SmartPRO Hub processes sensitive workforce data — salaries, bank details, civil IDs, attendance — for companies operating in the Sultanate of Oman. This section is for the people who need to evaluate that before they trust us with it: buyers, security reviewers, auditors, and government partners.
Security
Authentication, MFA, access control, audit logging, encryption, and headers.
Data Protection
What personal data we hold, how it's minimised, and data-subject requests.
Oman Compliance Coverage
Regulation-by-regulation matrix: Labour Law, WPS, PASI, Omanisation, VAT, e-signatures.
Subprocessors
Third-party services that may process your data, and what each receives.
How to read this section
Every claim here is meant to be verifiable against the product, not aspirational. Where a control is provided by infrastructure rather than the application, or is on the roadmap rather than shipped, we say so explicitly — because a compliance statement you can't stand behind is a liability, not a feature.
| We say | It means |
|---|---|
| "Enforced" | The product applies this automatically; you cannot turn it off. |
| "Supported" | The capability exists; configuration or process is required to use it. |
| "Designed to support" | The product helps you meet an obligation that ultimately rests with you. |
| "Roadmap / infrastructure-level" | Not enforced in the application today — see the note on that page. |
Shared responsibility
SmartPRO secures the platform and provides compliance tooling. You remain the data controller for your employees' data and the party responsible for your own regulatory filings (WPS submission, PASI registration, Omanisation targets, tax). Each compliance page separates "How SmartPRO supports this" from "Your responsibility."