HomeTalzim تلزيم

Data Protection

Last updated: June 2026

1. Scope of this notice

This Data Protection notice explains how Talzim handles personal data on behalf of customer organizations and the safeguards we apply. It complements our Privacy Policy and our Compliance Notice. This document is maintained by Talzim and is intended as a plain-language reference; it is not a regulatory certification.

2. Controller and processor roles

  • You (the customer) are the data controller for the company and employee data you upload to your Talzim workspace. You decide which records are uploaded, who is invited, and how long data is kept inside the platform.
  • Talzim acts as the data processor for that workspace data — we store and process it on your instructions to deliver the service.
  • For Talzim account holder data (your own login, profile and billing), Talzim acts as the controller.

3. Security controls in place

Authentication

Email/password and Google sign-in via OAuth. Role-based access enforced server-side.

Tenant isolation

Row-level security ensures workspace data is only visible to active members of that company.

Encryption

TLS in transit; encryption at rest for the database and document storage.

Granular roles

Owner, Administrator, HR, PRO, Payroll and Auditor roles limit who can see or change what.

We apply industry-standard administrative, technical and organizational measures designed to protect personal data against unauthorized access, loss, alteration and disclosure.

4. Subprocessors

We use a small number of vetted subprocessors to operate the service. Categories include:

  • Cloud hosting & database — to run the Talzim application and store workspace data.
  • Object storage — to store uploaded compliance documents.
  • Email delivery (Microsoft Graph) — to send transactional email from info@reliantnexus.com.
  • Authentication — to verify identity for email and Google sign-in.
  • Analytics — anonymized usage measurement to improve the product.

A current list of named subprocessors is available on request from info@reliantnexus.com.

5. Retention and deletion

  • Active workspaces: we retain workspace data for as long as your account is active.
  • Trial workspaces: trial data is retained read-only after trial expiry and is not deleted automatically. You can request export or deletion at any time.
  • Cancelled paid workspaces: data is retained for up to 90 days after cancellation to allow restoration, then deleted on request or routinely purged.
  • Audit logs and invoices: retained as required by applicable law.

6. Your rights

Subject to applicable law, individuals whose personal data is held in Talzim may request to:

  • Access the personal data we hold about them.
  • Correct inaccurate or incomplete data.
  • Receive a copy of their data in a portable format.
  • Restrict or object to certain processing.
  • Request deletion where there is no overriding legal basis to retain the data.

Employees should direct requests first to their employer (the controller). Where Talzim is the controller, send requests to info@reliantnexus.com.

7. International data transfers

Talzim is operated from the United Arab Emirates. Some subprocessors process data outside the UAE. Where this occurs we rely on appropriate safeguards (such as contractual data-protection clauses) consistent with applicable laws including the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021).

8. Contact our data team

For any data-protection question, request or incident notification, email info@reliantnexus.com with the subject line “Data Protection”.

Talzim is managed by AL WASEL ALUMINIUM & GLASS CONT. through Reliant Nexus IT Solutions LLC.
PO Box 29250, Industrial Estate 13, Muhammad Bin Zayed Road (E311), Sharjah, United Arab Emirates
Phone: +971 56 689 4445 · +971 58 276 1313 · Email info@reliantnexus.com