Effective Date: 6 March 2026 | Last Updated: 16 March 2026
This Privacy Policy describes how Saral HR ("we", "us", or "our") collects, uses, and protects your personal information when you use the Saral HR platform, the Saral Staff mobile application ("App"), and related services.
1. Information We Collect
1.1 Information You Provide
- Account Information: Business name, admin name, email address, phone number, and password when registering.
- Staff Data: Names, roles, contact details, passport/visa information, and employment records entered by business administrators.
- PIN Login Credentials: Staff PIN codes used for mobile app authentication.
- Business Connection Data: QR code scans or business codes used to connect staff to employer accounts.
- Payment Information: Billing details processed securely via Stripe and GoCardless (we do not store card numbers).
1.2 Information Collected Automatically
- Device Information: Device type, OS version, and platform for compatibility.
- Push Notification Tokens: Device tokens for shift updates and alerts.
- Biometric Data: If Face ID/fingerprint login is enabled, verification is performed entirely on-device. We never receive or store biometric data.
- Usage Analytics: Anonymous aggregated usage data to improve platform performance.
1.3 Information We Do NOT Collect
- We do not collect your location data
- We do not track your browsing activity
- We do not collect data from your contacts, photos, or other apps
- We do not use advertising trackers
2. How We Use Your Information
- Authenticate users and manage business accounts
- Display work schedules, rotas, and shift information
- Process HR documents including Right to Work verification
- Send notifications about shifts, updates, and compliance alerts
- Process payments and manage subscriptions
- Provide AI-powered features (invoice scanning, passport extraction)
- Improve platform performance and fix bugs
3. AI & Document Processing
When you upload documents (invoices, passports, visas) for AI scanning:
- Documents are processed securely to extract relevant data
- Extracted data is stored in your business account
- Documents may be temporarily cached for processing, then deleted
- We do not use your documents to train AI models
4. Data Storage & Security
- Server Data: Stored securely on UK/EU-based servers with enterprise-grade encryption.
- Local Data: Mobile app data uses encrypted device storage.
- Biometric Credentials: Stored in your device's secure keychain (iOS) or keystore (Android).
- Encryption: All data transmitted uses HTTPS/TLS encryption.
- Access Controls: Role-based access ensures staff only see their own data.
5. Data Sharing
We do not sell, rent, or share your personal data. Your data is only accessible to:
- Your Employer: Business admins can see staff profiles and work data.
- Payment Processors: Stripe and GoCardless for secure payment processing.
- Notification Services: Firebase (Google) for push notifications (only device tokens shared).
- AI Providers: Document content may be sent to AI services for processing (e.g., OpenAI for OCR). No personal data is retained by these providers.
6. Your Rights (GDPR)
Under UK GDPR, you have the right to:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate data
- Erasure: Request deletion of your data
- Portability: Request data in a machine-readable format
- Object: Object to processing of your data
- Withdraw Consent: Withdraw consent at any time
7. Data Retention
- Account Data: Retained while your account is active, plus 30 days after deletion request.
- Staff Records: Managed by the business admin per their retention policies.
- Push Tokens: Removed when the app is uninstalled.
- Payment Records: Retained as required by UK tax law (6 years).
8. Cookies
Our storefront uses only essential cookies for session management. We do not use tracking or advertising cookies.
9. Children's Privacy
Our services are not intended for children under 16. We do not knowingly collect personal information from children.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use constitutes acceptance.
11. Contact Us
If you have questions about this Privacy Policy or your data:
- Email: hello@saralcode.co.uk
- Website: saralcode.uk