A.M. HR Logo

Privacy Notice v2.0

Compliance with the Data Privacy Act of 2012 (RA 10173)

Effective Date: May 18, 2026

A.M. HR ("we," "us," or "the Platform") is committed to protecting your personal data. This Privacy Notice explains how we collect, use, process, and safeguard your information in accordance with the Philippine Data Privacy Act (DPA) of 2012.

1. Information We Collect

To provide HR and Attendance services, we collect the following Personal Information (PI) and Sensitive Personal Information (SPI):

  • Identity Data: Full name, username, employee ID, position, department, and employment status.
  • Contact Data: Email address, phone number, and residential address.
  • Biometric Data (SPI): Facial templates (mathematical representations of facial features) used for identity verification and attendance tracking.
  • Financial Data: Salary information, SSS, PhilHealth, Pag-IBIG, and TIN numbers for payroll processing.
  • Usage Data: IP address, device information, and logs of your activities within the system (e.g., clock-in/out timestamps, geolocation).

2. Purpose of Collection

Your data is collected and processed for the following legitimate purposes:

  • Accurate tracking of attendance and work hours.
  • Processing of payroll and statutory benefits (SSS, GSIS, etc.).
  • Prevention of fraud and "buddy punching" through biometric verification.
  • Generation of HR analytics and organizational reports.
  • Administrative communications regarding your employment.

3. Data Protection Measures

We implement a robust security framework to protect your data:

  • Encryption: Data is encrypted during transit (SSL/TLS) and sensitive fields are hashed or encrypted at rest.
  • Access Control: Strict role-based access control (RBAC) ensures only authorized HR personnel can view sensitive data.
  • Biometric Security: Facial data is converted into anonymized templates. We do not store raw images for authentication once the template is created.
  • Audit Trails: Every access and modification to personal data is logged for accountability.

4. Your Rights as a Data Subject

Under the DPA, you have the following rights which you may exercise through your HR department or the Platform settings:

Right to be Informed

You have the right to know how your data is being processed.

Right to Access

You can request a copy of the personal data we hold about you.

Right to Rectification

You can request the correction of inaccurate or outdated data.

Right to Erasure

You can request the deletion of your data, subject to legal and contractual obligations.

5. Data Sharing and Disclosure

We do not sell your data. We only share information with:

  • Your Employer: As the primary Data Controller.
  • Government Agencies: For mandatory reporting (BIR, SSS, etc.).
  • Service Providers: Only those necessary for platform operation (e.g., cloud hosting), under strict confidentiality agreements.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or to comply with legal, regulatory, or internal policy requirements. Biometric data is typically deleted upon termination of employment or as requested by the data controller.

7. Contact Information

If you have concerns regarding your data privacy, you may contact our Data Protection Officer (DPO) through your organization's HR department or email us at privacy@amhr.com.

NPC Compliant System

This system is designed following the Privacy-by-Design principle.

© 2026 A.M. HR Ecosystem. All rights reserved.

Terms of Use Back to Login