Privacy Policy

Last updated: November 24, 2025

This Privacy Policy explains how the Web-Based Roving Management System (“Roving System”, “we”, “our”, “us”) collects, uses, stores, and protects personal data processed through the system, including its offline capabilities.

1. Purpose of the System

The Roving System is used for recording and managing employee roving activities (movement between destinations during working hours) for operational, timekeeping, and security-related purposes.

2. Information We Collect

The system may collect and process the following types of information:

  • Identity information – Employee name, employee number, and user account details used for authentication.
  • Roving records – Date, cut-off period (start–end date), time in, time out, destination, purpose, remarks (optional), and electronic signature (stored as a Base64 string).
  • Technical and device information – Basic technical data such as browser type, device type, and limited usage logs necessary for system security and troubleshooting.

3. Offline Storage and Synchronization

The system supports offline use on compatible devices. When you use the app offline:

  • Roving forms and related data may be temporarily stored on your device (for example, in localStorage or other browser storage mechanisms).
  • When an internet connection becomes available and you choose to sync, pending records are securely transmitted to the server and stored in the central database.
  • After successful synchronization, locally stored data may be cleared or minimized, but some technical data may remain on the device depending on browser behavior.

4. How We Use Your Information

Your information is used for:

  • Recording and managing employee roving activities.
  • Monitoring compliance with company policies and security procedures.
  • Generating reports (e.g., by cut-off period, destination, or employee).
  • Maintaining system security, auditing, and troubleshooting issues.

5. Legal Basis / Legitimate Interests

Processing of roving data is typically based on the organization’s legitimate interests in managing operations, security, and timekeeping, and/or in fulfilling legal or contractual obligations related to employment. If your organization applies specific data protection laws (such as GDPR or similar), those internal policies will govern the exact legal basis.

6. Data Sharing and Disclosure

We do not sell your personal data. Access to roving records is limited to authorized personnel who require the information for legitimate business purposes, such as:

  • HR and administration teams;
  • Immediate supervisors and managers;
  • IT or security staff for system support, auditing, and incident response.

Data may also be disclosed if required by law, regulation, or valid legal process.

7. Data Retention

Roving records and related personal data are retained only for as long as necessary to fulfill the purposes described in this policy, and in accordance with your organization’s internal retention schedules and applicable laws. After that, data may be anonymized, archived, or securely deleted.

8. Security Measures

We implement reasonable technical and organizational measures to protect your data, including:

  • User authentication and authorization controls;
  • Encrypted communication channels (e.g., HTTPS) where supported by infrastructure;
  • Restricted access to databases and logs;
  • Regular monitoring and maintenance of the system.

Despite these measures, no system can be guaranteed completely secure, and users are encouraged to protect their devices and login credentials.

9. Your Rights

Depending on your organization’s policies and applicable laws, you may have rights such as:

  • Accessing your roving records;
  • Requesting correction of inaccurate data;
  • Requesting deletion or restriction of processing where appropriate;
  • Raising concerns or complaints about how your data is processed.

To exercise these rights, please contact your HR or system administrator as described below.

10. Cookies and Similar Technologies

The Roving System may use browser storage mechanisms (such as cookies, localStorage, or service workers) to:

  • Maintain your session and login state;
  • Enable offline functionality and queued records;
  • Improve performance and user experience.

11. Contact Information

For questions about this Privacy Policy or how your data is processed in the Roving System, please contact your system administrator or HR department.

This Privacy Policy is intended as a general template for the Roving System. Your organization may supplement or override this text with its own official policy.