Shomvob Logo

Privacy Policy

Effective Date: 3 November 2025

Last Updated: 7 April 2026

Welcome to Shomvob Technologies Limited ("Shomvob," "we," "our," or "us"). We respect your privacy and are committed to protecting your personal information. This Privacy Policy describes how we collect, use, store, and protect your data when you use our Human Resource Management (HRM) Solution, including our web platform, mobile apps, and related digital services. By using Shomvob's HRM Solution, you agree to the terms outlined in this Privacy Policy.

Scope and Applicability

This Privacy Policy applies to:

  • All HRM products and services operated by Shomvob Technologies Limited.
  • All users — including employers, administrators, employees, and job applicants.
  • It does not apply to third-party services not owned or controlled by Shomvob.

Information We Collect

a. Personal Identification Data

  • Full name, date of birth, gender
  • National ID (NID), passport, or government-issued ID
  • Contact information (phone, email, address)
  • Profile photo

b. Employment and HR Data

  • Employee ID, department, designation, employment status
  • Attendance, shifts, and leave records
  • Payroll data (salary, allowances, deductions)
  • Tax and compliance information
  • Performance and training records

c. Financial Data

  • Bank or Mobile Financial Service (MFS) details
  • Salary disbursement and payment history

d. Technical and Usage Data

  • Device and browser information
  • IP address and session logs
  • Login timestamps and system usage analytics

e. Sensitive Personal Data (if applicable)

  • Biometric data (fingerprint or facial recognition)
  • Health or medical data (as required by employer policy)

f. Employee Tracking and Monitoring Data

  • Location data (for field employees, where enabled)
  • Device usage and login activity logs
  • Check-in/check-out source (e.g., mobile app, attendance device)
  • Activity timestamps related to attendance and workforce actions

These tracking features are enabled by the employer for legitimate business purposes such as attendance verification, workforce management, and operational efficiency. All data is collected transparently, securely stored, and accessible only to authorized personnel. Where applicable, employee consent and local regulatory requirements are strictly followed.

How We Collect Information

We collect information through:

  • Direct input — When users register, log in, or update profiles.
  • Employer-provided data — When organizations onboard and manage employees.
  • Automatic system collection — Through cookies, device logs, session tracking, and analytics.
  • Tracking-enabled features — Through employer-activated tools such as location tracking, attendance devices, and activity monitoring systems.
  • Third-party integrations — Through connected attendance hardware, payroll systems, and compliance tools.

Purpose of Data Collection

We collect and process personal data to:

  • Provide core HRM functionalities such as attendance, payroll, leave, and employee management.
  • Verify attendance authenticity and track check-in/check-out sources.
  • Monitor workforce activity and field operations through employer-enabled tracking features.
  • Ensure workplace compliance with company policies and operational requirements.
  • Generate reports, analytics, and insights for workforce planning and decision-making.
  • Enable communication between employers, managers, and employees.
  • Enhance platform security, prevent fraud, and detect unauthorized access.
  • Improve system performance, usability, and product features.

We do not sell or rent personal data to third parties.

Legal Basis for Processing

Data processing is based on:

  • Contractual necessity
  • Legal obligations
  • Legitimate business interests
  • User consent (for optional/sensitive features like biometrics or tracking)

Data Sharing and Disclosure

We may share data with:

  • Employers and authorized HR personnel
  • Trusted service providers under strict confidentiality agreements
  • Government authorities when legally required
  • Law enforcement agencies when mandated

All parties must comply with applicable laws including:

  • Bangladesh ICT Act 2006 (Amended 2013)
  • Digital Security Act 2018

Data Retention

  • Standard retention: up to 7 years after employment ends
  • Data is deleted or anonymized after expiry
  • Retention follows ISO/IEC 27001 standards

Data Security

We implement:

  • AES-256 encryption
  • Role-based access control
  • Multi-Factor Authentication (MFA)
  • Regular security audits and backups

In case of a breach, affected parties will be notified as required by law.

International Data Transfer

If data is processed outside Bangladesh, we ensure adequate safeguards such as Standard Contractual Clauses.

Your Rights

Users may:

  • Access and correct personal data
  • Withdraw consent
  • Request deletion where applicable
  • File complaints with BTRC

Contact: [email protected]

Cookies and Tracking Technologies

We use cookies to:

  • Maintain sessions
  • Personalize experience
  • Analyze usage

Users can disable cookies, though some features may be limited.

Third-Party Integrations

Integrations may include:

  • Banking/payment systems
  • Attendance hardware
  • Government compliance systems

All integrations follow strict data-processing agreements.

Children's Privacy

Our platform is intended for users aged 18+. Any identified minor data will be deleted.

Policy Updates

This policy may be updated periodically to reflect regulatory or product changes.

Compliance Framework

We comply with:

  • Bangladesh ICT Act 2006 (Amended 2013)
  • Digital Security Act 2018
  • Bangladesh Labour Act 2006 (Amended 2018)
  • GDPR (for international clients)
  • ISO/IEC 27001

© 2025 Shomvob. All rights reserved.