Privacy Policy

Last updated: January 1, 2025

Summary: The StaffBook collects and uses your data solely to provide and improve the HR management service. We never sell your data to third parties, and we take your privacy seriously. This policy explains what we collect, how we use it, and what rights you have.

1 Information We Collect

1.1 Account Information

When you register, we collect your name, email address, company name, and password. This information is used to create and manage your account.

1.2 Employee Data

As an HR platform, we store employee data that you enter into the system, including but not limited to: personal information (name, contact details, date of birth), employment details (department, designation, salary), attendance records, leave history, and documents.

1.3 Usage Data

We automatically collect information about how you use our service, including IP addresses, browser type, pages visited, time spent, and actions taken within the platform.

1.4 Payment Information

If you subscribe to a paid plan, payment information is processed by our payment partners (Stripe/Razorpay). We do not store complete credit card numbers on our servers.

2 How We Use Your Information

  • Provide, operate, and maintain the StaffBook service
  • Process transactions and manage subscriptions
  • Send service-related emails (account confirmations, password resets, system notifications)
  • Improve, personalize, and expand our service
  • Understand usage patterns to optimize the platform
  • Send occasional marketing communications (you can opt out anytime)
  • Comply with legal obligations and resolve disputes
  • Detect and prevent fraud or security incidents

3 Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share data only in the following circumstances:

  • Service Providers: We work with trusted third-party services (cloud hosting, email delivery, payment processing) who access data solely to perform services on our behalf.
  • Legal Requirements: We may disclose information if required by law, regulation, or valid legal process.
  • Business Transfers: In the event of a merger or acquisition, user data may be transferred as part of the business assets, with advance notice provided.
  • With Your Consent: We may share data for any purpose with your explicit consent.

4 Data Security

We implement industry-standard security measures to protect your data:

  • • All data is encrypted in transit using TLS 1.3
  • • Passwords are hashed using bcrypt with salt rounds
  • • JWT-based authentication with configurable expiry
  • • Role-based access control (RBAC) limits data exposure
  • • Complete audit trails for all actions within the system
  • • Regular security audits and vulnerability assessments
  • • Data hosted on AWS with SOC 2 certified infrastructure

5 Your Rights

You have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data (subject to legal retention requirements).
  • Portability: Request export of your data in a machine-readable format.
  • Opt-out: Opt out of marketing communications at any time.
  • Restriction: Request restriction of processing in certain circumstances.

To exercise these rights, contact us at privacy@thestaffbook.com.

6 Cookies

We use essential cookies to maintain your session and preferences. We do not use advertising cookies. You can control cookies through your browser settings, but disabling cookies may affect platform functionality.

7 Data Retention

We retain your data for as long as your account is active or as needed to provide services. Upon account termination, we will delete your data within 90 days, except where retention is required by law.

8 Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or prominent notice in the application. Your continued use of the service after changes constitutes acceptance of the updated policy.

Contact Us About Privacy

For privacy-related questions or concerns:

privacy@thestaffbook.com Contact Form