Privacy Policy
Last Updated: December 16, 2025
Plain English Summary: This Privacy Policy explains what data we collect, how we use it, and how we protect it. We collect employee data that you enter into LALO HR, use it to provide our services, and protect it using industry-standard security practices on AWS infrastructure.
1. Who We Are
Lalo LLC ("LALO HR," "we," "us," or "our") provides workforce management software that helps businesses track time, manage schedules, and handle leave requests. This Privacy Policy applies to all users of our Service, including:
- Administrators: Business owners, HR managers, and others who set up and manage LALO HR accounts
- Employees: Workers whose time, schedules, and leave are tracked in LALO HR
- Website Visitors: People who visit our marketing website
2. Information We Collect
2.1 Information You Provide
When you use LALO HR, you may provide:
| Data Type | Examples | Purpose |
|---|---|---|
| Account Information | Email, password, company name | Create and manage your account |
| Employee Information | Name, email, phone, employee ID, hire date, job title, department | Employee records and communication |
| Compensation Data | Hourly rates, salary information, pay schedules | Time tracking and payroll exports |
| Time Records | Clock in/out times, breaks, timesheets | Track attendance and calculate hours |
| Leave Data | PTO requests, balances, accrual history | Manage time off and track balances |
| Schedule Data | Shifts, availability, schedule preferences | Create and distribute schedules |
2.2 Information Collected Automatically
When you use LALO HR, we automatically collect:
- Device Information: Browser type, operating system, device identifiers
- Log Data: IP address, access times, pages viewed, actions taken
- Location Data: GPS coordinates when clocking in (if GPS verification is enabled)
- Cookies: Session cookies for authentication and preferences
📍 About GPS Location Data
GPS verification is an optional feature that employers can enable. When enabled, employee location is captured only at the moment of clock in/out—we do not track continuous location. Employees are notified when GPS verification is required, and the feature can be disabled by the administrator.
3. How We Use Your Information
We use the information we collect to:
Provide the Service
- Process time entries and calculate hours worked
- Manage employee schedules and availability
- Track PTO balances and process leave requests
- Generate reports and analytics
- Export data to payroll systems
Authenticate Users
- Verify identity through Amazon Cognito
- Manage user sessions and permissions
- Process password resets and account recovery
Improve the Service
- Analyze usage patterns to improve features
- Debug issues and fix errors
- Develop new functionality
Communicate With You
- Send transactional emails (password resets, notifications)
- Provide customer support
- Send important service announcements
4. How We Protect Your Information
Infrastructure Security
LALO HR is built on Amazon Web Services (AWS), which provides enterprise-grade security infrastructure. Our security measures include:
🔐 Encryption
- TLS 1.2+ for data in transit
- AES-256 encryption at rest
- Encrypted database storage
🔑 Access Control
- Role-based permissions
- Multi-tenant data isolation
- Secure API authentication
🔍 Monitoring
- Real-time security monitoring
- Audit logging
- Anomaly detection
☁️ AWS Services
- Amazon Cognito for authentication
- Amazon DynamoDB for data storage
- AWS CloudFront for content delivery
Authentication via Amazon Cognito
We use Amazon Cognito to manage user authentication. Cognito provides:
- Secure password storage with industry-standard hashing
- Multi-factor authentication (MFA) support
- Secure token-based session management
- Protection against common attacks (brute force, credential stuffing)
Your password is never stored in plain text. Authentication tokens expire automatically and must be refreshed, limiting the impact of any token compromise.
5. Data Sharing
We Do Not Sell Your Data
We do not sell, rent, or trade your personal information or employee data to third parties.
Limited Sharing
We may share information only in these circumstances:
| Recipient | Purpose | Data Shared |
|---|---|---|
| Amazon Web Services | Infrastructure hosting, authentication | All data (as infrastructure provider) |
| Your Payroll Provider | Timesheet exports (at your request) | Hours, wages, PTO as exported |
| Law Enforcement | Legal compliance (if required) | As legally required |
| Business Successors | Merger, acquisition, or sale | All data (with notice) |
6. Data Retention
We retain your data as follows:
- Active Accounts: Data is retained as long as your account is active
- After Termination: Data is retained for 90 days after account termination to allow for data export, then deleted
- Backups: Backup copies may persist for up to 30 additional days
- Legal Requirements: We may retain data longer if required by law
Important for Employers: Many jurisdictions require you to retain payroll and time records for 3-7 years. LALO HR provides export functionality, but it is your responsibility to maintain records as required by law.
7. Your Rights
Depending on your location, you may have the following rights:
For All Users
- Access: Request a copy of your personal data
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your data (subject to legal retention requirements)
- Export: Export your data in a portable format
For California Residents (CCPA)
California residents have additional rights under the California Consumer Privacy Act:
- Right to know what personal information we collect
- Right to delete personal information
- Right to opt-out of sale of personal information (we do not sell data)
- Right to non-discrimination for exercising your rights
For Employees
If you're an employee whose data is tracked in LALO HR, your employer is the "data controller" for your employment data. To exercise your rights, contact your employer's HR department first. For questions about how LALO HR processes data, contact us at privacy@lalohr.com.
8. Cookies and Tracking
We use cookies and similar technologies for:
| Cookie Type | Purpose | Required? |
|---|---|---|
| Authentication | Keep you logged in | Yes |
| Preferences | Remember your settings | Yes |
| Security | Prevent fraud and attacks | Yes |
| Analytics | Understand how features are used | Optional |
You can control cookies through your browser settings. However, disabling essential cookies may prevent you from using LALO HR.
9. Children's Privacy
LALO HR is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected data from a child under 18, we will delete it promptly.
10. International Data Transfers
LALO HR is hosted on AWS infrastructure in the United States. If you access the Service from outside the United States, your data will be transferred to and processed in the United States.
By using LALO HR, you consent to the transfer of your data to the United States, which may have different data protection laws than your country of residence.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes, we will:
- Update the "Last Updated" date at the top of this page
- Notify account administrators by email
- Display a notice in the application
Your continued use of LALO HR after changes take effect constitutes acceptance of the updated Privacy Policy.
12. Contact Us
If you have questions about this Privacy Policy or our data practices, contact us at:
Lalo LLC
Coal Valley, Illinois
Email: privacy@lalohr.com
For data access, correction, or deletion requests, please email privacy@lalohr.com with the subject line "Privacy Request."
Summary of Data Processing
What We Collect
- Account and login information
- Employee records and profiles
- Time and attendance data
- Leave requests and balances
- Schedule and shift information
- Device and log data
How We Protect It
- Encryption in transit and at rest
- Secure authentication (Cognito)
- Role-based access control
- Multi-tenant data isolation
- Security monitoring and logging
- AWS enterprise infrastructure
Ready to Get Started?
By creating an account, you agree to our Terms of Service and this Privacy Policy.