Privacy Policy

Last updated: June 8, 2026

        Summary: Intisia collects only the data needed to provide its HR and engagement features. We do not sell your personal data. Your organization controls most of the data entered on the platform.
    

This Privacy Policy describes how Intisia ("we", "us", or "our") collects, uses, and shares information when you use the Intisia mobile application and web platform (the "Service"). By using the Service, you agree to the collection and use of information as described in this policy.

1. Who Controls Your Data

Intisia operates as a platform accessed through your employer or organization. In most cases, your employer (the "Administrator") is the data controller for personal information you submit through the Service. Intisia acts as a data processor on behalf of your employer.

If you have questions about how your employer processes your data, please contact your HR administrator.

2. Information We Collect

Information provided by you or your organization:

Account details (name, email address, job title, profile photo)
Employment information (team, manager, start date)
Vacation and leave requests and history
CV and professional experience data
Feedback, recognition messages, and meeting notes
Any custom fields defined by your organization

Information collected automatically:

Log data (IP address, browser type, pages visited, timestamps)
Device information (device type, operating system)
Usage data (features used, actions performed)
Session tokens and authentication data

3. How We Use Your Information

We use the collected information to:

Provide, maintain, and improve the Service
Authenticate users and manage accounts
Process and display vacation requests, feedback, and other HR workflows
Send notifications related to your account and activity on the platform
Respond to support requests and inquiries
Monitor and analyze usage to improve features
Comply with legal obligations

4. How We Share Your Information

We do not sell, trade, or rent your personal information. We may share data in the following circumstances:

Within your organization: Information you submit (e.g., vacation requests, recognition messages) is visible to colleagues and managers as intended by the feature.
Service providers: We may share data with third-party providers who help us operate the Service (e.g., hosting, email delivery). These providers are bound by data processing agreements.
Legal compliance: We may disclose data if required by law, court order, or government authority.
Business transfers: In the event of a merger or acquisition, user data may be transferred as part of the transaction.

5. Data Retention

We retain personal data for as long as your account is active or as needed to provide the Service. Your organization's Administrator can delete user accounts and associated data. We may retain certain data for a limited period to comply with legal obligations or resolve disputes.

6. Security

We take reasonable measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These include:

Encrypted connections (HTTPS/TLS) for all data in transit
Password hashing using industry-standard algorithms
Role-based access controls limiting data access to authorized users
Regular security reviews of our infrastructure

No method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Your Rights

Depending on your location and applicable law, you may have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you
Rectification: Request correction of inaccurate or incomplete data
Erasure: Request deletion of your personal data, subject to legal obligations
Portability: Request a machine-readable copy of your data
Objection: Object to processing based on legitimate interests
Restriction: Request restriction of processing in certain circumstances

To exercise these rights, please contact your Administrator first. For requests that require our direct involvement, contact us at nemanjabosnjane@gmail.com.

8. Cookies

The Service uses cookies and similar tracking technologies to maintain sessions and improve your experience. These include:

Essential cookies: Required for the Service to function (e.g., session authentication)
Functional cookies: Remember your preferences (e.g., language, theme settings)

We do not use advertising or third-party tracking cookies.

9. Children's Privacy

The Service is not directed to individuals under 18 years of age. We do not knowingly collect personal data from anyone under 18. If we become aware of such collection, we will delete the information promptly.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We take steps to ensure that such transfers comply with applicable data protection laws and that your data remains adequately protected.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes by updating the "Last updated" date. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your data, please contact us:

Email: nemanjabosnjane@gmail.com