Bytecrunch Privacy Policy
This privacy policy (“Policy”) outlines how Bytecrunch collects, maintains, stores and discloses personal information and data we hold about employees. This Policy forms part of the Terms and Conditions of Use for all products, software and services provided by Bytecrunch.
For the purposes of this the Policy, please note that:
- “Bytecrunch / ByteHR” refers to Bytecrunch Technologies Co., Ltd.
- “We / Our / Ours / Us” refers to Bytecrunch and its respective employees, officers, servants, agents or contractors whether situated in or outside of Thailand.
- “Services” refers to the Bytecrunch products and services you have viewed, clicked on, applied for or use, including but not limited to ByteHR software, ClassicHR software, software training, software setup and implementation, data upload service, sales demos, requirements gathering sessions, marketing videos, corporate bytecrunch websites, advertisements, webinars, email/chat/phone support, etc. provided by Bytecrunch.
- “Personal Data” refers to any data about an employee who can be identified from that data, whether directly or indirectly, but not including information of deceased persons. Examples of personal data include but are not limited too employee’s name, identity card number, passport number etc.
- “Sensitive Personal Data” refers to the categories of Personal Data which are specified in Section 26 of the PDPA, i.e. Personal Data pertaining to ethnicity, race, political opinions, doctrinal, religious or philosophical beliefs, sexual behavior, criminal records, health records, disability, labour union, genetic data, biometric data or any other data which may affect the data subject in the same manner as prescribed by the Personal Data Protection Commission.
- “Customer(s)” / “Company” refers to clients of Bytecrunch who have subscribed to Bytecrunch services.
- “Employee(s)” refers to all individuals who are associated with the customer and whose personal data and sensitive personal data is stored, managed and processed in Bytecrunch software.
- “PDPA” refers to the Personal Data Protection Act B.E. 2562 (2019) and any regulations, rules, guidelines, notifications and orders issued by virtue thereof, as may be amended, supplemented or replaced from time to time.
- “Affiliate(s)” / “Partner(s)” refers to any third party individual, group, organization or vendor that Bytecrunch has entered into a contract with to provide its services effectively to customers.
Data Processor vs Data Controller
- Bytecrunch acts as a data processor whose software is used to store, manage and process employee data owned by customers.
- Bytecrunch acts as a data controller to collect personal data to provide its services optimally without disruptions.
Collection of Personal Data (Data Processor)
- Customers store both personal data and sensitive personal data of their employees in Bytecrunch software.
- As the data processor, Bytecrunch assumes that all customers (data controllers) have taken explicit consent from their employees to store manage and process both personal and sensitive personal data in Bytecrunch software.
- Bytecrunch is not responsible for how employee personal data and sensitive personal data is stored, managed and processed by its customers.
Collection and Use of Personal Data (Data Controller)
- Bytecrunch strongly advises employees to review your profile and remove any identity documents or sensitive personal data such as religion, race, or health details from ByteHR software and ClassicHR software.
- Bytecrunch exercises its best endeavor to only collect Personal Data which is necessary, relevant and appropriate to achieve the purposes specified in this Privacy Policy. The categories of Personal Data which will be Processed by Bytecrunch are as follows:
Type of Personal Data | Reason for Collection |
---|---|
Identification Data 1: First name, last name, email, phone number | To provide services such as software demos, software training, email marketing, email notifications and other marketing and advertising. |
Identification Data 2: Username, password, GPS location, picture | To login to ByteHR web and mobile apps. To check in/out online (e-checkin) for shift employees. |
Automatically Collected Data: Information on the accessing and visiting the bytecrunch website, pages which have been visited, search history on the website, IP Address, browser types and forms, reference page, operation system, date and time stamps and clickstream data retained in the log files | To improve website experience and provide visitors with additional marketing and advertising data. |
Other Uses of Personal Data
- We may collect, use, and process the Personal Data of employees, directors, authorised representatives, or related individuals for the following limited and clearly defined purposes:
- To verify identity and support onboarding or access to our services
- To deliver and improve the ByteHR services that your company uses
- To generate anonymized reports or insights for internal analysis, compliance, service improvement, or broader business intelligence purposes.
- To meet legal obligations, respond to lawful requests, or comply with government regulations
- To resolve technical issues, respond to support requests, or handle complaints
- To support audits, system migrations, or legitimate operational needs, including with trusted service providers
- Personal Data of employees is kept confidential. However to carry out the purposes listed above, Bytecrunch may share such Personal Data with its related or affiliated corporations, entities and contractors whether in Thailand or elsewhere. When doing so, we require them to ensure that the Personal Data disclosed is kept confidential and secure. Please note that technical or customer support involving access to personal data may be provided by Bytecrunch representatives located both in or outside Thailand.
Data Handling and Sharing
- We may disclose Personal Data of employees associated with your company to the following parties, only where necessary to provide our services, comply with legal obligations, or protect our legitimate interests:
- Trusted third-party service providers or partners who support our software and operations
- The Thai Social Security Fund, Revenue Department, Labour Department or any other equivalent Government body.
- Regulatory or legal authorities when required by law
- Employees, contractors, or agents of Bytecrunch (including those located outside Thailand) who are involved in delivering support, maintenance, or service operations
- We will otherwise treat such Personal Data as private and confidential and apart from the parties stated above, we will not disclose such data to any other party except:
- where permission has been given by the employee
- where we are required or permitted to do so by law
- where required or authorised by any court order
- where we are required to meet our obligations to any relevant regulatory authority
- ByteHR's use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
Storage & Security of Personal Data
- Bytecrunch takes breaches of privacy very seriously. Our employees and contractors are trained to handle the personal data securely and with utmost respect and confidentiality, failing which they may be subject to disciplinary action. Employees and contractors of Bytecrunch located in and outside Thailand are contractually obligated to keep secure any personal data they may handle.
- We store data in Microsoft Azure Singapore cloud storage facilities. For more details on data center security and audits, please visit Microsoft Data Center Security.
- We also store data on paper-based files and digital files. We take reasonable steps in the circumstances to protect the personal information we hold from misuse, interference and loss, unauthorised access, modification or disclosure. We may need to maintain records for a significant period of time. However, when we consider information is no longer needed, we will delete all details that identify the employee and/or destroy all records of such Personal Data.
- We ensure that Personal Data is managed in accordance with this Policy, with the PDPA and other similar legislation in the countries in which we operate.
Accuracy of Personal Data
- We take reasonable steps to ensure that all Personal Data is up-to-date and accurate and recognise that contact details and other data may change frequently.
- If an employee associated with your company wishes to delete their Personal Data held with us, please contact our team. Bytecrunch may retain certain information about employees where required to do so by law.
- An employee may request that we correct the Personal Data we hold about them if they deem it to be inaccurate, incomplete, out-of-date, irrelevant or misleading. We will take reasonable steps to correct the information as soon as practicable and send the corrected personal information to the respective company in accordance with the PDPA.
Consent
- If you do not agree with this Policy, please DO NOT continue to use or access our Services.
- All users of our services (company and employees) will need to agree to this policy to continue using our services.
- By disclosing or providing to us Personal Data relating to employees, the company represents and warrants that:
- the consent of those employees has been obtained for the collection, use and disclosure of the Personal Data for the purposes listed above;
- you agree with this Policy; and
- you have obtained the clear and unambiguous consent from such employees that they may be contacted by us or our affiliates in relation to marketing or other purposes.
- If an employee to which this Policy applies withdraws their consent, the company agrees to inform us in writing immediately. As a result of such withdrawal, Bytecrunch may not be in a position to continue to provide our services to you. The withdrawal may be considered a termination by you of any contractual relationship which you may have with us and a breach of your contractual obligations or undertakings, and our legal rights and remedies in such an event are expressly reserved.
Website cookies
- We use cookies on our website. Cookies are files we put on your computer which record information about your visit and use of the website in order to enhance your viewing experience.
- For more details on the types and purpose of cookies collected, please visit our Cookie Policy.
- You can disable or enable cookies through your web browser settings. If you disable or block the cookies on our website, you may not be able to access the entire scope of functions ordinarily performed by our website.
- Personal Data that we collect from you through our cookies may be passed onto third party service providers (whether within or outside Thailand), for managing or improving our website and for collecting data.
- Your use of our website constitutes consent to the use of cookies by us as governed by this Policy.
Enquiries or requests
For enquiries or requests regarding Personal Data, please contact us at support@byte-hr.com or sales@byte-hr.com. Alternatively you may telephone us on any of the contact numbers listed on our website, send us a chat message from our website or send mail to Bytecrunch Technologies, Floor 12, Unit 1202, SJ Infinite One Business Complex, 349 Vibhavadi Rangsit Road, Chomphon, Chatuchak, Bangkok 10900.