Your Privacy Matters
At Weallow HRMS, we are committed to protecting your privacy and ensuring the security of your personal and professional data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our HR management application.
1. Information We Collect
1.1 Personal Information
We collect the following types of personal information:
- Employee Details: Name, employee ID, contact information, address, emergency contacts
- Professional Information: Job title, department, reporting manager, salary details
- Identity Documents: Government-issued ID copies, tax documents (PAN, Aadhaar as per Indian compliance)
- Bank Details: Account information for salary processing
1.2 Attendance and Location Data
- GPS Location: Real-time location during check-in/check-out for attendance verification
- Time Stamps: Work hours, break times, overtime records
- Device Information: Device ID, IP address, operating system details
1.3 Biometric Data (If Enabled)
- Facial Recognition Data: Biometric templates for identity verification
- Fingerprint Data: If integrated with biometric devices
1.4 Usage and Analytics Data
- App usage patterns and feature interactions
- Performance metrics and error logs
- User preferences and settings
2. How We Use Your Information
| Purpose |
Data Used |
Legal Basis |
| Attendance Tracking |
Location, Time stamps, Biometric data |
Legitimate business interest |
| Payroll Processing |
Personal details, Bank information, Attendance records |
Contract fulfillment |
| Leave Management |
Employee details, Leave history, Manager information |
Legitimate business interest |
| Performance Analytics |
Work patterns, Productivity metrics |
Legitimate business interest |
| Compliance Reporting |
Tax information, Statutory deductions |
Legal obligation |
3. Data Sharing and Disclosure
3.1 Within Your Organization
Your data is shared with authorized personnel in your organization based on role-based access controls:
- HR Department: Full access to employee records
- Direct Managers: Access to team member attendance and performance data
- Payroll Team: Access to salary and tax-related information
- Employees: Access to their own data only
3.2 Third-Party Service Providers
We may share data with trusted third parties for:
- Cloud Storage: Secure data hosting and backup
- Payment Processing: Salary disbursement and tax payments
- Analytics Services: App performance and usage analytics
- Support Services: Customer support and technical assistance
3.3 Legal Requirements
We may disclose your information when required by law, including:
- Tax authorities (Income Tax Department, GST authorities)
- Labor law compliance (PF, ESI authorities)
- Court orders or legal proceedings
- Government audits and investigations
4. Data Security Measures
Security Infrastructure
We implement multiple layers of security to protect your data:
4.1 Technical Safeguards
- Encryption: AES-256 encryption for data at rest and TLS 1.3 for data in transit
- Access Controls: Multi-factor authentication and role-based permissions
- Network Security: Firewalls, intrusion detection, and DDoS protection
- Regular Audits: Quarterly security assessments and penetration testing
4.2 Organizational Safeguards
- Employee background checks and security training
- Data access logging and monitoring
- Incident response procedures
- Regular security policy updates
5. Data Retention
We retain your data for the following periods:
- Active Employment: Throughout your employment period
- Post-Employment: 7 years for tax and compliance purposes
- Biometric Data: Deleted within 30 days of employment termination
- Location Data: Retained for 3 years for audit purposes
- Payroll Records: 7 years as per Indian labor laws
6. Your Rights and Choices
6.1 Access and Portability
- View and download your personal data through the app
- Request a copy of your data in a portable format
- Access your attendance and payroll history
6.2 Correction and Updates
- Update your personal information through the self-service portal
- Request correction of inaccurate data
- Update emergency contacts and bank details
6.3 Location Services
- Enable or disable GPS tracking (may affect attendance features)
- Choose location accuracy settings
- View location data collection history
6.4 Biometric Data
- Opt-out of biometric authentication (alternative methods available)
- Request deletion of biometric templates
- Control biometric data sharing settings
7. International Data Transfers
Your data is primarily stored and processed in India. If we transfer data internationally, we ensure:
- Adequate protection through standard contractual clauses
- Compliance with applicable data protection laws
- Notification to users about international transfers
- Implementation of additional security measures
8. Children's Privacy
Weallow HRMS is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from minors. If we become aware that we have collected data from a minor, we will delete it promptly.
9. Cookies and Tracking Technologies
Our app and website use cookies and similar technologies for:
- Essential Cookies: Required for app functionality and security
- Analytics Cookies: To understand app usage and improve performance
- Preference Cookies: To remember your settings and preferences
You can manage cookie preferences through your device settings.
10. Data Breach Notification
In the event of a data breach that may affect your personal information:
- We will notify affected users within 72 hours
- Provide details about the nature and scope of the breach
- Explain the steps we are taking to address the issue
- Offer guidance on protective measures you can take
11. Third-Party Links and Services
Our app may contain links to third-party websites or integrate with external services. This Privacy Policy does not apply to third-party services. We recommend reviewing their privacy policies before providing any personal information.
12. Updates to This Privacy Policy
We may update this Privacy Policy periodically to reflect:
- Changes in our data practices
- New features or services
- Legal or regulatory requirements
- Industry best practices
We will notify users of significant changes through the app or email, with at least 30 days' advance notice.
13. Compliance with Indian Laws
We comply with applicable Indian data protection and privacy laws, including:
- Information Technology Act, 2000 and IT Rules
- Personal Data Protection Bill (when enacted)
- Labor and employment laws
- Tax and financial regulations
Important Note
By using Weallow HRMS, you acknowledge that you have read, understood, and agree to the collection, use, and disclosure of your personal information as described in this Privacy Policy. If you do not agree with any part of this policy, please do not use our services.