Privacy Policy
Effective date: Jan 10th, 2026
iTensia International Technology LLC (referred to as “iTensia”, “we”, “us”, or “our”) operates the iTensiaHR platform (including HR, timeclock, and payroll services where offered). This Privacy Policy explains what personal data we collect, how we use and share it, where we store it, how long we keep it, and the choices and rights you have regarding your personal data. This policy applies to personal data we process in connection with the iTensiaHR services provided to customers and their employees, contractors and job applicants.
Our contact details
iTensia International Technology LLC
2823 Birch Terrace
Davie, FL 33330
Email: legal@itensiahr.com
For billing or cancellation: billing@itensiahr.com
For support: support@itensiahr.com
For urgent data incidents: incident@itensiahr.com
Scope
This Privacy Policy describes processing of personal data submitted to or collected through iTensiaHR by (a) Customers (businesses that subscribe to iTensiaHR) and (b) Data Subjects (employees, contractors, applicants and others whose data Customers upload into the service). Customers are typically the data controllers of such personal data and iTensia acts as a data processor (see our Data Processing Addendum (DPA) for enterprise terms). Where iTensia collects personal data directly from end users (for example in support interactions or marketing signups), iTensia acts as a controller for that data.
Categories of Personal Data We Process
We process personal data needed to provide HR, payroll, timekeeping, and related services. Categories include:
Identity and identifiers: full name, date of birth, employee ID, government identifiers (tax IDs, national IDs) where provided.
Contact information: email, postal address, phone number.
Employment and job data: job title, employment start/end dates, department, manager.
Payroll and financial data: salary, wages, bank or ACH information, tax withholding information, payment history.
Time & attendance: clock‑in/out times, schedules, hours worked, overtime.
Benefits & leave: leave requests, leave balances, disability/medical leave information where provided.
Background and screening data: employment history, education, background check results where submitted.
HR records and performance: evaluations, disciplinary records, notes submitted by Customers.
Device and usage data: IP address, browser type, device identifiers, log files, usage metrics.
Support and communications: emails, chat logs, recordings if provided, and any other information you share with us.
Sensitive categories: where Customers provide sensitive data (e.g., health information for leave, SSN/tax identifiers) we process it as necessary to provide services. Customers should only submit such data where lawfully permitted and as required for service delivery.
How We Use Personal Data (Purposes)
We process personal data to:
Provide and operate the iTensiaHR services (payroll processing, HR administration, timekeeping, onboarding, reporting, integrations).
Process payments and billing, and prevent fraud.
Communicate with Customers and end users about accounts, updates, and support.
Comply with legal obligations (tax reporting, employment law, recordkeeping).
Improve and secure our services (analytics, troubleshooting, security monitoring).
Perform testing, backup and disaster recovery.
Fulfill lawful requests from government authorities where required.
Legal Bases for Processing
Where applicable law requires a legal basis for processing (for example in the EU or similar jurisdictions), we process personal data on one or more of the following bases:
Performance of a contract: to provide the services you or your employer have requested.
Legal compliance: to comply with legal obligations (tax, labor, payroll reporting).
Legitimate interests: for our legitimate business interests (service maintenance, security, fraud prevention), balanced against your privacy interests.
Consent: where we or Customers seek consent for optional processing (e.g., certain marketing communications). Consent will be obtained where required and may be withdrawn as described below.
Note: Customers (as controllers) determine and document the legal basis for processing employees’ personal data for HR and payroll purposes. iTensia processes data on Customers’ instructions.
Sharing, Subprocessors, and Disclosures
Service providers (Subprocessors): We share personal data with third‑party subprocessors to provide the Services — for example cloud hosting providers, payment processors, payroll partners, background check vendors, email and support platforms, and analytics providers. We require subprocessors to protect personal data under contracts that meet or exceed the protections in our DPA.
Affiliates and business transfers: We may share data with our affiliates. If iTensia undergoes a merger, sale, or transfer of assets, personal data may be transferred as part of the transaction; we will require that the recipient honor the terms of this Privacy Policy.
Legal obligations: We may disclose personal data if required by law, legal process, litigation, or government request, or to protect rights, property or safety.
Controller’s instructions: We disclose personal data to third parties when instructed by a Customer (for example integrating with a Customer’s payroll bank or benefits provider).
We do not sell personal data.
International Transfers and Cross‑Border Processing
iTensia and its subprocessors operate globally. Personal data may be stored, transferred and processed in the United States, India, the Philippines, and other countries where we or our subprocessors maintain facilities. By using iTensiaHR, you consent to such transfers.
Where applicable law requires specific safeguards for international transfers, we implement appropriate measures (for example contractual guarantees such as standard contractual clauses, or other lawful mechanisms). For enterprise Customers, our DPA provides additional transfer safeguards and we will execute reasonable transfer addenda where required.
Data Retention
We retain personal data for as long as necessary to provide the Services and to fulfill contractual, legal and business purposes. Typical retention periods:
Active account data: retained while the Customer’s account is active.
After account termination: we retain data for a period (typically 90 days) to allow Customers to export data and for backup/ legal purposes; thereafter data is deleted or anonymized, unless applicable law requires longer retention.
Payroll, tax, and employment records: may be retained longer to meet legal requirements (varies by jurisdiction). Customers are responsible for ensuring required transcripts are exported/retained if needed.
Security
We implement administrative, technical and physical measures designed to protect personal data, including:
Access controls and role‑based permissions;
Encryption of data in transit and, where feasible, at rest;
Network and application security monitoring;
Regular vulnerability scanning, patching and secure development practices;
Data backups and disaster recovery processes;
Employee training and confidentiality obligations.
No security system is perfect; however, we take commercially reasonable steps to secure data. In the event of a confirmed data security incident affecting personal data, we will notify Customers without undue delay and cooperate as described in our DPA.
Cookies and Tracking Technologies
Our services and websites use cookies, web beacons, and similar technologies to operate the site, analyze usage, and for marketing. Types of cookies:
Essential: required for site functionality and account access.
Performance and analytics: to measure usage and improve services.
Functional: to remember preferences.
Advertising/marketing: to personalize ads (where permitted).
You can manage cookie preferences via your browser settings and, where provided, by our cookie consent tools. Disabling non‑essential cookies may affect functionality.
Your Privacy Rights and How to Exercise Them
Your rights depend on your country/jurisdiction. In general, where applicable you may have the right to:
Access: request a copy of personal data we hold about you.
Correction: request correction of inaccurate or incomplete data.
Deletion/erasure: request deletion of personal data (subject to legal and contractual exceptions).
Restriction: ask to restrict processing in certain circumstances.
Portability: request portability of your data in a machine‑readable format.
Object: object to processing based on legitimate interests or for marketing.
Withdraw consent: where processing is based on consent, you can withdraw consent.
How to submit requests: Contact legal@itensiahr.com with the subject line “Privacy Request” and include details about the request, your name, contact info, and any relevant account identifiers. We may need to verify your identity and may charge a reasonable fee where permitted by law.
Country‑specific notes:
United States: Federal law does not provide a single comprehensive privacy law; some states have consumer privacy laws (for example, California’s CCPA/CPRA). If you believe you have rights under applicable state law, provide your state and we will evaluate and respond consistent with law.
India: To the extent Indian law applies, data subjects may exercise rights to access, correction, and grievance redress under relevant law. We will cooperate with Controllers and regulators in India as required.
Philippines: Under the Data Privacy Act (RA 10173) and NPC regulations, data subjects have rights to access, correction, cessation of processing, blocking, and destruction of data. Data subjects may also file complaints with the National Privacy Commission (NPC). We will assist Controllers with requests and cooperate with NPC inquiries.
Note: When personal data is submitted by a Customer about its employees, the Customer is the data controller and should handle direct data subject requests; we will assist the Customer where technically feasible and as required by law.
Children
iTensiaHR is a business service. We do not knowingly collect personal data from children for consumer products. If you are under the legal age in your jurisdiction, do not provide personal data. If we learn we collected data from a child in violation of law, we will take steps to delete it.
Third‑party Links
Our sites may link to third‑party websites and services. This Privacy Policy does not apply to those third parties and we are not responsible for their content or practices. Review their privacy notices before providing personal data.
Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in practices or legal requirements. We will post the updated policy with a new Effective Date. Significant changes will be communicated by email to account administrators where possible.
Data Processing Addendum (DPA) and Enterprise Terms
Enterprise or business Customers who require contractual privacy and transfer protections should enter into our DPA (available on request). The DPA governs data processing obligations when we act as a Processor on behalf of a Controller.
Contact & Complaints
If you have questions, requests, or complaints about this policy or our data practices, contact legal@itensiahr.com. If you are in a jurisdiction with a privacy regulator (for example, the Philippines NPC), you may also lodge a complaint with the relevant authority.
Retention and Export Notes for Customers
Customers are responsible for exporting and retaining their data prior to account termination. After the retention period described above, we may delete Customer Data. For export requests or assistance, contact billing@itensiahr.com.
Governing Law and Disputes
This Privacy Policy is governed by the iTensiaHR Terms of Use. As stated in the Terms, governing law is Florida and disputes are subject to binding arbitration in Broward County, Florida except as otherwise permitted.
Useful Links
Features
Kiosk
© 2026 iTensiaHR . All Rights Reserved.