Privacy Policy
Last updated: March 2026
1. Scope
This policy applies to CRSM HR Portal and its module applications (Time & Attendance, Duty Roster, HR Admin Center) used by all departments and employees of Crimson Resort and Spa Mactan.
2. Information we collect and use
We collect and process only what is needed to run the applications: sign-in data (e.g. email and authentication) for admin users, session information, and operational data you enter (e.g. roster data, attendance logs, leave requests, handover notes). This data is used to provide the service, enforce access control, and keep your work persistent and secure.
3. Storage and security
Data is stored using Supabase (database and authentication). Access is restricted to authorized users. We do not sell your data. Data may be retained as long as needed for operational and legal purposes.
4. Your rights
You may request access to, correction of, or deletion of your data by contacting the Human Resources Department or the application creator. Use of the applications implies acceptance of this policy.
5. Changes
We may update this Privacy Policy from time to time. The "Last updated" date at the top will reflect the latest version. Continued use after changes constitutes acceptance of the updated policy.