Employee HQ
Employee HQ
Log in

Privacy Policy

Last Updated: May 6, 2026

1. Overview

This Privacy Policy explains how Nimiti LLC, operating Employee HQ (“EHQ,” “we,” “us,” or “our”), collects, uses, shares, and protects personal information when people use our website, manager portal, mobile application, and related services (collectively, the “Service”).

Employee HQ is generally provided to organizations for use by their managers, administrators, and employees. In many cases, your organization controls your account and decides what information is submitted to the Service. If you are an employee user, your organization is usually your first point of contact for account or workplace-related privacy questions.

Where Employee HQ offers affiliate participation, the same account may also be used for affiliate opt-in on the website. Affiliate profile records, referral codes, and payout setup are created only when the user explicitly chooses to participate.

2. Information We Collect

2.1 Account and profile information

  • name;
  • email address;
  • phone number;
  • employee ID or other internal identifier, if provided by the organization;
  • organization, location, department, shift, and role information;
  • profile photo or directory photo, if uploaded.

2.2 Affiliate program information

  • affiliate enrollment status and related timestamps;
  • reserved referral code and referral attribution records;
  • affiliate tax and payout setup information submitted by the user;
  • commission, payout, and setup-review history associated with affiliate participation.

2.3 Organization and employment-related information

  • reporting relationships;
  • onboarding or employment status information;
  • schedules, overtime signups, voluntary time off selections, and time-off requests;
  • emergency time balances and related documents;
  • score records, score PDFs, kudos activity, and kudos shop activity;
  • announcements, acknowledgements, and document access history;
  • leadership directory entries and similar workplace records uploaded by administrators.

2.4 Communications information

  • support requests and related correspondence;
  • email verification, password reset, billing, and other service-related communications;
  • records associated with organization-managed communications and notices delivered through the Service.

2.5 Technical and usage information

  • device type, operating system, browser type, app version, and related connection or session metadata generated when the Service is used;
  • diagnostics, error, performance, and security information generated by the Service or our infrastructure;
  • page views, screen views, feature/module usage, and coarse workflow interaction events generated when users move through the Service;
  • authentication records and fraud or abuse monitoring signals.

2.6 Website analytics and similar technologies

  • on website and portal surfaces, we may use analytics tools and similar browser technologies, including local storage or comparable client-side mechanisms, to understand usage of pages, portal entry points, signup and onboarding flows, billing and support workflows, and help or tutorial content;
  • these analytics implementations are designed to use coarse event data and technical metadata rather than direct identifiers or free-form content;
  • we do not intend to send names, email addresses, phone numbers, support message text, document titles, announcement text, or similar free-form content in analytics events;
  • depending on deployment configuration and browser behavior, website analytics may honor browser privacy signals or analytics consent settings where supported.

2.7 Information from third parties

We may receive information from service providers and integrations used to operate the Service, such as authentication, hosting, storage, email delivery, payment, analytics, and support providers.

3. How We Use Information

  • provide, maintain, and improve the Service;
  • authenticate users and secure accounts;
  • provision access based on organization, location, and role;
  • operate the modules and workflows requested by organizations;
  • support affiliate opt-in, referral attribution, commission tracking, setup review, and payout administration;
  • send service-related notices, verification messages, billing reminders, and operational communications;
  • prevent fraud, abuse, unauthorized access, and other harmful activity;
  • analyze usage trends, feature adoption, and workflow completion to maintain and improve the Service;
  • troubleshoot errors, monitor performance, and support users;
  • comply with legal obligations and enforce our agreements.

We do not sell personal information.

4. How We Share Information

  • with your organization and its authorized administrators so they can manage users, locations, schedules, records, and workplace operations;
  • with service providers that support authentication, hosting, storage, email delivery, payment processing, analytics, customer support, and, where used for the affiliate program, payout administration or setup review;
  • with legal or regulatory authorities when required by law or to protect rights, safety, and security;
  • in connection with a business transfer, subject to appropriate confidentiality protections;
  • with your direction or consent.

5. Service Providers

Employee HQ uses third-party providers to operate the Service. These may include providers for cloud hosting, authentication, storage, email delivery, analytics, payment processing, and support. We require service providers to use personal information only for providing services to us, subject to appropriate contractual restrictions.

6. Retention

We retain information for as long as reasonably necessary for the purposes described in this Policy, including to provide the Service, comply with legal obligations, resolve disputes, enforce agreements, and support legitimate business needs.

  • active account information is retained while the organization uses the Service;
  • deactivated employee accounts are generally retained for up to 30 days to support reactivation and administrative review;
  • affiliate referral, commission, payout, tax, and audit records may be retained longer when needed for financial reporting, fraud review, payout administration, or legal compliance;
  • some records, such as audit, reporting, support, or transactional history, may be retained longer where needed for security, compliance, or operational purposes.

7. Security

We use reasonable technical, administrative, and organizational safeguards designed to protect personal information. These measures may include authentication controls, role-based permissions, server-side authorization, security rules, logging, and vendor-managed infrastructure protections.

No method of transmission or storage is completely secure. You should use strong credentials, protect your devices, and report suspected unauthorized access promptly.

8. Your Choices

  • update certain profile details in the Service;
  • choose whether to opt into affiliate participation;
  • request corrections through your organization's administrator;
  • request account closure or deletion, subject to organization control and applicable retention requirements;
  • manage browser or device privacy settings, including supported browser privacy signals and storage controls, which may limit website analytics functionality where applicable;
  • manage device, browser, or app permissions you grant to the Service where available.

If your organization controls your account, some requests must be made through that organization.

9. Children's Privacy

The Service is intended for workplace use by adults and is not directed to children under 18. We do not knowingly collect personal information directly from children under 18 for consumer use of the Service.

10. International and Regional Use

Employee HQ is operated from and primarily intended for use in the United States. If information is processed in other jurisdictions through our service providers, we take reasonable steps to protect it consistent with this Policy and applicable law.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the “Last Updated” date and may provide additional notice where appropriate. Continued use of the Service after the updated policy takes effect means the updated policy applies.

12. Contact

For platform privacy questions, use the contact form at /contact-us. For account or workplace-specific privacy questions, contact your organization's administrator first.