phone

Call us today!

+66 65 098 9454

Privacy Policy

Huma +

1. Introduction

This Privacy Policy explains how Bring Co., Ltd. (“Company”, “we”, “our”, or “us”) collects, processes, stores, and protects personal data when providing Huma+ on cloud server (“Huma+ Platform” or “Service”). Our Huma+ Platform enables organizations to manage employee information, workforce operations, and HR processes through a secure cloud-based system.

This Privacy Policy applies to:

  • Organizations subscribing to Huma+ (“Customers”)
  • Employees whose data is processed in the system
  • HR administrators and system users
  • Visitors of our website
  • Authorized users accessing the platform

The policy describes how personal data is handled within our service infrastructure.

2. Role of the Company in Data Processing

Within Huma+, different parties may have different roles in the processing of personal data.

Customer Organization (Data Controller)

  • The subscribing organization that uses the HRIS platform determines:
  • What employee data is collected
  • How the data is used

Huma+ Platform Provider (Data Processor)

Bring Co., Ltd. acts as a Data Processor, meaning we process personal data only on behalf of our customers and according to their instructions. We do not control how Customers use employee data within the system.

3. Types of Personal Data Processed

Depending on how the Customer configures Huma+ platform, the following types of data may be processed.

Employee Identification Data

  • Full name
  • Employee ID
  • Date of birth
  • National ID / passport (if configured by customer)
  • Gender
  • Profile photo

Employment Information

  • Job position
  • Department
  • Employment start date
  • Employment status
  • Reporting structure
  • Organizational hierarchy

Contact Information

  • Work email
  • Phone number
  • Address
  • Emergency contact details

Attendance and Work Records

  • Check-in / check-out data
  • Work schedules
  • Leave records
  • Overtime records
  • Shift information

HR Administrative Information

  • Performance evaluation records
  • Training history
  • Document attachments

System Usage Data

  • Login activity
  • System logs
  • Access timestamps

We only process data necessary to provide Huma+ service.

4. Purpose of Data Processing

Personal data is processed for the purpose of providing and operating the HRIS platform, including:

  • Employee information management
  • Attendance and leave tracking
  • Internal HR approvals
  • Organizational structure management
  • Secure user authentication
  • System administration and maintenance
  • Service monitoring and troubleshooting

We do not use employee personal data for unrelated commercial purposes.

5. Data Security and Protection

We implement industry-standard security measures to protect personal data processed within the Huma+ platform.

  • Security controls may include:
  • Encrypted data transmission (HTTPS/TLS)
  • Secure authentication mechanisms
  • Role-based access control
  • Infrastructure security
  • Data access monitoring
  • System audit logs
  • Vulnerability monitoring

Access to personal data is restricted to authorized personnel who require access for service operation.

6. Data Storage and Infrastructure

The HRIS platform operates using secure cloud infrastructure. Customer data may be stored in secure data centers operated by trusted infrastructure providers.
These providers may include:

  • Cloud hosting providers
  • Infrastructure service vendors
  • System monitoring providers

All infrastructure providers are required to maintain strong security and confidentiality standards.

7. Data Retention

Customer data stored in Huma+ platform is retained for the duration of the Customer's subscription.
Retention rules include:

  • Data remains available while the Customer account is active
  • Customers may export their data at any time
  • Upon service termination, data may be deleted according to the service agreement
  • Backup copies may be retained for a limited period for disaster recovery purposes

Customers are responsible for determining appropriate retention policies for employee data.

8. Data Sharing

We do not sell personal data stored in Huma+ platform.
Personal data may only be shared under the following conditions:

With the Customer Organization

The organization that owns the employee data has full access according to its user permissions.

With Service Providers

Authorized infrastructure or technology vendors supporting the platform may process data as part of service operations.

Legal Requirements

Personal data may be disclosed if required by applicable law or regulatory authority.

9. Cross-Border Data Transfers

Because Huma+ platform operates using cloud infrastructure, data may be processed or stored in multiple jurisdictions depending on system architecture.

Where cross-border data transfer occurs, appropriate safeguards will be implemented to maintain data protection standards.

10. Data Subject Rights

Employees whose data is stored within the HRIS platform should contact their employer (the Customer Organization) regarding requests related to:

  • Access to personal data
  • Correction of inaccurate information
  • Deletion requests
  • Restriction of processing
  • Data portability

Because the Customer acts as the Data Controller, they are responsible for handling these requests.

Bring Co., Ltd. will assist Customers in responding to such requests where technically feasible.

11. Platform Monitoring

For system security and operational integrity, the HRIS platform records system activity including:

  • Login activity
  • System access logs
  • Administrative actions
  • System configuration changes

These logs help maintain system stability, detect unauthorized access, and support auditing.

12. Children's Data

Huma+ platform is intended for workforce management and is not designed for individuals under the age of 18.

We do not knowingly collect personal data from minors through this platform.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

  • Changes in technology
  • Updates to legal requirements
  • Improvements to our services

The latest version will always be published on our website or service platform.

14. Contact Information

If you have questions regarding this Privacy Policy or our data protection practices, please contact:

Bring Co., Ltd.
99 Vibhavadi Rangsit Rd, Khwaeng Chom Phon, Khet Chatuchak, Krung Thep Maha Nakhon 10900, Thailand

Email: coordinator@bring.co.th

15. Governing Law

This Privacy Policy shall be governed by and interpreted in accordance with applicable data protection laws and regulations relevant to the jurisdictions where the service operates.