Notifications Mark all as read
New message in Chat 2m
Report ready to view 1h
New login from Chrome 3h
View all
Login

Privacy Policy

ERPwebApp Enterprise Platform
This policy explains how ERPwebApp collects, manages, protects, and processes all personal and business data. By using our application, you accept these practices.

1. Data We Collect

HR & Employee Data
  • Employee profiles, national ID, birthdate, gender, and documents
  • Contact details: phones, emails, addresses, emergency contacts
  • Banking and salary payout information
  • Employment contracts & records
Organizational Data
  • Company structure: Companies, Departments, Sections, Projects, Sites, Holdings
  • Role assignments & hierarchical relationships
  • Standardized references (countries, currencies, governorates, etc.)
Attendance, Payroll & KPIs
  • Attendance logs, absences, overtime
  • Payslips, benefits, deductions, period history
  • Performance goals and KPI evaluations
  • Recruitment processes and candidate records
Audit Logs & Permissions
  • Traceability (AuditLogs, AuditLogEmails, EmailScheduleLogs)
  • User-company assignments and permissions (ApplicationUserCompanies, ActionPermissions)

2. How We Use Your Information

  • Manage HR, attendance, payroll, and employee lifecycle
  • Analyze performance via KPIs and managerial reports
  • Enforce secure authentication, authorization, and auditing
  • Improve usability and regulatory compliance

3. Data Retention & Security

Encryption: Sensitive data is encrypted at rest and in transit (TLS).
Access Control: Role-based and company-scoped permissions limit data visibility.
Data is retained only as long as necessary for operational, legal, or compliance requirements, and is securely purged once obsolete.

4. Audit & Logging

Full Traceability
  • Each CRUD action logs entity name, record ID, action type, user, machine, IP, and timestamp.
  • Periodic reviews detect suspicious activity and ensure accountability.

5. User Responsibilities

Important: Protect your credentials and log out after each session.
  • Access only data authorized for your role/company
  • Comply with internal data protection and retention policies
  • Report suspected account compromise immediately

6. Third‑Party Integrations

External systems (email, attendance devices, regulatory APIs) must satisfy ERPwebApp security controls and audit standards.
  • External email notifications are logged and auditable.
  • Device-imported attendance is processed only for authorized users.

7. Detailed Technical Information

System Architecture:
  • Multi-tenant data isolation with claims-based authorization
  • Secure identity and password management
  • Scoped access per company and role
Backup & DR:
  • Encrypted daily backups, secure storage
  • Redundancy for business continuity
Compliance:
  • Aligns with applicable privacy regulations and local laws

8. Your Rights & Requests

  • Request access to your personal/employee information
  • Request correction or deletion of inaccurate/obsolete data
  • Withdraw consent where permitted by law or policy
  • Receive notifications about policy changes
Route requests via your system administrator or IT contact; legal and policy constraints may apply.

9. Updates to this Policy

This policy is reviewed regularly; significant changes are communicated to all users and reflected on this page.
  • Update notifications appear within ERPwebApp
  • Revision date displayed below

10. Contact & Support

Contact our technical support team for:
  • Privacy questions or complaints
  • Data access, correction, or erasure requests
  • Security incident reporting
Email: [email protected]
Last updated: ديسمبر 15, 2025