How Byro works

After signing up you land on the welcome wizard. Three steps — all skippable:

1. Add sister companies. If you run a group, add them now. Each gets its own logo, currency and country defaults.
2. Invite teammates. Type their email, pick a role, send. They get a link to set their own password.
3. Load sample data. Optional but recommended — 8 employees + 12 assets so dashboards aren't empty while you explore.

You can re-open the wizard anytime from /welcome.

Byro is multi-company by design. Open /companies (admin only), click New company, fill in:

• Name + code — shown in the topbar switcher.
• Country — sets currency, working week, statutory leave types, payroll fields. Pick from UAE / KSA / Pakistan / UK / US, or Other for generic defaults.
• TRN / VAT number — optional but printed on outgoing POs and invoices.
• Logo — appears on reports and the topbar when this company is active.

Business plan supports up to 5 companies; Enterprise is unlimited.

Two paths:

• One by one. /employees → New employee. Fill in name, code, department, employment type. Bank + document details can be added later from the profile.
• CSV import. Import Employees button on the same page. Upload your CSV; we map columns automatically and show a preview before committing. 500 rows take ~5 seconds.

Bank details are encrypted at rest (AES-256-GCM). HR has read access; employees themselves can update via /portal/me.

New hire? Open /onboarding → New instance → pick the employee + template. The checklist tracks every task — paperwork, system access, asset issue, payroll setup — across HR / IT / Finance.

Each task can be assigned to a different role. The hiring manager sees progress in real time. Auto-emails the new hire when their workspace is ready.

Mirror of onboarding. /offboarding → start instance for the leaver. The checklist covers:

• Asset recovery — list of devices/licences the employee holds, with sign-off per item.
• System deprovisioning — revoke SSO, deactivate Byro login, etc.
• Full & Final calculation — notice pay + leave encashment + gratuity + last-month prorate, auto-computed.
• Exit interview — captured into the audit log.

On completion the employee status flips to EXITED with the exit date stamped.

Admin /leave/types defines what leave types exist (annual, sick, parental, custom). Each type has:

• Default allocation per employee per year.
• Country-aware defaults (e.g. UAE 30 days annual after 1 year of service).
• Whether it counts toward Emiratization quota.

Employees request via /portal/leave. Approvals route to the line manager (default) or HR. Balances auto-adjust on approval. Calendar view shows the whole team's upcoming leave for planning.

For every employee you can upload documents — passport, residence visa, labour card, EID, health card. Each has an expiry date. Byro alerts:

• HR admin (in-app banner + email) at 90 / 60 / 30 days before expiry.
• The employee themselves (email) at 30 days before expiry.
• Group dashboard tile when any document expires in the next 30 days.

Files are stored encrypted at rest. Document numbers are encrypted in the database column too.

Open /assets?domain=IT. Add laptops, monitors, phones, dock — anything you issue to staff. Each asset has:

• Tag — unique alphanumeric label (e.g. ACME-LAP-001).
• Serial / model — captured at purchase.
• Purchase cost + depreciation schedule — book value auto-computed monthly.
• Status — IN_STOCK / ASSIGNED / IN_REPAIR / RETIRED / LOST.

Click Generate QR labels to print stick-on tags. Scan with any phone to view history + reassign.

From an asset detail page click Assign, pick the employee, optionally add a note (e.g. "for new-hire onboarding"). The assignment is timestamped.

To return: from the asset detail or employee profile, click Return. Asset flips back to IN_STOCK; assignment is closed but preserved in history.

The Unreturned assets report flags any asset still ASSIGNED to an employee whose status is OFFBOARDING or EXITED — critical for offboarding sign-off.

/inventory tracks consumables and accessories — USB-C cables, mice, stationery. Each item has current quantity + min level. Add a Stock movement (IN / OUT / ADJUST) to update the count.

Min-level alerts surface on the dashboard when current qty drops below the threshold. Connected to procurement so you can raise a PR for restocking with one click.

/payroll → New run. Pick the month. We pull:

• Each employee's salary structure (basic + allowances).
• Approved leave taken without pay → deduction.
• Salary advances → repayment instalment for this month.
• Bonuses or overtime entered manually.

Net pay is computed per employee. Review the run, approve, post. Payslips auto-email. Bank file generates per country (next sections).

For UAE companies — once a payroll run is POSTED, click Export WPS SIF. We generate a Salary Information File matching MOHRE's format:

• Employer details + bank routing.
• Per-employee row: labour card number, IBAN, net pay, fixed/variable components.

Download and upload to your bank's WPS portal. Compliant out of the box — no agent / consultant required.

For KSA companies. After posting a run, Export GOSI generates the Mudad-compatible file with:

• National ID per employee.
• Employee + employer GOSI contribution split.
• Saudization counted/excluded flag.

Upload to the Mudad portal for that month's filing.

Per UAE Federal Decree-Law 33/2021, end-of-service benefit is:

• First 5 years: 21 days of basic salary per year of service.
• Beyond 5 years: 30 days of basic per year for years 6+.
• Prorated by exact tenure.

The Gratuity liability report shows current liability per employee and group total. Auto-included in F&F settlements on offboarding.

/finance/budgets → New budget. Pick:

• Period — month / quarter / year / custom range.
• Category — IT_HARDWARE, MARKETING, TRAVEL, etc. (full list configurable).
• Department — optional, for departmental budgets.
• Amount + currency.

Every PR or expense in that category/department/period consumes the budget. The budget detail page shows planned vs committed vs spent vs available, refreshed live.

Employees file at /portal/expenses → New claim. Upload receipt (auto-OCR for amount + date), pick category, submit.

Routing: manager approves; finance approves if amount exceeds expenseFinanceThresholdUsd (set per company). Approved claims show on the finance reimbursement dashboard.

Reimbursement is a manual action today (next release: auto-payout via Wise / Stripe).

/procurement → New PR. Specify line items, supplier, currency. Submit for approval. Routing follows the workflow you defined (per-amount thresholds, per-category approvers).

Once APPROVED, the PR becomes a PO you send to the supplier. On goods receipt you mark it RECEIVED — for ASSET items we auto-create asset records; for INVENTORY items we auto-stock-IN.

Each company has a tax code library — default codes (5% UAE, 15% KSA, 20% UK, etc.) plus any custom rates your suppliers use. Every transaction (expense, PR line, payroll) is tagged with a code.

The VAT return summary report totals input + output VAT per code per filing period. Copy directly into FTA / ZATCA / HMRC filing portals.

/reports lists 19 print-friendly reports — asset register, payroll register, headcount, VAT return, audit trail, gratuity liability, cash-flow forecast, and more. Each opens in its own page with:

• Print button — bakes in your company letterhead + viewer watermark (DLP).
• CSV export where applicable (gated on the data:export permission).

Sensitive reports (payroll register, audit trail) require specific permissions to view.

/insights shows actionable items the AI assistant has flagged across your workspace — expiring documents, low-stock items, stale assets, pending approvals over SLA. Each item links directly to the action you need to take.

The same AI is reachable via the command palette (⌘K) for ad-hoc questions. It respects your role + permissions — won't leak data you couldn't already see.

Byro ships with 8 roles: SUPER_ADMIN, ERP_ADMINISTRATOR, COMPANY_ADMIN, IT_MANAGER, HR_MANAGER, FINANCE_MANAGER, LINE_MANAGER, EMPLOYEE. Each has a curated permission set — see /admin/rbac.

You can grant or revoke individual permissions per role via the admin RBAC editor, or apply per-user overrides for one-off cases. Segregation-of-Duties warnings surface when a role/user has conflicting permissions (e.g. PR creator + approver).

Line Managers see only their direct reports — scope is enforced server-side, not just hidden in the UI.

For programmatic access: /admin/api-keys mint keys with scoped permissions. Pass as Authorization: Bearer ak_….

For event subscriptions: /admin/webhooks add endpoint URLs and pick events (PR approved, asset assigned, employee created, leave approved, etc.). Every delivery is HMAC-signed; verify with the secret shown at creation time.

Full API reference: /docs/api. Webhook event catalog: /docs/api/webhooks.

Google Workspace and Microsoft Entra ID supported out of the box. Configure at /admin/sso:

• Pick provider, paste your OAuth Client ID + Secret.
• Set the email domain that should auto-log-in via this provider (e.g. acme.com).
• JIT provisioning creates user accounts on first sign-in with a default role you pick.

SAML coming for Enterprise plan.

/billing — workspace owner only. Shows current plan, next renewal, invoice history, plan-change button, cancel button.

• Upgrade — instant. Stripe handles payment + proration.
• Downgrade — applies at the end of the current billing cycle.
• Cancel — soft-cancel with 90-day data retention. Restore button works within that window.

Refund policy: 30 days on annual plans. Monthly cancels anytime.

Two surfaces:

• Personal (any user): /settings → Privacy & your data → Download JSON. Covers everything Byro holds about you — profile, employee record, leave, expenses, payslips, attendance, audit actions.
• Workspace (owner only): /settings → Workspace data → Request export OR Request deletion. Export emails a download link within 24h. Deletion has a 7-day cool-off with confirmation email.

Full retention policy per data type lives in the privacy policy.