Privacy Policy

1. Introduction

Welcome to Hevra ERP ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Enterprise Resource Planning (ERP) software and services.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide to us when you:

• Register for an account
• Express an interest in obtaining information about us or our products and services
• Participate in activities on the application
• Contact us

The personal information we collect may include:

• Name and contact data (email address, phone number, physical address)
• Credentials (passwords, password hints)
• Payment information (credit card numbers, billing address)
• Company information (company name, size, industry)

2.2 Automatically Collected Information

We automatically collect certain information when you visit, use, or navigate the application:

• Log and usage data (IP address, browser type, operating system)
• Device data (device type, unique device identifiers)
• Location data (general location based on IP address)

3. How We Use Your Information

We use the information we collect or receive:

• To provide and maintain our service: Including to monitor the usage of our service
• To manage your account: To manage your registration as a user of the application
• For contract performance: To develop, comply with, and undertake the purchase contract for products or services you have purchased
• To contact you: By email, telephone calls, SMS, or other forms of electronic communication
• To provide you with news and offers: About other goods, services, and events we offer that are similar to those you have already purchased or enquired about
• To manage your requests: To attend and manage your requests to us
• For business transfers: To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets
• For other purposes: Such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns

4. Sharing Your Information

We may share your information in the following situations:

• With Service Providers: We may share your information with third-party service providers who perform services for us or on our behalf
• For Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition
• With Your Consent: We may disclose your personal information for any other purpose with your consent
• With Business Partners: We may share your information with our business partners to offer you certain products, services, or promotions

5. Data Security

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, please note that no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure.

Our security measures include:

• AES-256 encryption for data at rest and in transit
• Regular security audits and penetration testing
• Access controls and authentication mechanisms
• Employee training on data protection and security
• Incident response and disaster recovery plans

6. Data Retention

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible, we will securely store your personal information and isolate it from any further processing until deletion is possible.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

• Right to Access: You have the right to request copies of your personal information
• Right to Rectification: You have the right to request that we correct any information you believe is inaccurate
• Right to Erasure: You have the right to request that we erase your personal information, under certain conditions
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal information
• Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization
• Right to Object: You have the right to object to our processing of your personal information

To exercise these rights, please contact us at [email protected]

8. GDPR Compliance

If you are a resident of the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR). We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your personal information.

9. Children's Privacy

Our service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us:

• Email: [email protected]
• Phone: +964 750 123 4567
• Address: Erbil, Kurdistan Region, Iraq