Privacy Policy
Last updated: 2026
1. Introduction
TheOfficeHelper ("we", "our", "us") is committed to protecting the personal data of employees and users processed through our platform. This Privacy Policy explains what data we collect, how we use it, and your rights in relation to it.
2. Data We Process
TheOfficeHelper processes the following categories of personal data on behalf of our Customers (your employer or organization):
- Employee profile information (name, email, department, date of birth, start date)
- Profile photos (optional)
- Equipment and asset assignment history
- Leave and vacation requests
- Documents uploaded by or for employees
- Login account credentials (stored as secure hashes)
- Activity logs for audit purposes
3. Legal Basis for Processing
Data is processed on the basis of legitimate interests of the employing organization, performance of employment contracts, and compliance with legal obligations. Where Customers use the platform in the EU/EEA, processing is governed by GDPR. Customers act as data controllers; TheOfficeHelper acts as a data processor on their behalf.
4. Data Storage and Security
Data is stored in a secure PostgreSQL database hosted on Neon. File attachments (employee documents) are stored in Amazon S3 with access-controlled pre-signed URLs. We implement appropriate technical and organizational measures to protect personal data, including encryption in transit (TLS) and at rest.
5. Data Sharing
We do not sell personal data. We share data only with sub-processors necessary to operate the Service (cloud infrastructure providers). We may disclose data if required by law or to protect our legal rights.
6. Data Retention
Data is retained for as long as the Customer's account is active. Upon account termination, data is deleted within 30 days unless a longer retention period is required by law. Customers may request deletion of specific records at any time.
7. Individual Rights
Depending on your jurisdiction, you may have the right to:
- Access a copy of your personal data
- Correct inaccurate data
- Request deletion of your data ("right to be forgotten")
- Restrict or object to processing
- Data portability
These requests should be directed to your organization's administrator, as they are the data controller. If you believe your rights have been violated, you may lodge a complaint with your local data protection authority.
8. Cookies
TheOfficeHelper uses a single session cookie (office-helper-session) for authentication purposes. This cookie is strictly necessary for the Service to function and does not track you across other websites. No third-party analytics cookies are used.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated to Customers. Continued use of the Service after updates constitutes acceptance of the revised Policy.
10. Contact
For privacy-related questions or to exercise your rights, contact us at theofficehelper@expertsqa.com.