Your data is yours. Here's how we protect it.

Hong Kong Compliance

Personal Data (Privacy) Ordinance (Cap. 486)

• • Data minimisation: we collect only the data required to deliver the service
• • Purpose limitation: customer data is used only to power that customer instance
• • Data subject rights: customers can request access, correction, or deletion
• • Consent management: data processing follows explicit customer authorisation

Employment Ordinance (Cap. 57)

• • Annual leave accrual by years of service (7 to 14 days)
• • Sick leave accrual (2 days/month in Year 1, then 4 days/month)
• • Statutory holiday management with Hong Kong holidays preloaded
• • MPF contribution calculation including HK$30,000 relevant income cap
• • Termination and severance calculation rules

Infrastructure Security

• • Data storage: customer data is stored on secure AWS infrastructure. [Region TBD]
• • Encryption in transit: all data in transit is protected by TLS
• • Encryption at rest: stored data is encrypted on AWS infrastructure. [Standard TBD]
• • Authentication: JWT-based authentication and session management
• • Backups: regular backups are maintained. [Frequency TBD]

AI Data Handling

Your data is not used to train AI models.

• • Private processing: uploaded files and records are processed only for your own service instance
• • No training: customer data is excluded from model training
• • No third-party sharing: data is not shared with other customers or external companies
• • RAG architecture: AI responses are retrieved from your own documents, not public internet content

Data Management

• • Data export: export CSV or Excel at any time, including trial and post-cancellation period
• • Data deletion: data is retained for 90 days after cancellation and then permanently removed
• • Data portability: uploaded data remains exportable and is not locked into the platform

Security Questions

If you need clarification beyond this page, contact [security contact email TBD]. We reply to security enquiries within 2 business days.