Back to Home

Privacy Policy

Last Updated: April 1, 2026

1. Introduction

PeopleFlow ("we," "our," or "us") is committed to protecting the privacy and security of the personal information entrusted to us by our clients and their employees. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our enterprise Human Resource Management System ("HRMS") platform and related services.

2. Information We Collect

2.1 Account Information

When you register for PeopleFlow, we collect your organization name, administrator contact details (name, email, phone), and billing information. This information is necessary to provision and maintain your account.

2.2 Employee Data

As an HRMS platform, PeopleFlow processes employee data on behalf of your organization ("Data Controller"). This may include names, national IDs, contact information, salary details, attendance records, leave history, and biometric device identifiers. We process this data solely as a "Data Processor" under your organization's instructions.

2.3 Usage Data

We automatically collect information about how you interact with our platform, including IP addresses, browser type, pages visited, feature usage patterns, and session duration. This data helps us improve the platform and troubleshoot issues.

3. How We Use Your Information

  • To provide, operate, and maintain PeopleFlow services
  • To process payroll, attendance, leave, and compliance calculations
  • To support Bangladesh labour-law-oriented reporting and review workflows
  • To send transactional notifications (payslips, approval requests, alerts)
  • To provide customer support and respond to inquiries
  • To detect, prevent, and address technical issues and security threats
  • To generate anonymized, aggregated analytics for platform improvement

4. Data Security

We implement security measures appropriate for a beta SaaS product, including role-based access controls, tenant-scoped application logic, secure transport in production hosting, and deployment guidance for protected databases and caches. Additional security controls may depend on the customer's hosting and infrastructure configuration.

5. Data Retention

We retain your organization's data for the duration of your service agreement plus 90 days. Upon account termination, all data is permanently deleted from our primary systems within 90 days and from backup systems within 180 days. You may request early deletion at any time by contacting our support team.

6. Third-Party Services

We may use carefully vetted third-party services for hosting (cloud infrastructure), email delivery, payment processing, and error monitoring. These providers are contractually obligated to maintain the same level of data protection as PeopleFlow.

7. Your Rights

Organizations and their authorized administrators have the right to access, correct, export, or delete employee data processed through PeopleFlow. All data export requests are fulfilled within 72 hours in standard formats (CSV, Excel, PDF).

8. Contact Us

For privacy-related inquiries, contact our Data Protection Officer at privacy@ailearnersbd.com or write to us at: AI Learners BD, Dhaka, Bangladesh.

© 2026 PeopleFlow. Architected by Sharif Mohammad Nasrullah. All rights reserved.