Privacy Policy App
Nebero ERP mobile application
| Published by | Nebero Systems Private Limited |
| Effective Date | 2 April 2026 |
| Last Updated | 2 April 2026 |
This Privacy Policy explains how the Nebero ERP mobile application collects, uses, transmits, and protects information when used by authorized users of organizations that have deployed Odoo ERP together with the Nebero HRMS module.
Nebero ERP is a business application published by Nebero Systems Private Limited. It is designed to function as a mobile client for Odoo ERP implementations where the Nebero HRMS module has been developed and deployed.
The application uses a QR code-based login mechanism. No direct login is available within the application, and no self-registration is permitted.
1. Scope and Purpose
Nebero ERP is intended for use by employees, staff members, contractors, or other authorized users of an organization that has implemented Odoo ERP together with the Nebero HRMS module.
The application enables authorized users to mark attendance remotely, review previous attendance information made available through the connected ERP environment, and send geolocation data to the ERP for attendance-related workflows.
For these functions, the application uses location permission to obtain the user's current location when attendance is marked and camera permission to scan the QR code required for login and connection.
The application is not intended for general public onboarding, consumer self-service registration, or independent use outside an authorized Odoo ERP deployment.
2. Who Controls the Data
The end-client organization using the ERP deployment generally determines the purpose for which employee and attendance data is processed. In many cases, that organization will act as the primary controller of personal data handled through the application.
Nebero Systems Private Limited acts as the application publisher and may also act as the software developer, implementation partner, service provider, or support provider, depending on the contractual arrangement with the end-client.
Where the ERP system is hosted on the end-client's own servers or infrastructure, the end-client retains direct control over the storage and administration of the data. Where the ERP system is cloud-hosted, hosting and storage may be managed on infrastructure selected or approved by the end-client.
3. Information Processed Through the Application
The application may process user identity and organization-related information that already exists in the connected Odoo ERP system, such as name, employee identifier, official email address, department, role, or access permissions.
The application may process attendance-related information, including check-in records, check-out records, timestamps, attendance status, and historical attendance details made available by the connected ERP implementation.
The application collects geolocation information at the time attendance is marked and sends that location information to the connected ERP system for attendance verification, audit, workforce administration, or related HRMS purposes as configured by the end-client organization. The location permission used by the application is required to obtain the current location of the authorized user for attendance-related workflows.
The application also processes limited technical and authentication-related information required to establish a secure connection to the authorized ERP environment, such as server endpoint details, organization-specific connection details, session data, and authentication tokens.
The application uses a QR code-based login mechanism to connect the mobile application with the authorized Odoo ERP environment. No direct username-password login is available within the application.
The camera permission used by the application is required solely to scan the QR code used for login and connection to the authorized Odoo ERP environment. The application does not provide direct login and does not use camera access for unrelated purposes.
4. Information Not Collected or Not Enabled in the App
The application does not provide public sign-up or self-service user registration.
The application does not offer a direct standalone login interface for general end users; access is enabled through the QR code-based login process associated with the connected ERP deployment.
User creation, access provisioning, activation, deactivation, and permission management are handled by authorized administrators through the Odoo administrative interface.
As designed, the application does not store business data locally on the mobile device for ongoing offline retention.
The application does not request camera or location permissions for unrelated purposes. Camera permission is used only for QR scanning, and location permission is used only for obtaining the user's current location for attendance-related workflows.
The application is not intended to collect personal information unrelated to attendance and connected HRMS workflows.
5. How the Information Is Used
Information processed through Nebero ERP may be used to authenticate and connect the application to the relevant ERP environment using the QR code-based login process.
It may also be used to record attendance events, display prior attendance records to authorized users, transmit geolocation information at the time of attendance activity, use location permission to obtain the user's current location for attendance-related workflows, use camera permission to scan the QR code required for login, support HRMS workflows, enable auditability, and help the end-client organization administer its workforce operations.
6. How Information Is Shared
Information submitted through the application is transmitted to the Odoo ERP environment associated with the user's organization.
Depending on the deployment arrangement, data may be accessible to the end-client organization, its authorized administrators, human resources personnel, system administrators, hosting providers, infrastructure providers, or Nebero Systems Private Limited to the extent reasonably necessary for implementation, support, maintenance, troubleshooting, or contractual service delivery.
Nebero Systems Private Limited does not sell personal information processed through the application.
7. Hosting and Deployment Models
The connected Odoo ERP environment may be deployed in a cloud-hosted model or in an on-premises model, depending on the preference of the end-client organization.
Accordingly, data transmitted through the application may be stored on servers, infrastructure, or systems selected, controlled, or approved by the end-client organization.
Users who require specific information about storage location, backup arrangements, retention, or internal access controls should contact their employer, ERP administrator, or the relevant end-client organization.
8. Local Device Storage
Nebero ERP is designed so that user business data is not stored locally within the application as a persistent business data store.
Any temporary processing necessary for session handling, secure communication, or application functionality occurs only as required for the live operation of the application and its communication with the ERP backend.
9. Security
Nebero Systems Private Limited takes reasonable technical and organizational measures to support the secure operation of the application and its communication with the connected ERP environment.
However, no method of electronic transmission, mobile communication, or storage is completely secure. Overall protection of the system also depends on the configuration of the Odoo ERP instance, the security of the hosting environment, device security practices, and the administrative controls maintained by the end-client organization.
Users should protect their authorized access methods, use trusted devices, and report suspected misuse to their organization or ERP administrator.
10. Data Retention
The mobile application itself is not intended to retain business data locally.
Retention of attendance information, geolocation records, user information, and administrative records is governed by the connected Odoo ERP deployment and the policies, legal obligations, and operational requirements of the end-client organization.
11. User Access and Administrative Control
Access to Nebero ERP is controlled through the end-client's Odoo administrative interface together with the application's QR code-based login process.
Users cannot self-register. Access may be granted, restricted, or revoked by the authorized administrators of the end-client organization, and all account permissions remain subject to the ERP configuration used by that organization.
Requests relating to correction, access, deletion, deactivation, or restriction of data should normally be directed first to the employer, ERP administrator, or relevant end-client organization.
12. Legal Basis and Organizational Responsibility
The application is intended for use only by persons authorized by the organization operating the connected Odoo ERP and Nebero HRMS deployment.
Attendance and geolocation processing may be carried out on the basis of employment administration, legitimate business requirements, compliance with workplace policies, contractual necessity, or user consent where required under applicable law.
Each end-client organization is responsible for ensuring that its deployment and use of attendance, geolocation, and HRMS functionality complies with applicable employment laws, privacy laws, and data protection requirements.
13. Children's Privacy
Nebero ERP is an enterprise and workforce-management application and is not intended for children. It is not designed for consumer use by minors.
14. International Data Transfers
Where hosting, support, administration, or infrastructure arrangements involve processing across jurisdictions, data may be transferred to and processed in locations outside the user's immediate jurisdiction, subject to the deployment model selected by the end-client organization and applicable legal requirements.
15. Changes to This Privacy Policy
Nebero Systems Private Limited may revise this Privacy Policy from time to time to reflect legal, technical, operational, or product-related changes.
The updated version may be published with a revised effective date. Continued use of the application after such revision will be treated as acknowledgment of the updated policy, subject to applicable law.
16. Contact Information
| Company | Nebero Systems Private Limited |
| Address | Plot 691, Sector 82, Industrial Area, SAS Nagar, Mohali, Punjab, India. Pin -140308 |
| info@nebero.com | |
| Website | www.nebero.com |
17. Short Disclosure Summary
Nebero ERP is an enterprise mobile application developed by Nebero Systems Private Limited for organizations using Odoo ERP together with the Nebero HRMS module. The application allows authorized users to mark attendance remotely, view previous attendance records, and send geolocation data to the connected ERP system for attendance-related purposes. Camera permission is used only to scan the QR code required for login, and location permission is used only to obtain the user's current location for attendance-related workflows. The application uses a QR code-based login mechanism, no direct login is available, no self-registration is permitted, user management is controlled through the Odoo administrative interface, and business data is not stored locally on the device.