Corarl Cloud Human Resource Management System
Last updated 12 April 2022
1. WHAT TYPES OF DATA DO WE COLLECT?
1.1. During the signing of a contract between you and Corarl for the Corarl HR product, we collect your company name, address, payment details
1.2. When you log in to Corarl HR, your IP address, browser type, date, time, and any errors are automatically collected
1.3. While using the features in Corarl HR, the content you enter into Corarl HR to run your business is collected
1.4. When you seek our Support, your email, name, browser information, and content in the chat message is collected
1.5. When you use the feature: Mobile Time Clock GPS in Corarl HR to clock in or out, we collect your Location Data for attendance purpose
1.6. Your email address is collected.
2. HOW DO WE USE YOUR DATA?
We may use your personal information provided for the following:
2.1. To enable your subscription and account to use our service;
2.2. To process your payment for the use of Corarl HR;
2.3. To provide support to you when needed;
2.4. To provide you the features embedded in Corarl HR;
2.6. To communicate with you;
2.7. To verify your identity; and
2.8. To comply with laws and regulations in applicable jurisdictions.
We may use your non-personally identifiable data to:
2.9. Measure the usage of different features within Corarl HR so that we can make updates and improvements in these features to better suit your needs;
2.10. Provide you with training related to Corarl HR; and
2.11. Otherwise improve Corarl HR.
3. DO WE SHARE YOUR DATA?
3.1. Corarl does not sell or rent your content to any third party. Corarl does securely transmit limited data to third parties who have stringent privacy policies and who safeguard your limited data to provide you support and push notifications.
3.2. Corarl may use third-party services. No more Data than necessary is shared with these services and Corarl assures the third party services used adhere to strict privacy standards.
3.3. Corarl does not disclose, communicate or make any of your or your employees’ Data available to third parties without your permission, unless:
a. it is required or permitted by applicable law or Court’s order; to which we will notify you;
b. we are required to do so in order to meet our obligations to any relevant regulatory authority; to which we will notify you;
c. permission has been granted by the Client’s relevant individual decision-maker.
4. WHAT PERSONAL DATA DO WE STORE OF YOUR EMPLOYEES?
4.1. We securely store such personal data of your employees that you or your company’s representative provide.
4.2. Your employees’ Data stored with us may be the following:
b. Date of birth
c. Professional details and fringe benefits
d. Home address
f. Phone number
g. Email address
h. Banking details
i. Passport id number and national id number
j. We collect fingerprint templates when they migrate them from their fingerprint device to our system or register employee’s fingerprints through our system
k. We collect employee’s time log when they sync or download time log from the device to our system
l. Profiling details (including annual/monthly income, marital status, occupation, residency status, gender, highest completed level of education, photos/images)
4.3. We may also store certain sensitive categories of your employees’ Data. Such categories consist of biometric information (passport copy), medical information (blood types) and religious or philosophical belief.
5. HOW DO WE PROTECT AND SECURE THIS DATA?
5.1. We securely transmit your data by encrypting it to store on our servers which have SSL Certificates and securely protect such information as passwords, bank account information with encryption. Your contact information is also securely stored.
5.2. We understand your HR information is confidential and we take the necessary precautions to ensure your information is not shared or disseminated without your prior approval.
5.3. As part of our business practices, we limit employee access to confidential information, such as: employment history, residential address, salary, bank account information, passport or identification number and limit the use and disclosure of such information to authorized persons only.
5.5. Our employees are trained to handle your Data securely and with utmost respect and confidentiality.
5.6. The security of your Data is important to us and Corarl uses commercially acceptable means to protect it. However, this shall not be interpreted as Corarl’s guarantee for an absolute security of your Data as no method of transmission over the Internet, or method of electronic storage, is 100% secure.
5.7. Corarl uses physical, electronic, technical and administrative safeguards to protect your Personal Data stored on Corarl HR from loss, misuse and unauthorized access, disclosure, alteration and destruction.
5.8. In addition, our business practices are reviewed periodically for compliance with policies and procedures governing the security and confidentiality of your information.
6. HOW DO WE ENSURE THE ACCURACY OF DATA IN CORARL HR?
6.1. As you are the person responsible for entering data into Corarl HR, you are responsible for the accuracy of the information and data you input. Any user can update his/her user information.
6.4. If you observe or believe that your Personal Data stored on Corarl HR and held by us is incorrect, inaccurate, incomplete, out-of-date, irrelevant or misleading, contact your Admin User. If you observe or believe your Personal Data has been modified without your permission and/or knowledge, please immediately notify or advise us by email at Support@Corarl.com. Corarl can assist you to access and correct, update or modify your Personal Data.
6.5. Data of your employees will be deleted from our records when you perform the action to erase any employee’s Data, or 30 days after the termination of our business relationship.
6.6. For Corarl to provide you with support, you must also assist Corarl HR with any requests for information during the support process.
7. WHAT IS OUR COOKIES POLICY?
7.1. Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer’s hard drive.
7.2. You can change your setting to have your browser notify you when you receive a cookie or refuse all cookies. If you do not accept cookies from our website, you may not be able to access some portions of our website and thus not be able to use some functions ordinarily performed by our website.
a. To collect information;
b. To improve the user experience on the website;
c. To assist us in monitoring the performance of the website, application;
d. To remember your preferences;
e. To monitor traffic on the website; and
f. To assist the website in functioning properly.
10. RIGHTS OF DATA SUBJECTS
As an employee, you have the possibility to claim the following rights regarding the use of your Data. Please direct such claims towards your employer.
10.1. Right to be forgotten
You have the right to request that your employer deletes any Data that we process about you. The Data will be deleted from our records when such action is performed by your employer. If the Data is needed for fulfillment of our contractual duties towards your employer, we will however not delete the information until the Data is no longer needed.
10.2. Right to access
You have, at any time, the right to receive confirmation from your employer as to whether Data concerning you are being processed. You have also the right to access that Data and to receive the following information:
a. The purposes of the processing
b. The categories of Data concerned
c. The recipients or categories of recipients to whom Data have been or will be disclosed
d. The envisaged period for which the personal data will be stored, or the criteria used to determine that period
e. The existence of automated decision-making and profiling
10.3. Right to rectification
You have, at any time, the right to demand us, by submitting your request to your employer, to correct any inaccurate personal data within a month’s time. You have also the right to complete incomplete personal data, taking into account our purposes of the processing, by the means of providing a supplementary statement.
10.4. Right to restriction of processing
You have, instead of demanding us to delete any data, the right to demand us to restrict our processing of your personal data by submitting your request to your employer. This may be achieved if
a. You have reason to believe that the accuracy of the Data is not correct, and the restriction shall be in place during a period that allows us to verify the accuracy of the Data
b. The processing is unlawful but you don’t want us to delete the Data
c. We no longer need the Data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims
d. You have objected to processing concerning profiling or automated decision-making, whereby a restriction shall be obtained during the period when we assess whether our legitimate ground for the processing override your legitimate ground.
10.5 Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you by directing such objection to your employer. This can be done when the Data is processed as part of automated decision-making, including profiling, and direct marketing, if such processing would be carried out (see “4. What personal data do we store of your employees” above).