← Back to Home

Privacy Policy — YeahBoss ESS

Effective date: May 11, 2026 · Last updated: May 11, 2026

This policy applies to the YeahBoss ESS mobile application distributed on Google Play (package name: com.yeahboss.ess) and related services operated by us as described below.

Summary (plain language)

  • YeahBoss ESS is an employee self-service app used with your employer's HR setup (for example Odoo or another backend your organization configures).
  • Your employer is responsible for most HR records (attendance, leave, payroll, profile fields, etc.). This policy explains what we may collect and process as the app provider, including account, device, and technical data needed to run the service.
  • When you use the app, employment-related information may be shown on your device and transmitted between your device, our services, and systems your employer controls—only as needed to provide the features your organization enabled.
  • We do not sell your personal information. We use trusted service providers (for example push delivery or crash diagnostics) only where needed to operate the app, subject to contracts and this policy.
  • Google Play also shows a "Data safety" summary for our app. That summary must match how the app works; this policy is the detailed version. If anything conflicts, we treat the more protective description as controlling and will correct inconsistencies when identified.

1. Who we are

"YeahBoss," "we," "us," and "our" refer to the organization responsible for the YeahBoss ESS product and the contact details in Section 14. The YeahBoss ESS mobile app is intended for use by employees and authorized users of our business customers.

Your employer and HR data. For employee and HR content (such as names, IDs, attendance, leave, payroll-related screens, and similar), your employer (or the organization that gave you access) is typically the primary decision-maker about that data. Our role is to provide software and, depending on deployment, hosting or connectivity that makes the app work with your employer's systems. Your employer's privacy notice may also apply alongside this policy.

2. Data we collect and process

The categories below depend on how your employer configured the product. We describe the typical cases for transparency and to align with Google Play's expectation that policies accurately reflect collection, use, and sharing.

2.1 Account, authentication, and session data

  • Identifiers you use to sign in (such as username, email, or employee identifier as configured by your employer).
  • Authentication tokens, session identifiers, and security-related logs needed to keep you signed in safely and prevent abuse.

2.2 Device and app technical data

  • Device or installation identifiers that the platform or our providers expose for diagnostics, fraud prevention, or push notification delivery (for example push registration tokens).
  • App version, language, operating system version, and similar technical metadata to maintain compatibility and diagnose crashes.
  • IP address and network metadata when your device communicates with our or your employer's servers.

2.3 Employment and HR information shown or transmitted in the app

The app is designed to display and submit HR-related information that your employer stores in connected systems. Depending on configuration, that can include (non-exhaustive): profile or contact fields, org structure, attendance and time data, leave requests and balances, payroll or payslip-related views, documents, approvals, and messages your employer enables.

Important: We do not claim that employment-related data "never" touches our services. Where we provide APIs, hosted components, sync, or authentication, such data may transit through or be processed on systems we operate strictly to deliver the service your employer purchased—not for unrelated advertising or resale.

2.4 Optional features and permissions

If a feature requires a mobile device permission (for example camera, photos, location, microphone, or biometric unlock), we request it only where needed for that feature, explain the purpose in context where practicable, and use the data only for that purpose unless we obtain separate consent where required by law. You can review or revoke permissions in your device settings; some features may stop working if you revoke access.

3. How we use data (purposes)

  • Provide, operate, maintain, and secure the YeahBoss ESS service.
  • Authenticate users, prevent fraud and misuse, and enforce rate limits or account protections.
  • Deliver in-app functionality and sync with your employer's configured backend.
  • Send service-related notifications when enabled (for example through push notification infrastructure).
  • Monitor reliability and diagnose errors (including crash reporting where implemented).
  • Comply with law and respond to lawful requests.
  • Communicate about security, abuse, or material changes affecting your use of the app.

4. Legal bases (where applicable)

If the GDPR or similar laws apply, we rely on appropriate bases such as: performance of a contract with your employer (or steps at their request); our legitimate interests in securing and improving the service (balanced against your rights); compliance with legal obligations; and consent where we expressly ask for it (for example optional marketing or non-essential analytics, if offered).

5. Sharing and subprocessors

We do not sell personal information. We may share data only as follows:

  • Your employer and their authorized administrators, consistent with how they configured the service.
  • Service providers who process data on our behalf under agreements (for example cloud hosting, push notification delivery, email, monitoring, or customer support tools). We instruct them to use data only for providing those services to us.
  • Professional advisers, auditors, or insurers where required and subject to confidentiality.
  • Law enforcement or regulators when we believe disclosure is required by law or necessary to protect rights, safety, or security.
  • Business transfers (for example merger or asset sale) with appropriate safeguards and notice where required.

Third-party SDKs included in the app must follow applicable policies; their data practices are reflected in our Google Play Data safety declarations. Those declarations and this policy are kept aligned as the product changes.

6. International transfers

We may process data in the United Arab Emirates and other countries where we or our service providers operate. Where required, we use appropriate safeguards (such as contractual clauses) for transfers of personal data that originated in regions with cross-border transfer rules.

7. Retention

We retain information only as long as needed for the purposes above, including:

  • Account and security logs: for a limited period consistent with troubleshooting and legal obligations.
  • HR content: typically governed by your employer's retention settings and applicable employment, tax, and corporate record rules.
  • Backups: may persist for a short overlap after deletion before rolling off backup cycles.

8. Security

We implement administrative, technical, and organizational measures appropriate to the risk, including access controls, encryption in transit for client–server communication where supported by the product, and monitoring for abuse. No method of transmission or storage is 100% secure; if we become aware of an incident that affects you, we will follow applicable legal requirements for notification.

9. Your choices and rights

  • Access, correction, deletion: Many requests for HR data must be routed through your employer because they control the underlying records. You may also contact us using Section 14 for data we hold in our role as vendor.
  • Notifications: You can disable push notifications in device settings or in-app controls where available.
  • Analytics or optional telemetry: If we offer optional analytics, we will provide an opt-out or use platform-appropriate controls where feasible.
  • Regional rights: Depending on your location, you may have rights to object, restrict processing, withdraw consent, or lodge a complaint with a supervisory authority. We will respond within applicable timelines.

California residents: we do not sell personal information as "sell" is commonly defined under the CCPA/CPRA. You may have rights to know, delete, and correct certain information; contact us below. We do not use sensitive personal information for inferring characteristics in a way prohibited by CPRA where those rules apply.

10. Account and data deletion

To close access provided through your employer, contact your HR or IT administrator. To request deletion or export of data processed by us outside your employer's systems, email privacy@yeahboss.com with your organization name and work email. We may need to verify your identity and coordinate with your employer. Uninstalling the app does not by itself delete records your employer retains in their backend.

11. Children

YeahBoss ESS is a workplace app and is not directed to children. We do not knowingly collect personal information from children under 13 (or the higher age required in your region for valid consent). If you believe a child has provided us data, contact us and we will take appropriate steps to delete it.

12. Cookies and web content

If the app opens web content we control (for example help pages or embedded portals), cookies or similar technologies may be used for essential functionality, preferences, or analytics as disclosed on those properties. Open-web browsing initiated by you in a generic browser view is governed by the respective sites you visit.

13. Changes to this policy

We may update this policy to reflect product, legal, or regulatory changes. We will post the new effective date at the top and, where appropriate, provide additional notice (for example in-app or by email). Continued use after the effective date means you accept the updated policy except where your consent is required for material changes.

14. Contact

For privacy questions or requests, contact us at privacy@yeahboss.com.

Phone: +971 56 699 1990

Address: Suite 4116, Churchill Tower, Burj Khalifa Community, Business Bay, PO Box 124884, Dubai, United Arab Emirates