Zaffre HRM is an all-in-one HR and operations software platform by Zaffre Tech. It unifies HR, payroll, attendance, leave, remote-work monitoring, procurement, petty cash, project management, helpdesk and secure client communication in one connected system. Its standout feature is a dual payroll engine that runs local (PKR) and remittance (foreign currency) salaries in a single payroll run.

Who is Zaffre HRM for?

Small businesses, startups and growing companies of 5 to a few hundred employees — particularly those that have outgrown spreadsheets and disconnected SaaS tools. Strong fit for Pakistan-based companies and any team paying employees in multiple currencies.

What makes Zaffre HRM different from other HR and HCM platforms?

Most HR platforms cover HR and payroll well but leave operations (procurement, petty cash, projects, helpdesk, remote monitoring, client communication) to other tools. Zaffre HRM includes those natively and links every module together — a leave approval updates attendance and payroll, an employee exit triggers asset recovery and final settlement, and a client onboarding flows into billing. It also has a market-unique dual payroll engine.

Does Zaffre HRM support payroll in multiple currencies?

Yes. The dual payroll engine runs local-currency (PKR) salaries and remittance-currency (foreign) salaries together in a single payroll cycle — this is the platform's signature feature and is rare in the market.

Does Zaffre HRM include remote employee monitoring?

Yes, natively. A Tauri-based desktop agent captures login/logout, active hours, application and website usage, and periodic screenshots, and powers productivity-based attendance. It is not a third-party add-on.

Does Zaffre HRM have a mobile app?

Yes — a companion mobile app (Expo / React Native) for attendance, leave, payslips, chat and approvals, with real-time push notifications via FCM.

How is Zaffre HRM priced?

Transparent per-employee, per-module monthly pricing. Modules can be turned on or off per company. Designed to be cheaper in aggregate than the 6+ tools it replaces.

Where is Zaffre HRM based?

Zaffre Tech, the company behind Zaffre HRM, is headquartered in Pakistan and serves customers globally — with strong adoption in Pakistan, UAE and Saudi Arabia.

Is Biometric Attendance Legal in Pakistan? 2026 Guide

Yes, biometric attendance — fingerprint, face recognition, iris — is legal in Pakistan when implemented with appropriate consent, data handling and storage practices. There is no blanket prohibition. But "legal" does not mean "do whatever you want" — the legal framework around personal data and employee rights matters. Here is the honest, complete answer.

The legal framework

The Constitution

Article 14 protects the dignity of the individual and (subject to law) privacy of the home. This is read by courts as supporting a right to personal privacy in general.

The Personal Data Protection Bill / Act

Pakistan has been working on personal data protection legislation. The Personal Data Protection Act framework, when fully enacted, will set out:

What constitutes "personal data" (biometric data is included)
Consent requirements before collection
Purpose limitation (data collected for X cannot be used for Y)
Storage and retention limits
Data subject rights (access, correction, deletion)
Cross-border transfer restrictions

Until enacted, principles are still respected by responsible employers and courts.

Industrial & Commercial Employment Ordinance

Defines the employer-employee relationship and the rules around terms of service. Within these rules, employers can require attendance tracking — including biometric — as part of the employment contract.

The 6 conditions for legitimate biometric attendance

1. Informed consent

Employees must be informed in writing that biometric attendance is part of the employment terms, what data is collected, how it is used, how long it is stored, and who has access. Signed at the start of employment.

2. Legitimate purpose

Attendance tracking is a legitimate business purpose. Surveillance disguised as attendance is not. Keep the purpose clean: attendance, payroll, compliance — not "monitor everything they do."

3. Data minimisation

Collect only what is needed. Store face embeddings, not raw photos. Do not collect data unrelated to attendance (no location tracking outside work hours, no app usage outside work).

4. Secure storage

Encrypted at rest. Access restricted by RBAC. Audit trail on every access. No third-party sharing without separate consent.

5. Retention limits

Define how long biometric data is kept. Typical practice: while employed + a reasonable post-employment period (90 days?) for dispute resolution, then deletion.

6. Employee rights

Employees can request to see what data is held. They can request correction. On exit, they can request deletion (subject to compliance retention).

What is NOT legitimate

Continuous webcam monitoring
Keystroke logging (content of what is typed)
Location tracking outside work hours
Sharing biometric data with third parties without consent
Storing raw face photos instead of embeddings (unnecessary, creates a target for breach)
Using biometric data for purposes outside attendance (e.g., access control to non-work areas without separate consent)

Face recognition specifically

Face recognition is legal in Pakistan under the same framework. Best practice:

Store face embeddings (numerical vectors), not photos
Embeddings cannot be reverse-engineered to a usable picture
Use liveness detection to prevent spoofing (also reduces ability to "reuse" face data)
Encrypt at rest, restrict access
Define retention and deletion

See: face recognition explained.

The employee handbook clause

Your handbook should include a clause covering:

Biometric attendance is part of the employment
What data is collected (face / fingerprint / etc.)
What it is used for (attendance, payroll, compliance)
How it is stored and protected
Who has access (HR, IT in audit role)
Retention period
Employee rights to access / correction
Deletion on exit (with reasonable retention for compliance)

Employee signs the handbook on joining. This is the consent record.

What courts have said

Pakistani courts have not blanket-prohibited biometric attendance. Cases that have come up generally pivot on whether consent was informed, whether the purpose was legitimate, whether data was misused. Get the framework right and biometric attendance is on solid ground.

The Zaffre HRM fit

Zaffre HRM implements face recognition attendance using embeddings (not raw photos), encrypted storage, RBAC-restricted access, configurable retention, and audit trail on access. Employees see their own enrolment data; deletion on exit is supported. Book a demo to see the security and compliance posture.

Caveat

This article is a general guide, not legal advice. Personal data protection legislation in Pakistan is evolving. Consult a qualified lawyer for specific cases or before deploying biometric attendance for a sensitive workforce.

Is Biometric Attendance Legal in Pakistan? Honest Answer