers rely on the European Commission's Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, or recognised equivalents.

10. Security

TLS 1.2+ for all data in transit between the mobile app, the web app, and our servers
AES-256 encryption for data at rest in our managed databases
Tokens stored only in OS-level secure storage on the device (Keychain / Keystore)
Server-side role-based access control, audit logs, CSRF protection, and password hashing with modern algorithms
Regular dependency and vulnerability scanning

11. Changes to this policy

When we make material changes, we will update the "Last updated" date and, for changes that materially affect your rights, send a notice through the app and to your tenant's primary email address at least 30 days before the change takes effect.

12. Contact

IGEARS TECHNOLOGY LIMITED
Email: [email protected]
Postal address: #307, 9488 51 Avenue, Edmonton, AB, T6E 5A6, Canada
EU/UK representative: TODO: appoint an Article 27 representative if you have EU/UK end users