Privacy Policy

1. Introduction

Welcome to HRSaathi (the "Platform"), operated by Skysoft IT Services Pvt. Ltd. ("we," "us," or "our"), a CMMI Level 3 and ISO 27001:2013 certified company. This Privacy Policy explains how we collect, use, disclose, process, and safeguard your information when you use our Platform, including both the HRSaathi web platform and mobile application.

This Privacy Policy is designed to help you understand:

• What personal information do we collect
• How do we use your information
• How do we share your information
• How do we protect your information
• Your rights regarding your information
• How to contact us with questions

By accessing or using HRSaathi, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. If you do not agree with our practices, please do not use the Platform.

2. Information We Collect

We collect the following types of information:

2.1 Personal Information

• Identity Information: Full name, email address, phone number, job title, company details, profile photos
• Authentication Information: Login credentials (username and password)
• Government-issued Identification: For verification purposes, where required by law or for specific functionality
• Financial Information: Bank account details, tax identification numbers (for payroll processing)

2.2 Employee and HR Data

• Employment Records: Name, contact details, department, position, employment history, education, skills
• Attendance Data: Clock-in/out times, work hours, shift schedules, overtime records
• Leave Management Data: Applied leaves, approvals, leave balances, leave history
• Payroll Information: Salary details, tax information, allowances, deductions
• Performance Data: Evaluations, feedback, goals, achievements

2.3 Location Data

• Precise Location: GPS-based location when using geo-attendance features (with your permission)
• Approximate Location: General location based on IP address or network information

2.4 Media and Files

• Photos and Videos: Profile pictures, uploaded documents, scanned records
• Audio Files: Voice recordings, audio notes, music files, and other audio content
• Documents and Files: PDF files, spreadsheets, presentations, and other uploaded documents

2.5 Usage and Technical Data

• Device Information: IP address, browser type, operating system, device model, unique device identifiers
• Activity Data: Login timestamps, session duration, feature usage, actions performed
• Cookies and Tracking Technologies: Cookies, web beacons, pixels, and similar technologies
• Log Data: Error reports, performance data, system activity, hardware settings

2.6 Communication Data

• Messages: Emails, in-app messages, support requests
• Notifications: Information about notifications sent via WhatsApp, email, or SMS
• Feedback: Surveys, suggestions, reported issues

3. How We Collect Information

3.1 Direct Collection

• Information you provide when registering an account
• Data entered while using the Platform's features
• Information submitted through forms, uploads, or communications

3.2 Automated Collection

• Cookies and similar tracking technologies
• Server logs and analytics tools
• Mobile device permissions (when granted)

3.3 Third-Party Sources

• Information from your employer (if HRSaathi is provided by your organization)
• Integration with other HR systems or applications (with proper authorization)
• Public sources, where permitted by law

4. Data Security

We implement industry-standard security measures to protect your information:

4.1 Technical Safeguards

• Encryption: Data is encrypted during transmission (TLS/SSL) and at rest
• Access Controls: Strict access controls and authentication mechanisms
• Network Security: Firewalls, intrusion detection, and prevention systems
• Regular Security Testing: Vulnerability assessments and penetration testing

4.2 Organizational Measures

• Employee Training: Regular security awareness training for all staff
• Access Limitations: Access to personal data is limited to authorized personnel
• Security Policies: Comprehensive information security policies and procedures
• Regular Audits: Periodic security audits to ensure compliance with ISO 27001:2013 standards

5. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

• Access and Portability: Request access to the personal information we hold about you and receive a copy in a structured, commonly used, and machine-readable format
• Correction and Update: Correct inaccurate or incomplete personal information and update your personal details when they change
• Deletion and Restriction: Request deletion of your personal data (subject to legal obligations) or restriction of processing in certain circumstances
• Objection and Withdrawal of Consent: Object to processing based on legitimate interests or withdraw consent previously given for specific processing activities

To exercise these rights, please contact us using the information provided in our contact section. We will respond to your request within the timeframe required by applicable law.

6. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at: