Privacy Policy

Last Updated: May 25, 2025

1. Introduction

HRMS Invent ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our HRMS software and services (collectively, the "Service").

This Privacy Policy complies with the General Data Protection Regulation (GDPR) and the Protection of Personal Information Act (POPIA) of South Africa. Please read this Privacy Policy carefully. By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy.

2. Information We Collect

2.1 Personal Information

We may collect personal information that you voluntarily provide to us when you:

  • Register for an account
  • Use our Service
  • Contact us for support
  • Subscribe to our newsletters
  • Participate in surveys or promotions

This information may include:

  • Name and contact information (email address, phone number, physical address)
  • Company information
  • Employee data (when provided by your organization)
  • Payment information
  • Communication preferences

2.2 Automatically Collected Information

When you access our Service, we may automatically collect certain information about your device, including:

  • IP address
  • Browser type
  • Operating system
  • Access times
  • Pages viewed
  • Time spent on pages
  • Links clicked

3. How We Use Your Information

We may use the information we collect for various purposes, including to:

  • Provide, maintain, and improve our Service
  • Process transactions and send related information
  • Send administrative information, such as updates, security alerts, and support messages
  • Respond to your comments, questions, and requests
  • Personalize your experience and deliver content relevant to your interests
  • Monitor and analyze trends, usage, and activities in connection with our Service
  • Detect, investigate, and prevent fraudulent transactions and other illegal activities
  • Comply with legal obligations

4. Legal Basis for Processing (GDPR & POPIA)

We process your personal information on the following legal bases:

  • Performance of a Contract: When we provide you with products or services, or communicate with you about them.
  • Legitimate Interests: To operate and improve our business, and to detect and prevent fraud.
  • Consent: When you have given us permission to process your personal information for specific purposes.
  • Legal Obligations: To comply with applicable laws and regulations.

5. Information Sharing and Disclosure

We may share your information in the following circumstances:

  • Service Providers: We may share your information with third-party vendors, service providers, contractors, or agents who perform services on our behalf.
  • Business Transfers: If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.
  • Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities.
  • Protection of Rights: We may disclose your information to protect our rights, privacy, safety, or property, and that of our users or others.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized or unlawful processing, accidental loss, destruction, or damage. However, please note that no method of transmission over the Internet or electronic storage is 100% secure.

7. International Data Transfers

Your information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction. If you are located outside South Africa or the European Economic Area (EEA) and choose to provide information to us, please note that we transfer the information to South Africa and process it there.

When we transfer personal information from the EEA to countries that do not provide an adequate level of protection, we implement appropriate safeguards, such as standard contractual clauses approved by the European Commission.

8. Your Rights (GDPR & POPIA)

Under GDPR and POPIA, you have certain rights regarding your personal information, including:

  • Right to Access: You can request a copy of the personal information we hold about you.
  • Right to Rectification: You can request that we correct inaccurate or incomplete information about you.
  • Right to Erasure: You can request that we delete your personal information in certain circumstances.
  • Right to Restrict Processing: You can request that we restrict the processing of your personal information in certain circumstances.
  • Right to Data Portability: You can request a copy of your personal information in a structured, commonly used, and machine-readable format.
  • Right to Object: You can object to our processing of your personal information in certain circumstances.
  • Right to Withdraw Consent: If we process your personal information based on your consent, you have the right to withdraw your consent at any time.

To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

9. Data Retention

We will retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the information, and whether we can achieve those purposes through other means.

10. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us, and we will take steps to delete such information.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us:

  • By email: privacy@hrmsinvent.com
  • By phone: +27 12 741 3400
  • By mail: Unit 5 Gateway Landing, Banghoek Crescent, Willow Park Manor

For data protection matters, you can also contact our Data Protection Officer at dpo@hrmsinvent.com.