Privacy Policy

Last updated: December 24, 2025

1. Introduction

Welcome to AIHR ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our HR software platform.

If you have any questions or concerns about this privacy notice, or our practices with regards to your personal information, please contact us at [email protected].

2. Information We Collect

We collect personal information that you voluntarily provide to us when you register on the website, express an interest in obtaining information about us or our products and services, when you participate in activities on the website, or otherwise when you contact us.

Personal Information

• Contact Data: Name, email address, phone number, company name
• Account Credentials: Username, password, security questions
• Payment Data: Billing address, payment card details (processed securely via third-party providers)
• Employee Data: HR records, payroll information, attendance logs (if you are an employer using our platform)
• Usage Data: IP address, browser type, device information, pages visited, time spent on pages

3. How We Use Your Information

We use personal information collected via our website for a variety of business purposes:

• To provide, operate, and maintain our HR software services
• To process transactions and send related information (invoices, confirmations)
• To send administrative information (updates, security alerts)
• To respond to customer service requests and support needs
• To improve our website and services based on user feedback
• To send marketing and promotional communications (with your consent)
• To comply with legal obligations and enforce our terms

4. Legal Basis for Processing (GDPR)

If you are a resident of the United Kingdom or European Economic Area (EEA), we process your personal data under the following legal bases:

• Consent: You have given explicit consent for us to process your data for specific purposes
• Contract Performance: Processing is necessary to fulfill our contract with you (e.g., providing HR services)
• Legal Obligation: We must process your data to comply with legal requirements
• Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., fraud prevention, improving services)

5. Sharing Your Information

We only share information in the following situations:

• With Your Consent: We may share your information with third parties when you have given us explicit permission
• Service Providers: We share data with trusted third-party vendors who assist us in operating our platform (e.g., payment processors, cloud hosting providers)
• Legal Requirements: We may disclose your information if required by law or in response to valid legal requests
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When you cancel your account, we will delete or anonymize your data within 90 days, except where we are legally required to retain it.

7. Your Privacy Rights

For UK & EU Customers (GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights:

• Right to Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data
• Right to Restrict Processing: Request that we limit how we use your data
• Right to Data Portability: Request a copy of your data in a machine-readable format
• Right to Object: Object to processing based on legitimate interests or direct marketing
• Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)

To exercise any of these rights, please contact us at [email protected]. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) or your local data protection authority.

For Indian Customers

In compliance with the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, Indian customers have the right to:

• Review and update their personal information
• Withdraw consent for data processing (subject to contractual obligations)
• Request deletion of personal data after account closure

We implement reasonable security practices and procedures to protect your sensitive personal data. For any privacy-related concerns, please contact us at [email protected].

8. Security of Your Information

We use administrative, technical, and physical security measures to help protect your personal information, including:

• SSL/TLS encryption for data transmission
• AES-256 encryption for data at rest
• Regular security audits and vulnerability assessments
• Access controls and authentication mechanisms
• Employee training on data protection best practices

While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.

9. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your country of residence. We ensure that such transfers comply with applicable data protection laws, including the use of Standard Contractual Clauses (SCCs) approved by the European Commission for transfers outside the EEA.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our website and store certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our service.

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us at [email protected] immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

13. Contact Us

If you have questions or comments about this policy, or wish to exercise your privacy rights, please contact us: