Log In
Free Demo

RigoHR Policy Document

RigoHR Privacy Policy

Last updated: 24 Nov, 2025

This RigoHR User Privacy Policy ( “Privacy Policy”) describes how RigoHR (collectively “RigoHR”, “we”, “us”, and/or “our”) collects and processes your personal information for our own purposes when you interact with RigoHR and our websites, services, content, and any related software, mobile applications, and other applications (collectively, “Services”).

1. What does this policy cover?

This policy describes how we process personal data. When we say “personal data” we mean information that relates to you, and from which you can be identified. Personal data includes your name, email, address, telephone number, bank account details, payment information, support queries, community comments and so on.

This policy applies to personal data we collect across all our websites and apps, in connection with any services we provide. It also applies to personal data we collect through surveys, events, customer support, promotional programmes and training.

2. What this policy doesn’t cover

This policy doesn’t apply to personal data related to the subscriber’s employees or any data they enter into our services about their employees or other third parties. In those cases, our subscribers control that personal data and we process it only as a service provider (or “processor”) on their behalf. We do not share the personal data of employees with anyone.

If you’re not a subscriber and have questions about this type of personal data, contact the subscriber that controls it.

3. Personal data we collect and how we get it

The personal data we collect depends on how you interact with us. We collect personal data:

  • When you provide it to us directly. This includes when you visit our websites, use our services, or provide personal data directly through other interactions with us. For example, we ask for your billing information when you sign up for a subscription or trial, and collect your contact information and any other details you share when you ask for support, or take part in training and events. You don’t have to provide us with personal data, but if you don’t it might mean you can’t use parts of our services.
  • Automatically. We collect some personal data about you automatically when you visit our websites or use our apps and services. For example, we collect data about the pages you look at and the links you click on.

Personal data categories and sources

We’ve summarised the categories of personal data we collect and their sources, below.

  • Identity and contact data such as your name, email address, telephone number or address. We source this directly from you.
  • Account data such as your login and profile information and subscription details. We source this directly from you.
  • Payment data such as bank account details, payment method, billing address and other details of services that you have received from us. We source this directly from you.
  • Communications data such as feedback on our services and other communications with us or with our service providers, competition and survey entries, chat, email or call history, and call recordings if you consent to them. We source this directly from you, or automatically collect when you communicate with us.
  • Marketing and advertising data such as interests based on your use of our services, survey responses, promotions you enter, communication preferences, preferences for particular services, and subscription details. We source this directly from you, or automatically collect when you communicate withe us.
  • Device data including your IP address, the browser you use to visit our websites, device type and location, operating system, device identifiers and advertising identifiers. We source this automatically.
  • Service usage data such as information about your use of and interaction with our services, including third party services you have integrated. This includes page views and searches, login information, clicks, content interaction, length of visits, and other functional information on service performance. It also includes service utilisation, such as features you subscribe and use, as well as (if you are a subscriber) how you manage organisations and invited users or employees within your subscription. We source this automatically.

4. How we use your personal data

We use your personal data to operate our services, improve the services and to manage our relationship with you. We’ll otherwise only use your personal data for:

  • The purposes in this policy or that we explain to you when we collect your personal data.
  • Other purposes that are related to the ones in the first dot-point where permitted by law.

Purposes for using personal data

We’ve set out more information about the specific purposes for which we use your personal data below.

  • To deliver our services. For example, to sign you up to our services, manage your trial or subscription, facilitate purchases of services, and provide, maintain and deliver our services (including using AI/ML) in accordance with our terms of use. This includes monitoring, troubleshooting, data analysis, testing, system maintenance, reporting and hosting of data.
  • To communicate with you about our services. For example, we may send you service updates, invoices, technical notices, security alerts, support messages and responses to your enquiries. We may contact you through a variety of channels, for example, by email, telephone, SMS and in-product communications.

The categories of personal data we use for this purpose are: identity and contact data, account data, payment data, communications data, device data and service usage data.

  • For quality assurance, training and record-keeping. For example, we may review communications with you for customer support, quality assurance and training purposes, and related record-keeping.
  • For security management. For example, to address threats and fraud, and protect you, our business and people, we may use malware and other monitoring tools to detect suspicious activity and block unauthorised access.
  • For compliance management. For example, to ensure compliance with our terms of use and related internal reporting.
  • To improve our services. For example, we analyse collected data to improve our websites, apps and services, to develop new products and services, and inform other business decisions by understanding customer behaviour (including using AI/ML).
  • For communications or surveys. For example, to contact you about services, promotions, competitions and events we think may be of interest. We may contact you through a variety of channels, for example, by email, telephone, SMS and in-product communications.
  • For legal and regulatory compliance. For example, to comply with any legal and regulatory obligations which apply to us, including responding to requests under data protection or other applicable laws.
  • To manage legal claims. For example, to preserve our legal rights, and defend and bring claims to protect our interests.

5. Cookies and similar tracking technology

We may use cookies and similar technologies to enable our systems to recognize your browser or device, to provide our Services, and to improve your experience.

6. How we share your personal data

There will be times when we need to share your personal data with third parties. We’ll only share your personal data with:

  • Regulators, law enforcement bodies, government agencies or courts where we think it’s necessary to comply with applicable laws or regulations, to exercise, establish or defend our legal rights, or to protect your interests or those of any other person. Where possible and appropriate, we’ll notify you of this type of sharing.

7. How We Disclose Your Personal Information

Maintaining your trust over your personal information is a vital part of our relationship with you, and we disclose your personal information only as described below.

  • With others in your organization. If you are the administrator for your organization, we may disclose your information to other users in your organization in accordance with your account settings and preferences. If you are a user, we may disclose certain information, including information about your account settings and your use of the Services, to your organization and its administrator(s).
  • Protection of us and others. We may disclose your personal information if we believe disclosure is appropriate to comply with applicable laws, enforce or apply our terms or agreements (including to collect amounts owed to us), protect the rights, property, or safety of Rigo, or our employees, customers, users, and others or to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities. We may also disclose your personal information in connection with investigating and preventing fraud or security issues relating to our Services.
  • Business transfers. If RigoHR goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its businesses, services, or assets, your personal information may be among the assets transferred. In accordance with applicable laws, we will use reasonable efforts to notify you of any transfer of personal information to an unaffiliated third party.
  • With your consent. We may disclose personal information to third parties when we have your consent to do so.

8. Personal data retention

We’ll retain your personal data for as long as we’ve a relationship with you and for a period of time afterwards where we have an ongoing business or legal need to keep it. For example, to comply with legal, tax, or accounting requirements. After that, we’ll make sure it’s deleted or anonymised.

9. Security

Security is a priority for us when it comes to your personal data. We’re committed to protecting your personal data and have appropriate technical and organisational measures in place to make sure that happens. For more information, check out RigoHR’s Security Exhibit.

We design our systems with your security and privacy in mind.

  • We maintain a wide variety of compliance programs that validate our security controls.
  • We protect the security of your information during transmission to or from RigoHR by using encryption protocols and software.
  • We maintain technical, physical, and organizational safeguards in connection with the collection, storage, and disclosure of personal information.

However, no security measure or modality of data transmission over the Internet is 100% secure. Although we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security. You are solely responsible for protecting your password, limiting access to your devices, and signing out of websites after your sessions.

10. International transfers

When we share personal data, it may be transferred to and processed in countries other than the country you live in – such as India or Singapore – due to the location of our AWS server locations. These countries may have laws different to the ones that apply in your country. When we transfer personal data to another country, we put safeguards in place to protect your personal data.

11. Your rights

It’s your personal data and you have certain rights relating to it. When it comes to marketing communications, you can ask us not to send you these at any time. Just follow the unsubscribe instructions in the marketing communication or make your request using the details in the ‘How to contact us’ section.

You also have rights to:

  • Know whether and what personal data we hold about you, and to correct it if it’s inaccurate or out-of-date.
  • Request a copy of your personal data, or ask us to restrict processing your personal data or delete it.
  • Object to our continued processing of your personal data.

You can exercise these rights at any time by making a request using the details in the ‘How to contact us’ section.

12. Children’s Personal Information

We do not provide our Services to children. We do not knowingly collect personal information from children under the age of 16 without the consent of the child’s parent or guardian. If you are a parent or guardian and you learn that your children have provided us with personal information, please contact us at the address stated under the “How to Contact Us” section below.

13. Updates to this policy

We may update this policy from time to time. If we make a material change, we’ll make sure we let you know, usually by sending you an email or posting a notice on our websites and in our apps.

14. How to contact us

If you’re a current user of our services, you can get in touch via our Contact page or Support Page. For everyone else, you can contact us at [email protected].

RigoHR Platform

Why Rigo

Company

Pricing

Blog

Customer Stories

Contact

Rigo for

Request Free Demo

RigoHR Platform

Human Resources (Core HR)

HR Platform for people operations

Payroll Management

Employee pay, benefit and taxes

Leave and Time

Leave, time and attendance module

Performance Management

Employee Performance Review System

Goals and KPIs

Goals and Target tracking system

Shift Schedule

Shift planning and roster

Travel Management

Goals and Target tracking system

Tasks Management

Goals and Target tracking system

Learning Management System

Learning courses, exam and certificates

Project and Timesheet

Work time and project reporting

Why Rigo

Company

Pricing

Blog

Customer Stories

Contact

Rigo for

Request for Free Demo