Compliance

Built for Romanian law and European standards.

Compliance isn't a page added at the end. It's part of the product architecture: minimal data, controlled access, encryption, logging and clear retention.

GDPR

Documented processing

Legal bases, roles, data-subject rights and an operational record of processing activities.

Labour Code

Proof and legibility

Payroll documents are kept in a flow that preserves their integrity and accessibility.

Security

Encryption and limited access

TLS for transport, encryption at rest, logical separation between clients and roles with clear permissions.

Practices

What we treat as mandatory.

  • Data minimisationWe collect only what's needed for delivery, security and compliance.
  • Immutable audit logKey events are kept with timestamps and technical details.
  • Access controlDistinct roles for administrators, accountants, employers and employees.
  • Export and portabilityClients can request relevant operational and historical exports.
  • Clear retentionData isn't kept longer than the purpose and applicable legal framework require.