Privacy Policy

Last updated: April 2026

1. Who we are

PersoHR is operated by Labb Holding Ltd, a company registered in Cyprus (EU member state). We provide HR management software for European small businesses.

Contact: privacy@persohr.eu

2. What data we collect

Website visitors

We do not use tracking cookies, Google Analytics, or any third-party trackers on this website. We may use Plausible Analytics (EU-based, cookieless, GDPR-compliant) for anonymous usage statistics.

We store a locale preference cookie to remember your language selection. This is a strictly necessary cookie and does not require consent.

Registration

When you register, we collect: company name, subdomain, first name, last name, email address, and country. This data is processed to create your account and is stored in our database hosted in Germany.

3. How we use your data

  • To provide and maintain the PersoHR service
  • To send transactional emails (account verification, magic links)
  • To respond to support requests
  • To comply with legal obligations

We never sell your data. We never share your data with advertisers.

4. Where your data is stored

All data is stored in Hetzner Cloud data centres in Falkenstein and Nuremberg, Germany. No data leaves the European Union.

5. Sub-processors

  • Hetzner Cloud (Germany):Infrastructure and hosting
  • Brevo (France):Transactional email delivery
  • Stripe (Ireland):Payment processing
  • Mistral AI (France):AI features (optional, employee opt-out available)

6. Your rights

Under GDPR, you have the right to:

  • Access your personal data (Article 15)
  • Rectify inaccurate data (Article 16)
  • Erase your data (Article 17)
  • Restrict processing (Article 18)
  • Data portability (Article 20)
  • Object to processing (Article 21)

To exercise any of these rights, contact us at privacy@persohr.eu.

7. Data retention

Account data is retained for the duration of your subscription. After cancellation, data is retained for 90 days to allow reactivation, then permanently deleted.

8. Security

We use TLS 1.3 for data in transit and AES-256 encryption for sensitive data at rest. Access is controlled through role-based permissions with strict tenant isolation.

9. Changes to this policy

We will notify registered users by email of any material changes to this policy. The current version is always available at this URL.