Privacy Policy
Last updated: June 12, 2026
VHR E-Leave is an internal leave management application for Vinalink Logistics employees. This policy explains how employee and device information is collected, used, protected, and retained when using the application.
1. Information We Collect
1.1 Account and Employee Information
- Employee code, full name, department, branch, position, and work-related identifiers.
- Login credentials and authentication data. Passwords are protected using server-side security controls.
- Email address used for OTP delivery and account notifications.
- Leave requests, approvals, leave balances, salary-related display data where available in the app, and notification history.
1.2 Device and Security Information
- Device ID, device name, platform, app version, and push notification token.
- Login approval request status, approved device status, and related security event history.
- Technical logs such as request time and service status used for troubleshooting and security monitoring.
2. How We Use Information
- Authenticate employees and authorize access to leave management features.
- Send OTP, push notifications, leave approval updates, and safe device approval results.
- Process leave registration, approval, cancellation, and related employee workflows.
- Protect the application from unauthorized access and detect suspicious login/device activity.
- Support internal HR, management, audit, reporting, and operational requirements.
3. Sharing of Information
We do not sell employee personal information. Information is only shared within authorized internal roles or when required by applicable law, internal audit, security, or operational requirements.
4. Data Security
- Authentication uses JWT access tokens and refresh tokens with expiration controls.
- OTP and approval tokens are handled as temporary security data.
- Approved devices are checked using employee code, device ID, and push token policy.
- Access to sensitive employee data is restricted by application permissions.
- Mobile credentials and tokens should be stored using secure platform storage on supported devices.
5. Push Notifications
The app uses push notifications for leave updates, approval reminders, login/device approval requests, and approval results. Users may manage notification permissions in their device settings. Notification content avoids exposing unnecessary technical or sensitive security details.
6. Device Approval
For accounts configured to use device approval, login from a new or changed device may require approval by a configured branch approver. Device approval records may include employee code, device ID, device name, platform, app version, approval status, and timestamps.
7. Data Retention
Employee and workflow data is retained according to internal HR, accounting, audit, and legal requirements. Security and device approval records are retained as needed to support account protection, audit, and troubleshooting.
8. Third-Party Services
- Firebase Cloud Messaging is used to deliver push notifications.
- Apple Push Notification service is used to deliver notifications on iOS devices.
- Email infrastructure may be used to send OTP and approval links.
9. User Rights and Requests
Employees may contact HR/Admin to request access, correction, or support for personal information stored in internal HR systems, subject to internal policy and legal requirements.
10. Updates to This Policy
This policy may be updated when application features, security requirements, or legal obligations change. Continued use of the application after updates means acceptance of the revised policy.
11. Contact
Company: Vinalink Logistics
Application: VHR E-Leave
Website: https://vinalinklogistics.com
Support: Contact HR/Admin through internal company channels.