Privacy Policy

Quick Summary

• We process HR data for core functions like onboarding, attendance, payroll, leave, and performance.
• We do not sell personal information.
• Most privacy requests should be routed via your employer/admin; we assist them in responding.

Data We Collect

Information you or your employer provide

• Identifiers & contact: name, employee ID, email, phone, work location.
• Employment: role, department, manager, start/end dates, shifts, leave balances.
• Payroll/benefits: compensation, deductions, tax IDs (e.g., PAN; Aadhaar if required by law/policy), bank details.
• Performance & HR records: goals, reviews, training, assets issued, disciplinary notes (if used).
• Support: messages and attachments sent to our support channels.

Information we collect automatically

• Usage and logs: pages used, timestamps, IP address, device/browser info, crash/error logs.
• Attendance data (if enabled): clock-in/out events, geolocation or network info for verification.
• Biometrics (if enabled): fingerprint/face templates for authentication/attendance—not raw images where feasible.

How We Use Data

• Provide and operate the HRMS (onboarding, directory, shifts, leave, payroll, payslips).
• Secure the Service (access control, fraud/abuse prevention, incident response).
• Comply with legal and payroll/tax obligations.
• Support and communicate about the Service (alerts, updates, support replies).
• Improve the HRMS via analytics and troubleshooting; where possible we use aggregated or de-identified data.

Legal bases (examples): contract, legitimate interests (to run a secure HRMS), legal obligation (tax/payroll), and consent for optional features (e.g., certain biometrics or marketing emails outside the HRMS).

Sharing & Disclosure

• Service providers: hosting, email/SMS, payroll processors, analytics, background checks (if enabled). Contracts include data protection terms.
• Within your organization: HR/admins/managers based on access controls you configure.
• Legal and safety: where required by law or to protect rights and safety.
• Business transfers: in a merger or acquisition with appropriate safeguards.

We do not sell personal information.

Cookies & Similar Technologies

We use essential cookies for login and security, functional cookies for preferences, and limited analytics to improve the HRMS. Where required by law, we provide a consent banner and granular choices.

Security

• Encryption in transit and at rest (primary storage).
• Role-based access control, SSO/MFA options, logging and monitoring.
• Regular backups and disaster recovery procedures.

No method of transmission or storage is 100% secure. We maintain incident response processes and will notify customers and/or individuals as required by law.

Data Retention

We retain HRMS data for the duration of the customer contract and delete or return it within [set your window, e.g., 30–90 days] after termination, unless longer retention is required by law or your administrator instructs otherwise. Specific categories (e.g., payroll/tax records, access logs, biometrics) may have different retention periods set by policy or law.

Your Rights

Depending on your location, you may have rights to access, correct, delete, restrict, or port your data, and to object to certain processing. Most requests should be directed to your employer’s HR/admin (the controller). We support our customers in fulfilling requests.

India Notice (DPDP Act, 2023)

• We process personal data under lawful bases (e.g., consent or legitimate uses) and follow applicable rules/notifications.
• Where Aadhaar is used, we avoid storing full numbers where feasible; if required, we apply masking and strict access controls.
• Contact our Grievance Officer at admin@elevhr.in. We will acknowledge complaints within [e.g., 7] working days and aim to resolve within [e.g., 30] days.

Contact