Effective Date: March 29, 2026. This policy outlines our commitment to transparency and your total control over payroll data.
Quick Jump
PayslipGen is a self-hosted software product. Unlike a SaaS (Software as a Service) model where your data is stored on our servers, PayslipGen is installed on your own hardware or private cloud instance.
The Zero-Access Guarantee: We (the developers) do not have access to your server, your database, your employee records, or your configurations. Your sensitive payroll data never touches our systems.
As the purchaser and host of this software, you generally act as the Data Controller (or equivalent role) for your employee payroll data. You decide how data is collected, stored, retained, and used in your own environment.
In normal product usage, we do not host your payroll data. If you intentionally share data with us for support or debugging, limited processing may occur only for that support purpose. This page is informational and not legal advice.
When you use the automated delivery features, your installation communicates directly with your chosen service provider via encrypted channels (TLS/SSL).
All payroll records and batch histories are stored in your local database.sqlite file. We strongly recommend encryption-at-rest (disk or volume encryption), strict file permissions, and encrypted backups.
You must protect your admin credentials and master password. We recommend regular backups of the database file and generated PDF directory to prevent data loss.
PayslipGen is designed to support common privacy compliance workflows, but it does not automatically make your organization compliant. You remain responsible for legal review and implementation.
Designed to support GDPR workflows such as access, correction, deletion, and data minimization in your own environment.
Designed to support UK GDPR and DPA 2018 obligations where data remains under your operational control.
Designed to support CCPA/CPRA operations including disclosure handling and deletion workflows under your own policies.
Designed to support PIPEDA-aligned controls such as access management, data stewardship, and retention governance.
Designed to support PDPA-style obligations and local hosting preferences where required by your organization.
Designed to support regional privacy programs, including localization and access-control strategies set by your team.
Designed to support APP-focused handling, including local governance for storage, access, and cross-border transfer decisions.
Designed to support DPDP-style consent and purpose-limitation processes operated by your organization.
Designed to support PIPL-oriented local control and security governance subject to your legal obligations.
Seller / Publisher: Sakib MD Nazmush (PayslipGen)
Contact Email: nazmushssakib@gmail.com
Business Address: Dhaka, Bangladesh (full mailing address provided on written request for legal notices)
For privacy questions or request handling guidance, email nazmushssakib@gmail.com with subject line Privacy Request. We aim to respond within 30 days.
If we become aware of a security incident affecting systems we directly operate (such as this website or product delivery channels), we will investigate promptly and notify affected users without undue delay when legally required. For incidents in your self-hosted environment, you are responsible for internal incident response, notification duties, and remediation.
We believe in your right to privacy. By using PayslipGen, you are choosing a more secure, more private way to handle your company's most sensitive data.