Privacy Policy
Last updated: May 30, 2026
BuamsHR ("we", "our", or "us") is committed to protecting the privacy of our customers and the individuals whose data passes through our platform. This Privacy Policy explains what information we collect, how we use it, and your rights as a user.
1. Information We Collect
Account & Organization Data
When you create a BuamsHR account, we collect your name, email address, organization name, subdomain, and billing information.
Employee Data
As an HR platform, we store employee records on your behalf, including names, contact information, employment details, compensation, scheduling data, and credentialing documents. This data belongs to you — we are the processor, you are the controller.
Usage Data
We collect information about how you use the platform — pages visited, features used, session duration — to improve the product and provide support.
2. How We Use Information
We use the information we collect to:
- Provide, operate, and improve the BuamsHR platform
- Process payroll, schedule shifts, and manage HR workflows on your behalf
- Send product updates, billing notices, and support communications
- Detect and prevent fraud or security incidents
- Comply with legal obligations
We do not sell personal data to third parties. We do not use employee data for advertising or marketing purposes.
3. HIPAA & Healthcare Data
BuamsHR is designed for use by healthcare organizations and takes HIPAA compliance seriously. We maintain administrative, physical, and technical safeguards required by the HIPAA Security Rule.
We execute a Business Associate Agreement (BAA) with all customers who handle Protected Health Information (PHI). Contact us at info@buamshr.com to request a BAA.
Employee personnel records stored in BuamsHR (such as licenses, certifications, and employment files) are treated as confidential HR data and protected under the same security controls as PHI.
4. Data Sharing
We share data only in the following circumstances:
- Service providers: Trusted vendors who process data on our behalf (e.g., payment processors, cloud infrastructure). They are bound by confidentiality agreements.
- Legal requirements: When required by law, court order, or government authority.
- Business transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users.
5. Cookies
We use cookies and similar technologies for:
- Authentication: Keeping you logged in securely
- Preferences: Remembering your settings
- Analytics: Understanding how the product is used (aggregate, anonymized data only)
You can control cookie settings in your browser. Note that disabling certain cookies may affect platform functionality.
6. Data Retention
We retain account and employee data for the duration of your subscription plus 30 days after cancellation, during which you can export all data. After 30 days, data is permanently deleted unless a longer retention period is required by law.
Backups are retained for up to 90 days as part of our disaster recovery procedures.
7. Your Rights
Depending on your location, you may have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Object to or restrict certain processing
- Data portability (export your data in a machine-readable format)
To exercise these rights, contact us at info@buamshr.com. We will respond within 30 days.
8. Security
We implement industry-standard security measures including:
- Encryption at rest (AES-256) and in transit (TLS 1.2+)
- Role-based access controls
- Comprehensive audit logging
- Regular security assessments
- Incident response procedures
No method of transmission over the internet is 100% secure. If you believe your account has been compromised, contact us immediately.
9. Contact Us
For privacy questions, data requests, or to request a Business Associate Agreement: