1. Introduction
This Privacy Policy describes how Pand'Or ("we", "us", "our") collects, uses, stores, and protects personal information through the PandOr App ("the App").
The App is an internal employee portal designed exclusively for authorized employees and staff of Pand'Or. Access is restricted to individuals whose accounts have been created by a company administrator. There is no public registration.
By using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use and contact your administrator.
2. Information We Collect
2.1 Information Provided by Your Administrator
When your company administrator creates your account, the following information is recorded:
- Full name
- Email address (company-issued)
- Assigned role (e.g., staff, supervisor, manager, owner)
- Department assignment
2.2 Information You Provide Through the App
- Messages and chat content — text messages and images shared in private and group conversations
- Photos and images — images uploaded for menu items, purchase receipts, complaints, announcements, and chat
- Comments and announcements — text content you post, including @mentions of other employees
- Business data entries — purchase requests, maintenance requests, complaints, calendar entries, and other operational records you create
- Password — stored in encrypted (hashed) form; we cannot view your password
2.3 Information Collected Automatically
- Device push notification token — a unique identifier provided by Apple (APNs) or Google (FCM) to deliver push notifications to your device
- Device type and platform — (e.g., iOS or Android) for notification delivery
- Authentication tokens — session tokens (JWT) stored locally on your device for secure access
- Timestamps — date and time of account activity, message sends, and data modifications
2.4 Information We Do NOT Collect
- Precise geolocation or GPS data
- Contacts or address book
- Browsing history
- Advertising identifiers
- Financial or payment information
- Health or biometric data
3. How We Use Your Information
We use the collected information solely for internal business operations:
| Purpose | Data Used |
|---|---|
| Authenticate your identity and manage sessions | Email, password (hashed), JWT tokens |
| Enable internal communication (chat, announcements) | Name, messages, images, @mentions |
| Manage operational workflows (purchasing, maintenance, menu development) | Business data entries, role, department |
| Send push notifications for work-related updates | Device push token, device platform |
| Enforce role-based access control | Assigned role, department |
| Display employee names in relevant contexts (comments, assignments, chat) | Full name |
We do not use your information for advertising, profiling, automated decision-making, or any purpose unrelated to Pand'Or's internal operations.
4. Data Sharing and Disclosure
4.1 Within the Organization
Your name, role, and department are visible to other authenticated employees within the App, as this is necessary for internal communication and workflow management. Messages in private chats are only visible to the participants. Group chat messages are visible to group members.
4.2 Third-Party Services
We use the following third-party services to operate the App:
| Service | Provider | Purpose | Data Shared |
|---|---|---|---|
| Expo Push Notification Service | Expo / 650 Industries, Inc. | Delivering push notifications to your device | Device push token, notification content (title, body) |
| Apple Push Notification service (APNs) | Apple Inc. | Push notification delivery on iOS | Device token |
| Firebase Cloud Messaging (FCM) | Google LLC | Push notification delivery on Android | Device token |
4.3 No Sale of Data
We do not sell, rent, trade, or otherwise transfer your personal information to third parties for commercial or marketing purposes.
4.4 Legal Requirements
We may disclose your information if required to do so by law, regulation, legal process, or enforceable governmental request.
5. Data Storage and Security
5.1 Storage
- All data is stored on secure servers operated by or on behalf of Pand'Or.
- The database is hosted in a controlled environment with restricted access.
- Uploaded files (images, documents) are stored on the application server with access controlled through authentication.
5.2 Security Measures
- Encryption in transit: All communication between the App and our servers uses HTTPS/TLS encryption.
- Password hashing: Passwords are hashed using bcrypt with a high cost factor and are never stored in plain text.
- Token-based authentication: Sessions are managed via short-lived JWT access tokens (1 hour) and refresh tokens (7 days), stored securely on-device using platform-native secure storage (iOS Keychain / Android Keystore).
- Role-based access control: Server-side enforcement ensures users can only access data and actions permitted by their assigned role.
- Security headers: The server uses security headers (Helmet) and CORS policies to mitigate common web vulnerabilities.
5.3 Data Breach
In the event of a data breach that affects your personal information, we will notify affected users and relevant authorities as required by applicable law within a reasonable timeframe.
6. Data Retention
- Active accounts: Your data is retained for as long as your employee account is active.
- Deactivated accounts: When your account is deactivated by an administrator (e.g., upon leaving the company), your account data is soft-deleted and may be retained for a reasonable period for business record-keeping purposes before permanent deletion.
- Chat messages: Retained for the duration of the conversation's existence.
- Uploaded files: Retained as long as the associated record (menu item, complaint, etc.) exists.
- Push notification tokens: Removed from our servers when you log out or your account is deactivated.
7. Your Rights
As an employee using this App, you have the following rights regarding your personal data:
- Access: You can view your personal information through your profile in the App.
- Correction: You can request corrections to your account information through your company administrator.
- Deletion: You can request deletion of your account and associated data by contacting your company administrator. Note that certain business records may need to be retained for legal or operational purposes.
- Push notification opt-out: You can disable push notifications through the App's notification settings screen or through your device's system settings at any time.
- Withdraw consent: You may stop using the App at any time. Contact your administrator to request account deactivation.
To exercise any of these rights, contact your company administrator or reach out to us using the contact information provided below.
8. Children's Privacy
The App is intended for use by authorized employees of Pand'Or only. We do not knowingly collect personal information from anyone under the age of 17. If you believe a minor has been granted access to the App in error, please contact us immediately so we can take appropriate action.
9. International Data Transfers
The App's servers are located in Indonesia. If you access the App from outside Indonesia, please be aware that your data may be transferred to and processed in Indonesia. By using the App, you consent to such transfer and processing.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make changes:
- The "Effective Date" at the top of this page will be updated.
- For significant changes, we will notify employees through an announcement within the App.
- Continued use of the App after changes constitutes acceptance of the updated policy.
11. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
- Company: Pand'Or
- Email: privacy@pandor.id
For account-related requests (access, correction, deletion), please contact your company administrator directly.