Privacy & Security

Your data: How we protect it and what we do with it

1. Introduction

SeamlessHR (“us”, “we”, or “our”) understands the criticality of privacy in handling your (“Data subject”) personal data. Hence, we want you to engage with us knowing that we value your Personal Data and that we protect it. Here you will find details of how we process your Personal Data, the purposes for which we process it, your rights regarding the data we process and how you can contact us.

2. Collectable Personal Data

Personal information refers to data that could identify a specific individual such as name, address, e-mail address, and telephone number. Depending on your medium of interaction with SeamlessHR (online, offline, etc.), we collect various types of information from you, as described below.

Contact information: This includes any information you provide to SeamlessHR that would allow us to contact you personally, such as your name, address, e-mail, phone number.

Payment and Financial information:Any information that we need to make payments to you, or on your behalf, including bank details such as bank name and branch, account name and number, etc.

Demographic information & interests: Any information that describes your demographic or behavioral characteristics. Examples include your date of birth, age or age range, gender, geographic location (e.g., postcode/zip code), hobbies and interests, and/or lifestyle information. We use such information for improving the quality of our service offerings.

Sensitive Personal Data: We do not seek to collect or otherwise process sensitive personal data in the ordinary course of our business. Sensitive information includes data relating to race, ethnicity, political opinions, religious or other similar beliefs, trade union membership, physical or mental health, sexual tendencies, or criminal record. Where it becomes necessary to process your sensitive personal data for any reason, we rely on your prior express consent for any processing which is voluntary. We may enhance personal information we collect from you with information we obtain from third parties that are entitled to share that information; for example, information from other agencies, search information providers or public sources (e.g., for due SeamlessHR diligence purposes), but in each case as permitted by applicable laws.

3. Condition for Processing Personal Data

SeamlessHR Personnel or any third party acting on its behalf shall only process your personal data if at least one of these conditions are met:

Consent: this refers to any freely given, specific, informed, and unambiguous indication through a statement or a clear affirmative action that signifies your agreement to the processing of your Personal Data by SeamlessHR.

Contract: processing is necessary for the performance of a contract or entering a contract at the request of the Data Subject only.

Legal obligation: processing is necessary for compliance with a legal obligation to which SeamlessHR is subject.

Vital interest: processing is necessary to protect the vital interests of the individual or of another natural person.

Public interest: processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in SeamlessHR

Proper motives: SeamlessHR shall not seek consent that may engender direct or indirect propagation of atrocities, hate, child rights violation, criminal acts, and anti-social conducts.

4. How We Use Your Personal Data

To the extent permissible under applicable law, we may use your information for the following legitimate actions:

  • To carry out our contractual obligations with respect to services you have subscribed to;
  • To provide any information and service(s) that you have requested;
  • To compare information for accuracy and to verify it with third parties;
  • To manage our relationships with you;
  • For recruitment processing and human capital management
  • For storage and processing of employee information
  • To monitor, carry out statistical analysis and benchmarking, provided that in such circumstances it is on an aggregated basis which will not be linked back to you or any living individual.
5. User Rights

You have rights when it comes to our handling of your Personal Data. Those rights include:

  • the right to request for access to your Personal Data where those requests are reasonable and permitted by law or regulation. SeamlessHR shall provide reasonable and accessible means for Individuals to submit their requests, which do not have to take any specific form and can be submitted by any method, this process is handled and managed by the Data Protection Office in SeamlessHR
  • the right to request that SeamlessHR erase your Personal Data if it is no longer valid or necessary for the purposes for which it was collected or if it is incomplete or inaccurate,
  • the right to rectify or amend inaccurate or incomplete Personal Data,
  • the right to withdraw your Consent at any time. This can be initiated by contacting the Data Protection Office of SeamlessHR,
  • the right to object to SeamlessHR’s processing of your Personal Data if there are compelling legitimate grounds to do so and to the extent permitted by law or regulation,
  • individuals have the right to object to SeamlessHR’s processing of their Personal Data for direct marketing purposes,
  • the right to receive your Personal Data in a commonly used and machine-readable format and,
  • the right to transmit these data to another Data Controller when the processing is based on (explicit) consent or when the processing is necessary for the performance of a contract,
  • the right to lodge a complaint with the National IT Development Agency (NITDA) where you believe our processing of your data violates the requirements of the Nigeria Data Protection Regulation 2019 (NDPR), Office of the Data Protection Commissioner for KDPR and for GDPR, you can lay a complaint with the Information Commissioner’s Office (ICO).
6. Data Collection Methods
  • Electronic Messages: We keep record of your interactions with us via electronic media (such as email, text message, complaint forms etc.) in a secure manner while maintaining accuracy. When necessitated by legal or vital obligations, we archive these communications.
  • Hard Copy Forms: We maintain accurate records of the information that you provide to us via hard copy forms in a secure manner. When necessitated by legal or vital obligations, we archive these communications.
  • Web Forms: We keep record of your personal details provided via our web portal. Typically, such details are processed for contact, partnerships and recruitment purposes and are kept in a secure manner.
7. Transfer of Personal Data

Personal data collected by SeamlessHR may be transferred among its various divisions and affiliated companies, around the world, as well as transferred to select partners with your consent. The following describes the various scenarios for which we may share your Personal Data to a third party.

  • Transfer for Service Provision: we employ other companies and individuals to perform functions on our behalf as service providers. Service providers, and their selected staff, are only allowed to access and use your Personal Data on our behalf for the specific tasks that they have been requested to carry out, based on our instructions, and are required to keep your Personal Data confidential and secure.
  • Transfer as a legal requirement: we may share your information with other parties when required by law or as necessary to protect our service. We may also share your information in connection with a transfer of assets, or if we are otherwise involved in a merger or transfer.
  • Intra-Company transfers: your Personal Data may be transferred to or accessible by other entities within the SeamlessHR Group. However, these entities will be bound by the terms of this Policy.
  • Out of Country Transfer: Your Personal Data may be transferred to a foreign country for storage or processing where it is necessary to do so in line with the permissible conditions defined by the NDPR, KDPR and GDPR. We will ensure that appropriate safeguards are in place to ensure the protection of your Personal Data being stored or processed out of the country.
8. How We Ensure Protection of Your Personal Data

We use appropriate measures (including physical access controls and secure software and operating environments) to keep your Personal Data confidential and secure. SeamlessHR is in compliance with these data protection regulations: NDPR, KDPR and GDPR and this assures that your personal data is collected, managed, processed and stored according to the requirements stated in these regulations. Please note, however, that these protections do not apply to information you choose to share in public areas such as third-party social networks.

  • Data Retention Policy: We ensure that your personal data are not retained for longer than necessary as determined by our data retention policy to reduce the likelihood/severity of a data breach.
  • Personal Data Breach Notification: SeamlessHR will inform relevant authorities and if necessary, affected individuals of personal data breach within 72 hours of being aware of the breach where Personal Breach refers to a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data. This includes breaches that are the result of both accidental and deliberate causes.
9. Changes to This Notice

If we change the way we handle your Personal Data, we will update this Notice. We reserve the right to make changes to our practices and this Notice at any time, please check back frequently to see any updates or changes to our Notice.

10. Data Controller and Contact

Any question regarding this policy can be addressed to the DPO at: infosec@seamlesshr.com.

11. Summary
  • Yes, we do collect personal data that you give us. (e.g. your email).
  • No, we won’t email you unless we think it’s really important e.g. to share some relevant updates and information with you.
  • Yes, you can opt-out from any communication.
  • Yes, we have to share some of that data with some of our service providers to make the solution work (e.g. our support platform).
  • No, we won’t sell your data or hand it to anyone that will sell or abuse it.

Last Updated: April 18, 2023

Information Security is a priority at SeamlessHR. We devote significant resources to ensure the confidentiality, integrity and availability of our data. SeamlessHR is committed to continuously evaluating and improving our policies, standards, processes and information systems in supporting business and customer services, in contributing to operational and strategic business decisions, and in conforming to legal and statutory requirements.

As a modern, forward-looking business, SeamlessHR recognises the need to ensure that its business operates smoothly and without interruption for the benefit of its customers, employees and other stakeholders. In order to provide such a level of continuous operation, SeamlessHR is implementing an Information Security Management System (ISMS) in line with the International Standard for Information Security, ISO/IEC 27001.

This information security policy forms a key part of our set of controls to ensure that our information is protected effectively and that we can meet our obligations to our customers, employees, and other stakeholders. This policy also states our intent to maintain a secure information-processing environment and to protect information assets.

This policy has been approved and must be communicated to SeamlessHR employees. It will be reviewed and updated annually. The policy will also be updated as and when there is any change in the information-processing environment, which may have an impact on the information risk profile.

Supporting policies for this information security policy include the following:

  • Mobile Device Policy
  • Human Resource Security Policy
  • Asset Management Policy
  • Access Control Policy
  • Cryptography Policy
  • Physical Security Policy
  • Operations Security Policy
  • Communications Security
  • Secure Software Development Policy
  • Supplier Relationships Policy
  • Information Security Incident Management Policy
  • Business Continuity Management Policy
  • Information Security Compliance Policy
  • Remote Work Policy 
  • Configuration Management Policy 
  • Threat Intelligence Framework 
  • Cloud Security Policy 
  • Network Security Policy 
  • Open-source Software use and Adoption Policy 

SEAMLESS FOR GOOD

Driving
Productivity &
Transforming
Communities

E-book

Get valuable insights, tips and strategies with our eBooks