RHS IBS APP — Privacy Policy

Effective Date 25 Nov 2025
Last Updated 26 Nov 2025
Organization RHS Group

At RHS IBS, we value your privacy and are committed to protecting the personal information you provide to us. This Privacy Policy explains how we collect, use, store, and protect your information in connection with our Employee Management and ERP/CRM services.

This app is intended only for authorized employees of Rais Hassan Saadi Group and is not available for public use.

We comply with applicable data protection laws, including where relevant:

📋

1. Information We Collect

A. Personal & Employment Information

  • Name, username, password
  • Employee ID, department, job title, manager details
  • Corporate email and phone number
  • Employment status, attendance records, leave details, work schedules, approvals, and HR workflow logs that are part of your official employment records.
  • ERP/CRM business records created as part of job responsibilities
💰

1. Financial & ERP/CRM Data

B. Financial & ERP/CRM Data

  • Internal operational and financial records
  • Leave requests, approvals, and workflow logs
  • Attendance and task assignment records
⚙️

1. Technical & Biometric Data

C. Technical Information

  • Device ID and Device Details for limiting access to 1 device.
  • FCM Token for push notifications
We do not collect advertising ID, IP address tracking, or analytics data.

D. Biometric Authentication Data (When Enabled)

  • Fingerprint or facial recognition processed solely on the device
  • We do not collect, store, or transmit biometric data to our servers
  • Managed through secure OS-level authentication
📱

1. Device Permissions

E. Device Permissions

The app requests specific permissions only for work-related features:

Permission Purpose Non-Business Data Accessed?
Camera Capture employee ID photos, attendance verification, document upload No
Storage / Media Access Upload and handle documents/images stored for ERP use No
The app does not access personal photos or unrelated media.
🔍

2. How We Collect Information

Data is collected when users log in and perform Create, Read, Update, and Delete (CRUD) operations with ERP/CRM modules integrated with the app.

No public registration. Sign-in only for employees with existing credentials.

🎯

3. Purpose of Data Collection

Your information is used strictly for internal business operations, including:

  • Employee workflow management
  • ERP/CRM tasks and updates
  • Employment status, attendance records, leave details, work schedules, approvals, and HR workflow logs that are part of your official employment records.
  • Authentication, session integrity, and security enforcement

We do not use your data for advertising, profiling, or third-party marketing.

🤝

4. Data Sharing

We do not sell or share your personal data externally.

Access is limited to:

  • Authorized internal HR, Finance, and ERP departments
  • RHS Group IT teams responsible for app and ERP/CRM maintenance

Biometric authentication is local only — no sharing, no cloud processing.

5. Data Retention

We retain data only as required for:

  • Employment management
  • Legal and financial record-keeping
  • Organizational audit obligations

Some HR and payroll records remain stored after employee deactivation where required by UAE labor and tax law.

🔐

6. Security Measures

We employ modern, enterprise-grade protections:

  • Encrypted storage of sensitive data where applicable
  • Encryption in transit via HTTPS/TLS
  • Role-based access controls and session expiration
  • Strict internal access and monitoring
  • No public entry points in the app

Passwords are never stored on the device.

Biometric login is optional and may be disabled anytime in device settings.

👤

7. User Rights

Where legally applicable (GDPR/CCPA):

You may request:

  • Access to your personal data
  • Rectification of incorrect data
  • Deletion of personal data (subject to employment and legal obligations)
  • Portability of your stored profile information
  • Information about data usage and handling

We do not sell data → CCPA Opt-Out rights do not apply.

Contact details for rights requests are in Section 10.

🌍

8 & 9. Data Location & Consent

8. International Data Transfers

We do not transfer personal data internationally.
All ERP/CRM data is stored and processed within the UAE.

9. Permissions & Consent

The app will request consent before enabling:

  • Camera access
  • Storage access
  • Biometric authentication

Users will be informed in context why the permission is needed and can decline.
Declining may restrict certain business functions.

📝

11. Updates & Legal Notes

11. Updates to this Policy

We may update this Privacy Policy as needed.
If changes are significant, users will be notified via app notification or email.

Legal Notes

  • Biometric authentication uses secure device hardware/software (e.g., Android Biometric APIs).
  • No biometric data is uploaded to servers or stored beyond the secure enclave of the device

10. Contact Information

For privacy questions, requests, or concerns:

Email Address app.dev@rhsgroup.com
Parent Company Rais Hassan Saadi LLC
Department RHS Group IT Department

© 2025 Rais Hassan Saadi Group

RHS IBS App — Employee Management & ERP/CRM Services