SaralFlow
Register
Login

Privacy Policy

1. Introduction

Sucomp TechSolutions (“Company,” “we,” “us,” or “our”) operates the SaralFlow platform at  www.saralflow.com (the “Service”). This Privacy Policy explains how we collect, use, store, andprotect your information when you use our Service.

By using our Service, you consent to the collection and use of information in accordance with thisPrivacy Policy.

2. Information We Collect

2.1 Information You Provide Directly

Account Registration:

  • Email address (required)
  • First name and last name (required)
  • Organization name (required)

Profile Information (Optional):

  • Additional employee/user details
  • Job title and department
  • Contact information
  • Employment-related information

Service Data:

  • Timesheet entries and project information
  • Leave requests and approvals
  • Client and project data
  • Custom configurations and settings
  • Comments and notes within the system

Sensitive Information: With your explicit consent, we may collect:

  • Salary information
  • Personal identification numbers
  • Health-related leave reasons
  • Other employment-sensitive data

2.2 Information We Collect Automatically

Device and Access Information:

  • IP address and device details (collected via ipinfo.io)
  • Login timestamps and session duration
  • Device type and browser information
  • Geographic location based on IP address

Usage Analytics:

  • Google Analytics on our website (saralflow.com only)
  • Server performance monitoring through Digital Ocean tools
  • Error logs for system maintenance and security

Cookies and Tracking:

  • Essential cookies for platform functionality
  • Analytics cookies on our website
  • Session management cookies

2.3 Information from Third Parties

Service Providers:

  • IP geolocation data from ipinfo.io
  • Email delivery confirmations from Brevo
  • Server monitoring data from Digital Ocean and Hostinger

3. How We Use Your Information

3.1 Service Provision

  • Create and manage your user account
  • Provide timesheet and leave management functionality
  • Process approvals and notifications
  • Generate reports and analytics
  • Provide customer support

3.2 Communication

  • Send system notifications and updates
  • Deliver service-related communications via Brevo
  • Respond to your inquiries and support requests
  • Notify you of important changes or security issues

3.3 Security and Fraud Prevention

  • Monitor for unauthorized access and security threats
  • Display login device and IP information for your security awareness
  • Maintain audit logs for compliance and security purposes
  • Investigate and prevent fraudulent activities

3.4 Legal and Compliance

  • Comply with applicable laws and regulations
  • Respond to legal requests and court orders
  • Enforce our Terms of Service
  • Protect our rights and the rights of other users

4. Data Storage and Security

4.1 Data Storage Locations

Your data is stored in one of three Digital Ocean data centers based on your organization’s location:

Germany Data Center:

  • Europe and UK region customers

USA Data Center:

  • North America, Central America, South America, and Caribbean region customers

India Data Center:

  • Western Asia, South-Eastern Asia, Eastern Asia, Southern Asia, Central Asia, Polynesia, WesternAfrica, Middle Africa, Eastern Africa, Australia and New Zealand, Micronesia, Southern Africa,Melanesia, Northern Africa customers

4.2 Security Measures

Technical Safeguards:

  • Encrypted data transmission (HTTPS/TLS)
  • Secure database storage with encryption at rest
  • Regular security monitoring via Digital Ocean and Hostinger tools
  • Access controls and user authentication systems
  • Server-level error logging and monitoring

Administrative Safeguards:

  • Limited access to personal data on a need-to-know basis
  • Regular security training for personnel
  • Incident response procedures
  • Data breach notification protocols

Physical Safeguards:

  • Secure data centers operated by Digital Ocean
  • Physical access controls and monitoring
  • Environmental controls and backup power systems

4.3 Data Backup and Recovery

  • Regular automated backups stored securely
  • Geographic distribution of backup data
  • Disaster recovery procedures
  • Data integrity monitoring

5. Data Sharing and Disclosure

5.1 Within Your Organization

  • Organization Owners can access all organizational data
  • Users can access data according to their assigned permissions
  • Data sharing is controlled by your organization’s access policies

5.2 Third-Party Service Providers

We share limited data with trusted service providers who assist in operating our Service:

Brevo: Email delivery services for notifications and communications

Digital Ocean: Cloud hosting and infrastructure services

Hostinger: Website hosting for our landing page

ipinfo.io:  IP address geolocation services

Google Analytics:  Website traffic analysis (saralflow.com only)

These providers are contractually bound to protect your information and use it only for specifiedpurposes.

5.3 Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal process or government requests
  • Protect our rights, property, or safety
  • Investigate fraud or security issues
  • Enforce our Terms of Service

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to theacquiring entity, subject to the same privacy protections.

5.5 Data Sales

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

6. Data Retention

6.1 Active Accounts

We retain your data as long as your account remains active and you continue using our Service.

6.2 Account Termination

Upon account termination:

  • You have 30 days to export your data
  • Data is permanently deleted from production systems after the 30-day grace period
  • Backup systems are purged of your data within 90 days
  • Anonymized logs may be retained for up to 12 months for security purposes

6.3 Legal Requirements

We may retain certain information longer when required by law, regulation, or for legitimate businesspurposes such as:

  • Financial records for tax and accounting purposes
  • Legal compliance and regulatory requirement
  • Security incident investigation

7. Your Rights and Choices

7.1 Access and Portability

You have the right to:

  • Access your personal data stored in our systems
  • Export your data in standard formats (CSV, JSON, PDF)
  • Request a copy of your data for transfer to another service

7.2 Correction and Updates

You can:

  • Update your profile information through your account settings
  • Correct inaccurate data in your user profile
  • Request correction of data you cannot directly edit

7.3 Deletion Rights

You may request deletion of:

  • Your personal account and associated data
  • Specific data records (subject to legal and operational requirements)
  • Optional profile information

7.4 Communication Preferences

You can:

  • Opt out of non-essential communication
  • Modify notification settings in your account
  • Unsubscribe from marketing communication

7.5 Data Processing Objections

You may object to certain data processing activities, subject to legal and operational requirements.

8. GDPR Rights (EU Users)

If you are located in the European Union, you have additional rights under the General DataProtection Regulation (GDPR):

8.1 Legal Basis for Processing

We process your personal data based on:

  • Contract: To provide the Service you’ve requested
  • Legitimate Interest: For security, fraud prevention, and service improvement
  • Consent: For optional features and marketing communications
  • Legal Obligation: To comply with applicable laws

8.2 Enhanced Rights

  • Right to Rectification: Correct inaccurate personal data
  • Right to Erasure: Request deletion of personal data
  • Right to Restrict Processing: Limit how we process your data
  • Right to Data Portability: Receive data in a machine-readable format
  • Right to Object: Object to processing based on legitimate interests

8.3 Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority.

8.4 Data Protection Officer

For GDPR-related inquiries, contact us at [INSERT DPO EMAIL].

9. CCPA Rights (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

9.1 Right to Know

Request information about:

  • Categories of personal information collected
  • Sources of personal information
  • Business purposes for collection
  • Categories of third parties who receive information

9.2 Right to Delete

Request deletion of personal information, subject to certain exceptions.

9.3 Right to Opt-Out

We do not sell personal information, so opt-out rights do not apply.

9.4 Non-Discrimination

We will not discriminate against you for exercising your CCPA rights.

10. International Data Transfers

10.1 Cross-Border Transfers

When you use our Service, your data may be transferred to and stored in countries other than yourcountry of residence. We ensure appropriate safeguards are in place for international transfers.

10.2 Adequacy Decisions

We rely on adequacy decisions by the European Commission and other appropriate transfermechanisms where applicable.

10.3 Safeguards

For transfers not covered by adequacy decisions, we implement appropriate safeguards such as:

  • Standard contractual clauses
  • Binding corporate rules
  • Approved certification mechanisms

11. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personalinformation from a child under 18, we will take steps to delete such information.

12. Changes to Privacy Policy

12.1 Policy Updates

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending an email notification to your registered email address
  • Providing notice through the Service

12.2 Continued Use

Your continued use of the Service after any changes constitutes acceptance of the updated Privacy Policy.

13. Contact Information

13.1 Privacy Inquiries

For questions about this Privacy Policy or our privacy practices, contact us at:

Email: [INSERT PRIVACY EMAIL]

Address:

Sagar Sangani
Sucomp TechSolutions
5-1-A Vimal Udyog Bhavan,
Manorama Nagarkar Marg, Mahim,
Mumbai – 400016, India

13.2 Data Protection Requests

To exercise your privacy rights or submit data protection requests:

  • Email: [INSERT DATA PROTECTION EMAIL]
  • Use the data export tools in your account settings
  • Submit written requests to the address above

13.3 Response Time

We will respond to your privacy requests within:

  • 30 days for GDPR requests
  • 45 days for CCPA requests
  • 30 days for general privacy inquiries

14. Regional Compliance

14.1 India - Personal Data Protection

We comply with applicable Indian data protection laws and regulations, including data localization requirements for certain categories of data.

14.2 Other Jurisdictions

We monitor and comply with privacy laws in jurisdictions where we have users, including:

  • Australia Privacy Principles (APPs)
  • Singapore Personal Data Protection Act (PDPA)
  • Other applicable regional privacy laws

This Privacy Policy is effective as of [DATE] and was last updated on [DATE].

SaralFlow

Our platform provides different SaaS products which are used to manage projects, timesheets, and leaves effortlessly.

Linkedin Youtube
Products

Timesheet

LeaveHub

Resources

Blog
Documents

Video Tutorials

SaralFlow

About Us

Contact Us

Proudly powered by
sucomptech.com

Privacy Policy      Terms of Service