On This Page
Overview
Welcome to Peoplo. At Peoplo Inc. ("Peoplo," "we," "us," or "our"), we are committed to protecting your privacy and handling your personal and business information with the utmost care and transparency. This Privacy Policy describes in detail how we collect, store, process, share, and protect your data when you use our workforce intelligence platform, including Peoplo HRM, Peoplo Lens, Peoplo Connect, Peoplo Tracker, and any associated websites, mobile applications, or services (collectively, the "Services").
This Privacy Policy applies to all individuals who interact with our Services, including registered users, account administrators, employees whose data is managed through the platform, website visitors, prospective customers, and business partners. By accessing or using Peoplo's Services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy.
If you are using Peoplo on behalf of an organization — for example, as an HR administrator or company owner — both you and your organization are bound by this Privacy Policy. You represent that you have the authority to agree to this policy on behalf of your organization and that your organization will ensure that its employees and users are informed about how their data is processed.
We encourage you to read this document carefully. If you have questions or concerns about anything described here, please reach out to us at support@peoplo.io before using our Services.
Our Commitment
Peoplo has been built on a foundation of trust, security, and transparency. We firmly believe that your data belongs to you, and we are committed to keeping it safe. We do not sell, rent, or trade your personal information to third parties for advertising, marketing, or any commercial purposes unrelated to the delivery of our Services.
We operate on the principle of data minimization — we collect only what is necessary to deliver the functionality you use. Our teams follow strict internal data governance protocols, and access to personal data is limited to authorized personnel with a legitimate need to access it as part of their role.
Peoplo is designed for use by modern, distributed, and hybrid teams around the world. We understand the sensitivity of workforce data — including employee attendance, productivity metrics, and remote access logs — and we treat all such information with the highest level of care. Our infrastructure is built on AWS, and we use bank-grade AES-256 encryption to protect data at rest and in transit.
We continuously review and update our security practices, internal policies, and technical measures to stay ahead of emerging threats and to comply with applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR) where applicable, and other regional and national privacy frameworks.
Information We Collect
1.1 Information You Provide Directly
When you register for an account, set up your company workspace, or contact us for support, you voluntarily provide us with certain personal information. This includes your full name, email address, phone number, job title, company name, billing address, and any other information you choose to include when filling out forms on our platform or communicating with our team.
If you are an administrator adding employees to the platform, you may also provide employee information such as names, email addresses, department assignments, role designations, employment start dates, and other HR-related data. You are responsible for ensuring that you have the appropriate authorization and legal basis to provide this information to Peoplo.
1.2 Information Collected Automatically
When you interact with our website or platform, we automatically collect certain technical and usage data. This includes your IP address, browser type and version, operating system, device model and identifiers, referring URLs, pages visited, session duration, and clickstream data. This information is collected through standard web technologies including server logs, cookies, and analytics scripts.
For users of Peoplo Tracker, our productivity monitoring module, screenshots of active work sessions are captured at regular or configurable intervals. These screenshots are stored in secure, encrypted private cloud buckets and are accessible only to authorized administrators within your organization. Peoplo does not independently review or use these screenshots for any purpose other than delivering the monitoring functionality to your organization.
For users of Peoplo Lens, our face attendance module, biometric facial data may be processed to verify employee identity during check-in and check-out. Facial recognition data is sensitive personal information and is handled with the highest level of security. This data is not used for any purpose beyond attendance verification and is not shared with third parties.
For users of Peoplo Connect, our remote desktop access module, session metadata including session duration, device identifiers, and connection timestamps may be logged. All remote desktop sessions are encrypted end-to-end using AES-256 encryption, and session content is not retained by Peoplo beyond what is technically necessary to operate the connection.
1.3 Information from Third Parties
We may receive information about you from third-party services when you choose to connect them to Peoplo. For example, if you use Google or LinkedIn to log in or authenticate, we receive basic profile information from those providers, such as your name, email address, and profile photo. We use this information only to complete the action you initiated, such as account creation or login.
We may also receive information from payment processors, identity verification services, or integration partners in the course of providing our Services. Any third-party data we receive is handled in accordance with this Privacy Policy and any applicable agreements with those third parties.
How We Use Information
2.1 Service Delivery
The primary purpose for which we collect your data is to deliver, operate, and maintain the Peoplo platform and all of its modules. This includes creating and managing your account and workspace, processing HR records, enabling attendance tracking via Peoplo Lens, facilitating remote access sessions via Peoplo Connect, logging productivity data via Peoplo Tracker, and providing customer support.
2.2 Communication
We use your contact information to send you service-related communications, including account confirmations, billing receipts, password reset emails, security alerts, and notices about material changes to our terms or policies. We may also send you feature announcements, product updates, and service improvement notifications that are relevant to your use of the platform. You may opt out of non-essential communications at any time by clicking the unsubscribe link in any email or by contacting us directly.
2.3 Analytics and Platform Improvement
We analyze aggregated and anonymized usage data to understand how users interact with our platform, identify areas for improvement, diagnose technical issues, and develop new features. This analysis is conducted on an aggregate basis and does not involve singling out individual users for profiling. Our goal is to build a better product for all our users based on real usage patterns and feedback.
2.4 Legal Compliance and Fraud Prevention
We may use your information to comply with applicable laws, regulations, legal processes, or governmental requests. We also use it to enforce our Terms and Conditions, detect and prevent fraudulent activity, protect the rights and safety of Peoplo, our users, and third parties, and respond to claims of illegal activity or violations of third-party rights.
2.5 Business Operations
We use certain information internally to carry out our business operations, including billing and payment processing, account administration, financial reporting, and responding to legal inquiries. We may use anonymized or aggregated data for business planning, benchmarking, and industry research.
Sharing & Disclosure
3.1 Trusted Service Providers
We may share your data with carefully selected third-party service providers who assist us in operating our platform and delivering our Services. These providers include cloud infrastructure providers (such as Amazon Web Services), payment processors, email delivery services, analytics platforms, and customer support tools. All such providers are required to sign data processing agreements and are contractually prohibited from using your data for any purpose other than performing the services they provide to us.
3.2 Within Your Organization
Peoplo is a business platform. Data associated with your organization's account — including employee records, attendance logs, productivity reports, and HR data — is accessible to authorized administrators and managers within your organization according to the permissions and roles you configure. Peoplo facilitates this access but does not independently control how your organization uses this data. Your organization, as the data controller, is responsible for defining appropriate access policies.
3.3 Business Transfers
In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the acquiring entity as part of that transaction. If such a transfer occurs, we will provide notice on our website and, where required by applicable law, notify affected users and offer choices regarding their data.
3.4 Legal Requirements
We may disclose your personal information if we believe in good faith that such disclosure is required or permitted by law, including to comply with a subpoena, court order, or other legal process; to respond to government requests; to protect our legal rights or defend against legal claims; or to prevent imminent harm to individuals or property.
3.5 No Sale of Personal Data
Peoplo does not sell, rent, or lease your personal information to any third party for commercial or advertising purposes. We do not engage in data brokerage. Your data is not an asset we trade — it is information entrusted to us for the purpose of providing our Services, and we treat it accordingly.
Data Retention
We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including to provide our Services, comply with legal obligations, resolve disputes, and enforce our agreements. The specific retention period for different categories of data depends on the type of data, the context in which it was collected, and applicable legal requirements.
For active accounts, we retain user data for the duration of your account subscription. If you close your account or your subscription ends, we will retain your data for a reasonable wind-down period to allow you to retrieve important records, after which your personal data will be securely deleted or anonymized, except where retention is required by law (for example, financial transaction records may be retained for up to seven years in compliance with accounting and tax regulations).
Productivity monitoring screenshots captured by Peoplo Tracker are stored according to the retention settings configured by your organization's administrator. Administrators can define the screenshot retention window within the platform settings.
Biometric data processed by Peoplo Lens is retained only for the duration required to operate the attendance function. We do not retain raw biometric data longer than necessary, and we provide mechanisms for administrators to delete biometric records upon employee offboarding.
International Data Transfers
Peoplo serves customers across more than 29 countries. As a result, your information may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that differ from the laws of your country.
Our primary data infrastructure is hosted on Amazon Web Services (AWS), with data centers located in regions configured to optimize performance and compliance for our global customer base. We select data processing regions with consideration for applicable data residency requirements and will accommodate data residency requests from enterprise customers where technically feasible.
Security
The security of your data is critically important to us. Peoplo implements a comprehensive set of technical and organizational security measures designed to protect your personal and business information against unauthorized access, disclosure, alteration, or destruction.
Our security measures include AES-256 bit encryption for all data at rest and in transit, encrypted remote session protocols for Peoplo Connect, secure private cloud storage buckets for screenshots and biometric data, role-based access control (RBAC) to limit internal data access, multi-factor authentication (MFA) options for platform login, and regular security audits and vulnerability assessments. Our platform is hosted on AWS infrastructure, which maintains 99.9% uptime and complies with industry-leading security certifications.
We maintain a SOC 2-ready architecture and are continuously working toward formal certification. Our internal security team monitors our systems around the clock for suspicious activity, and we have incident response procedures in place to address any potential security breaches promptly.
In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected users and relevant authorities in accordance with applicable data protection laws, including within the timeframes required by GDPR (72 hours) where applicable.
While we take every reasonable precaution to safeguard your data, no system or method of electronic storage is completely secure. We encourage you to protect your own account by using a strong, unique password, enabling multi-factor authentication where available, and logging out of your account when using shared devices. Please notify us immediately at support@peoplo.io if you suspect any unauthorized access to your account.
Children's Privacy
Peoplo's Services are intended for use by businesses and professionals and are not directed at children under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children.
If we become aware that we have inadvertently collected personal information from a child without appropriate parental or guardian consent, we will take steps to delete that information as promptly as possible. If you believe that a child has provided us with personal information, please contact us at support@peoplo.io.
Your Rights
Depending on your location and applicable law, you may have the following rights with respect to your personal data. We are committed to honoring these rights and will respond to valid requests within the timeframes required by applicable law (generally within 30 days).
Right of Access
You have the right to request a copy of the personal data we hold about you, along with information about how we use it, who we share it with, and how long we retain it.
Right to Rectification
If any of the personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct or update it. You can update most information directly within your account settings or by contacting us.
Right to Erasure
You have the right to request that we delete your personal data where there is no compelling reason for its continued processing. This right is subject to certain exceptions, such as where we are required to retain data to comply with a legal obligation or to defend legal claims.
Right to Restriction of Processing
In certain circumstances, you have the right to request that we restrict the processing of your personal data — for example, while a dispute about its accuracy is being resolved.
Right to Data Portability
Where applicable, you have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to request that we transmit it directly to another service provider where technically feasible.
Right to Object
You have the right to object to the processing of your personal data for direct marketing purposes at any time. You may also object to other forms of processing where we rely on legitimate interests as our legal basis, subject to certain exceptions.
Rights Related to Automated Decision-Making
Peoplo does not use your personal data to make fully automated decisions that produce significant legal or similarly significant effects on you. Productivity analytics generated by Peoplo Tracker are provided to your employer or administrator as informational tools; final employment-related decisions remain with the humans in your organization.
How to Exercise Your Rights
To exercise any of the above rights, please submit a request to support@peoplo.io with the subject line "Data Rights Request." We may need to verify your identity before processing your request. If you are an employee whose data is managed by your employer through Peoplo, we recommend directing your request first to your employer (as the data controller), as they are best positioned to handle workforce data requests. We will cooperate with your employer to fulfill any valid requests.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the "Effective Date" at the top of this page and, for material changes, provide additional notice through our platform or by email.
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data. Your continued use of our Services after the effective date of any updates constitutes your acceptance of the revised policy.
If we make changes that significantly affect how we handle your personal data, we will provide at least 30 days' advance notice before the changes take effect, giving you time to review the updated terms and, if you do not agree, to close your account and discontinue use of our Services.
Contact
If you have any questions, concerns, or complaints about this Privacy Policy or about how Peoplo handles your personal data, please do not hesitate to contact us. We take all privacy inquiries seriously and will respond promptly.
Email: support@peoplo.io
Website: https://peoplo.io