1. Overview

This privacy policy describes how internal staff tools hosted on this domain collect, use, and protect your information. The developer is committed to protecting your privacy while providing functional applications for internal staff use.

2. Information We Collect

Applications on this domain may collect the following types of information:

• Account Information: Email address, name, and employee identification number when you register or log in
• Authentication Data: Login credentials and session information through Google OAuth authentication
• Usage Data: Information about how you interact with the applications, including access times, pages viewed, and actions performed
• Work-Related Data: Information you submit through application forms, such as shift assignments, position details, and claim submissions
• Technical Information: IP addresses, browser type, device information, and user agent strings for security and troubleshooting purposes

3. How We Use Your Information

Your information is used for the following purposes:

• To authenticate and authorise access to internal applications
• To process and manage submissions within the applications
• To maintain audit logs for security and compliance purposes
• To improve application functionality and user experience
• To troubleshoot technical issues and provide support
• To generate reports and analytics for administrative purposes

4. Google API Services

Some applications use Google API Services for authentication (Google OAuth). When you sign in with your Google account:

• We receive your basic profile information (name, email address) from Google
• We do not access your Google Drive, Gmail, Calendar, or other Google services unless explicitly required by the specific application
• Your use of Google authentication is also governed by the Google Privacy Policy
• We only request the minimum necessary permissions required for authentication

5. Data Storage and Security

We implement appropriate security measures to protect your information:

• Data is stored in secure database systems with access controls
• Passwords are hashed using industry-standard encryption (bcrypt)
• Session data is protected using secure cookies with HTTP-only flags
• Access to systems is restricted to authorised personnel only
• Regular security audits are performed on application code

Note: While we implement security best practices, these are proof-of-concept applications and may not meet production-grade security standards.

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. Your data may be shared only in the following circumstances:

• Within CAAM: With authorised staff and administrators as necessary for application functionality (e.g., supervisors reviewing staff submissions)
• Legal Requirements: If required by law, regulation, or legal process
• Security: To protect against fraud, security threats, or violations of policies

7. Data Retention

We retain your information for as long as necessary to:

• Provide the services and functionality of the applications
• Comply with legal obligations and audit requirements
• Resolve disputes and enforce agreements

Inactive accounts and outdated records may be archived or deleted as determined by organisational policies.

8. Your Rights

As a user of these internal applications, you have the right to:

• Access your personal information stored in the systems
• Request corrections to inaccurate information
• Request deletion of your account (subject to audit and compliance requirements)
• Withdraw consent for data processing where applicable

To exercise these rights, contact your system administrator or the application developer.

9. Cookies and Tracking

Applications may use cookies and similar technologies for:

• Session management and authentication
• Remembering user preferences
• Analytics and usage tracking
• Security and fraud prevention

Essential cookies required for application functionality cannot be disabled. You may configure your browser to reject non-essential cookies.

10. Third-Party Services

Applications may integrate with third-party services including:

• Google OAuth for authentication
• PDF generation libraries for document creation
• Metro UI framework for user interface components

These services are governed by their respective privacy policies.

11. Children's Privacy

These applications are intended for use by CAAM staff members only. They are not directed at individuals under the age of 18. We do not knowingly collect information from minors.

12. Changes to This Policy

This privacy policy may be updated periodically to reflect changes in practices or legal requirements. Significant changes will be communicated through the application interface or email notifications. Your continued use of the applications after changes constitutes acceptance of the updated policy.

13. Contact Information

For questions, concerns, or requests regarding this privacy policy or your personal information:

• Contact your system administrator
• Submit a request through the application's feedback mechanism
• Reach out to the application developer through official CAAM communication channels

14. Disclaimer

These applications are proof-of-concept tools developed by staff for internal testing and evaluation. They are provided "as-is" without warranties of any kind. The developer assumes no liability for data breaches, loss of information, or any damages arising from the use of these applications.

← Back to Home