SGPAY Mobile Application Privacy Policy
Last Updated: 15 January 2025
SGPAY is committed to protecting your privacy. This policy explains how our mobile applications (Android/iOS) collect, use, and safeguard your data while performing HR operations, including attendance tracking (clock in/out), leave management, reimbursement claims, and payslip viewing.
1. Information We Collect
Personal Information: We collect professional details provided by your employer, including your full name, employee ID, company email address, phone number, and home address.
Location Data: When using the "Clock In/Out" feature, we collect your precise geographic location to verify your work site. This data is only captured at the moment of the action; we do not track your location in the background.
Camera & Media: We request access to your camera and photo library specifically for uploading supporting documents for reimbursement claims or updating your profile picture.
Device Information: We may collect basic device info (model, OS version) to ensure compatibility and for security monitoring.
2. Data Storage & Security
Encryption: All data is encrypted in transit (using SSL/TLS) and at rest on our secure servers.
Data Retention: We retain personal data only as long as your employment record is active or as required by Singapore's statutory tax and employment laws. Once no longer required, data is securely purged or anonymized.
3. Use of Information
- HR Operations: To process leave applications, calculate overtime, and manage expense claims.
- Payroll: To generate accurate monthly payslips based on attendance and claim data.
- Verification: To confirm your presence at authorized work locations during clock-in events.
4. Data Sharing
Third Parties: SGPAY does not sell, trade, or rent your personal data to third parties. Data is shared only with your employer’s authorized HR personnel.
Legal Requirements: We may disclose information only if required by law, such as to comply with a subpoena or similar legal process in accordance with the PDPA.
5. Your Rights
Access and Correction: You may view and edit your profile information directly within the app or through your HR department.
Account Deletion: You have the "Right to be Forgotten." You may request the deletion of your account, subject to your employer's data retention obligations under Singapore labor law.
6. Security & Fraud Prevention
Two-Factor Authentication (2FA): We support 2FA via Email OTP or Microsoft Azure Active Directory to ensure only authorized users access sensitive payroll data.
Integrity Checks: To prevent attendance fraud (GPS spoofing):
- The app will block clock-in actions if a VPN is active.
- On Android devices, Developer Options must be disabled to ensure location accuracy.
Regular Audits: We conduct periodic vulnerability assessments to ensure your data remains protected against emerging threats.
7. Compliance & Governance
PDPA Compliance: Our practices align with the Singapore Personal Data Protection Act (PDPA).
Data Breach Protocol: In the unlikely event of a data breach, SGPAY follows a strict notification procedure to inform the Personal Data Protection Commission (PDPC) and affected users within the mandated timeframe.
8. Service & Support
(a) Technical Assistance:
- Check our website FAQ for quick troubleshooting.
- Email Support: support@sgpays.com
- Help Desk Hotline: +65 6331 2283
(b) Service Availability: We aim for a 99.5% uptime. Scheduled maintenance is typically performed during off-peak hours, with notifications posted on our official website.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Significant changes will be notified via an in-app alert or email notification.
10. Contact Information
For inquiries regarding this policy or data protection, please reach out to our Data Protection Officer at:
📧 Email: sales@sgpays.com
📞 Phone: +65 6331 2283
📍 Address: Singapore (Main Office)