← Back to Home

Privacy Policy

Last updated: March 28, 2026

Lite Payroll PH ("we", "our", or "the Service") is committed to protecting your personal information in accordance with the Data Privacy Act of 2012 (Republic Act No. 10173) of the Philippines and its Implementing Rules and Regulations.

This Privacy Policy explains what information we collect, why we collect it, how we use and protect it, and your rights as a data subject.

1. Data Controller

The data controller responsible for your personal information is the operator of Lite Payroll PH. For privacy-related concerns, contact us at:

Email: 1982gaya@gmail.com

2. Information We Collect

We collect the following categories of personal data when you use the Service:

CategoryExamplesPurpose
Account DataFull name, email address, password (hashed)Account creation and authentication
Company DataCompany name, address, TINPayroll records and government form generation
Employee DataEmployee name, position, salary, SSS No., TIN, PhilHealth No., Pag-IBIG No. (all government IDs stored encrypted)Government contribution computation and form generation
Financial RecordsGross pay, net pay, deductions, withholding tax per pay periodPayslip generation and YTD reporting
Usage DataLogin timestamps, feature usage, error logsService improvement and security monitoring
Payment ReferenceGCash reference number (Pro plan)Payment verification and plan activation

We do not collect your GCash account number, bank account details, or any payment card information.

3. Legal Basis for Processing

  • Consent — you provide consent when you create an account and agree to this policy.
  • Contractual necessity — processing is required to provide the Service you subscribed to.
  • Legitimate interest — error logging and security monitoring to protect the Service.

4. How We Use Your Information

  • Provide and operate the Lite Payroll PH service
  • Calculate employee government contributions (SSS, PhilHealth, Pag-IBIG) and BIR withholding tax
  • Generate payslips (PDF) and government forms (BIR 2316, SSS R3, etc.)
  • Send payslip emails to employees (only when triggered by your action)
  • Send service-related notifications (pay run reminders, critical updates)
  • Maintain audit logs for your account's security and compliance

5. Data Sharing and Disclosure

We do not sell, rent, or share your personal data or your employees' personal data with third parties for marketing purposes.

We may share data only with:

  • Supabase (database and authentication infrastructure) — data stored in encrypted form in Singapore-region servers
  • Brevo (email delivery) — only employee name and email address when you send a payslip email
  • Government authorities — only if required by law or valid legal process (e.g., court order)

6. Data Security

  • All government IDs (TIN, SSS No., PhilHealth No., Pag-IBIG No.) are encrypted using AES-256-GCM before storage
  • All data is transmitted over HTTPS (TLS)
  • Passwords are hashed by Supabase Auth — we never store plaintext passwords
  • Access to your company data is restricted by Row-Level Security (RLS) — other accounts cannot access your data

7. Data Retention

We retain your account and payroll data for as long as your account is active. If you delete your account, your data will be permanently removed from our systems within 30 days, except where retention is required by Philippine law (e.g., BIR record-keeping requirements of 10 years).

8. Your Rights Under RA 10173

As a data subject under the Data Privacy Act of 2012, you have the following rights:

  • Right to be informed — know how your data is collected and used
  • Right to access — request a copy of your personal data we hold
  • Right to rectification — correct inaccurate personal data
  • Right to erasure — request deletion of your data (subject to legal retention requirements)
  • Right to data portability — receive your data in a structured, machine-readable format
  • Right to object — object to processing based on legitimate interest

To exercise any of these rights, contact us at 1982gaya@gmail.com. We will respond within 15 business days.

9. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will reflect any changes. Continued use of the Service after updates constitutes acceptance of the revised policy.

10. Contact

For privacy concerns or data subject requests, contact us at: 1982gaya@gmail.com