Privacy Policy | MyAssetFlow

1. Introduction

Welcome to MyAssetFlow, a cloud-based Asset & Workflow Management Platform operated by Eyona Software Development (Pty) Ltd ("we," "us," or "our"), based in Cape Town, South Africa.

MyAssetFlow is available as a web portal and as mobile applications on Android (Google Play) and iOS (Apple App Store). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including our website, web portal, and mobile applications (collectively, the "Service").

By accessing or using MyAssetFlow, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of the Service immediately.

2. Information We Collect

We collect several categories of information to provide and improve our Service. The specific data collected depends on how you and your organization use MyAssetFlow.

2.1 Account & Organization Information

When you register for MyAssetFlow, we collect:

Organization name and details
Account holder name, email address, and contact information
Billing and subscription information
Account preferences and configuration settings

2.2 Employee & User Data

Organizations using MyAssetFlow may create and manage employee profiles. This data may include:

Employee names and contact details
Roles, departments, and job titles
Task assignments and work schedules
Performance and activity records within the platform

Employee data is managed by your organization. As the data controller, your organization is responsible for ensuring it has a lawful basis to process employee personal information through MyAssetFlow.

2.3 Asset Data

Information about assets managed through the platform, including:

Asset descriptions, categories, and identifiers
Asset locations and GPS coordinates
Condition reports and maintenance history
Photos and images of assets captured via camera or uploaded
Asset assignment and transfer records
Inventory items, stock levels, and stock-take data

2.4 Digital Form Submissions

MyAssetFlow supports customizable digital forms. Data collected through forms may include:

Free-text entries, selections, and structured data fields
Photographs taken in-app or uploaded as part of form submissions
Digital signatures captured on-screen
Date, time, and location stamps associated with submissions
File attachments

Digital Signatures: Signatures captured through our forms are stored securely and associated with the relevant form submission. They serve as a record of acknowledgement or approval and are included in audit trail data.

2.5 Workflow & Task Data

Workflow definitions, steps, and automation rules
Task details, statuses, priorities, and deadlines
Issue tracking records and resolution history
Comments, notes, and collaboration data
Integration data exchanged with third-party services

2.6 Device Information & Usage Analytics

When you use our mobile apps or web portal, we automatically collect:

Device type, model, operating system, and version
Unique device identifiers
App version and build number
Browser type and version (web portal)
Usage patterns, feature interactions, and session data
Crash reports and performance diagnostics

2.7 Location Data

MyAssetFlow collects location data in the following contexts:

Asset Tracking: GPS coordinates are captured to record and track asset locations in real time
Form Submissions: Location may be recorded when forms are submitted to provide geographic context
Audit Trail: Location stamps may be included in audit logs for accountability purposes

Location Permissions: Our mobile apps request location access to support asset tracking and location-stamped data. You can manage location permissions through your device settings. Disabling location access may limit certain features.

2.8 Camera & Photo Access

Our mobile applications request camera access to enable:

Capturing photos of assets for condition documentation
Attaching images to digital form submissions
Scanning barcodes or QR codes for asset identification
Taking photos for issue reporting and evidence recording

Camera Permissions: Camera access is requested only when needed for the above features. Photos taken within the app are uploaded to our secure cloud infrastructure and associated with the relevant asset, form, or record. You may revoke camera permissions at any time through your device settings.

2.9 Contact Form Data

When you contact us through our website, we collect your full name, email address, subject, and message content.

3. How We Use Your Information

We use the information we collect for the following purposes:

Providing, operating, and maintaining the MyAssetFlow platform
Managing user accounts, organizations, and access permissions
Enabling asset tracking, workflow automation, and task management
Processing and storing digital form submissions, including photos and signatures
Generating reports, analytics, and audit trails
Supporting offline functionality and data synchronization
Sending service-related notifications and updates
Responding to support requests and inquiries
Improving our platform through usage analytics and diagnostics
Ensuring security and preventing fraud or unauthorized access
Complying with legal obligations

4. Information Sharing and Disclosure

We do not sell your personal information. We may share data in the following limited circumstances:

Within Your Organization: Data you enter is accessible to authorized users within your organization based on their roles and permissions
Service Providers: We use trusted third-party providers for cloud hosting, analytics, email delivery, and payment processing. These providers are contractually obligated to protect your data
Integrations: If your organization enables third-party integrations, data may be shared with those services as configured by your administrators
Legal Requirements: We may disclose information when required by law, regulation, legal process, or governmental request
Business Transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of the transaction
With Consent: We may share information when you have given us explicit consent to do so

5. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. Specific retention practices include:

Account Data: Retained for the duration of your subscription and for a reasonable period afterward to allow for reactivation or comply with legal obligations
Asset & Operational Data: Retained as long as your organization's account is active
Audit Trail Data: Maintained for compliance and accountability purposes and retained in accordance with applicable regulations
Offline Data: Locally cached data is retained on the device until synchronized with our servers, after which local copies may be cleared based on app storage policies

When an account is deleted, we will remove or anonymize personal data within a reasonable timeframe, except where retention is required by law.

6. Data Security

We implement robust security measures to protect your information:

Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS/SSL protocols
Encryption at Rest: Stored data, including photos, signatures, and form submissions, is encrypted on our servers
Access Controls: Role-based access controls ensure that users can only access data appropriate to their permissions
Authentication: Secure authentication mechanisms protect account access
Infrastructure Security: Our cloud infrastructure is hosted with reputable providers that maintain industry-standard security certifications
Regular Monitoring: We monitor our systems for vulnerabilities and unauthorized access attempts

While we take reasonable precautions, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security.

7. Your Rights (POPIA & GDPR)

Depending on your jurisdiction, you may have the following rights regarding your personal information:

Under South Africa's Protection of Personal Information Act (POPIA):

The right to be notified that your personal information is being collected
The right to access your personal information held by us
The right to request correction of inaccurate or incomplete information
The right to request deletion or destruction of your personal information
The right to object to the processing of your personal information
The right to lodge a complaint with the Information Regulator

Under the EU/UK General Data Protection Regulation (GDPR):

Right of access to your personal data
Right to rectification of inaccurate data
Right to erasure ("right to be forgotten")
Right to restriction of processing
Right to data portability
Right to object to processing
Rights related to automated decision-making and profiling

To exercise any of these rights, please contact us at info@eyonasoftware.co.za. We will respond to your request within the timeframes required by applicable law.

Organization-Managed Data: If your employer or organization manages your MyAssetFlow account, please direct data access or deletion requests to your organization's administrator first, as they control the data entered on your behalf.

8. Offline Data & Synchronization

MyAssetFlow supports offline functionality to ensure productivity in areas with limited connectivity:

Local Storage: When offline, data including form submissions, task updates, photos, and asset records is stored locally on your device
Automatic Sync: When connectivity is restored, locally stored data is automatically synchronized with our cloud servers
Data Integrity: Our synchronization process includes conflict resolution to ensure data accuracy
Local Security: Offline data stored on your device is protected using your device's built-in security features. We recommend using device-level encryption and a secure lock screen

Important: Until offline data is synchronized with our servers, it exists only on your device. Loss or damage to the device before synchronization may result in data loss. We recommend syncing regularly when connectivity is available.

9. Children's Privacy

MyAssetFlow is designed for business use and is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected data from a child, we will take steps to delete that information promptly.

If you believe a child has provided us with personal information, please contact us at info@eyonasoftware.co.za.

10. International Data Transfers

Eyona Software Development (Pty) Ltd is based in Cape Town, South Africa. Your information may be transferred to and processed in countries other than your own, including countries where our cloud infrastructure providers operate.

When we transfer personal data internationally, we take appropriate measures to ensure your information is protected in accordance with this Privacy Policy and applicable data protection laws, including:

Using service providers that adhere to recognized data protection frameworks
Implementing standard contractual clauses where required
Ensuring adequate safeguards are in place as required by POPIA and GDPR

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

We will update the "Effective Date" at the top of this page
We may notify you via email or through a notice within the application
Continued use of MyAssetFlow after changes are posted constitutes acceptance of the revised policy

We encourage you to review this Privacy Policy periodically.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Company: Eyona Software Development (Pty) Ltd
Email: info@eyonasoftware.co.za
Location: Cape Town, South Africa
Website: myassetflow.com