Your data, protected.

This Privacy Policy describes how Saptarishi Solutions Pvt. Ltd. ("we", "our", or "the Company") collects, uses, stores, and protects personal data entered into the SRS Employee Self-Service (ESS) portal. This portal is an internal tool operated exclusively for Saptarishi Solutions employees located in Hyderabad, Telangana, India. It is not a public-facing product or service.

By using the SRS ESS portal, employees acknowledge that their data will be handled as described in this policy. Use of the portal constitutes acceptance of these practices.

We collect the following categories of personal data through the SRS ESS portal:

Identity & Employment Data: Full name, employee code, email address, joining date, department, designation, role, manager assignment, employment type (full-time, part-time, intern, contract), and probation end date.

Personal & Demographic Data: Date of birth, gender, blood group, marital status, father and mother name, and residential address including city, state, country, and PIN code.

Contact Information: Personal phone number, alternate phone, secondary email address, and emergency contact name and phone.

Financial & Identity Documents: Aadhaar number, PAN number, bank account number, bank name, and IFSC code. These are collected solely for payroll and statutory compliance purposes.

Attendance & Location Data: Check-in and check-out timestamps, GPS coordinates at time of attendance (for geo-fenced verification), IP address, and attendance photo URL.

Work Activity Data: Daily task logs, project associations, hours spent, on-duty request details, leave requests and types, expense claims with receipt images, and asset assignments.

Security Data: Hashed passwords, two-factor authentication secrets (TOTP), session version numbers, and password reset tokens.

Profile Media: Profile photograph, uploaded receipt images, and asset images where applicable.

Your data is used exclusively for the following internal operational purposes:

Workforce Operations: Managing attendance, leave, on-duty, and regularization processes. Processing expense claims and maintaining audit trails for approvals.

Asset & Resource Management: Tracking company-assigned devices, software subscriptions, and other physical or digital assets allocated to employees.

Performance & Development: Running skill evaluation cycles, recording task completion, and generating reports for performance reviews.

Security & Access Control: Enforcing role-based access control, two-factor authentication, session management, and audit logging to maintain platform security.

HR Administration: Facilitating onboarding, managing employee status transitions, department assignments, and offboarding processes.

Communications: Sending system-generated notifications for approvals, rejections, announcements, and reminders within the portal.

Compliance & Reporting: Generating attendance, expense, leave, and task reports for management review and statutory compliance where applicable.

We do not use your data for advertising, marketing, profiling for commercial purposes, or any purpose not listed above.

We do not sell, rent, or trade your personal data to any third party. Data may be accessed or shared in the following limited circumstances:

Internal Access: Managers can view attendance, task, and leave data for their direct reports. Directors and Admins have broader access within their scope. System Admins have full administrative access to all data for operational and maintenance purposes.

Service Providers: Third-party infrastructure providers (cloud hosting, database services) process data on our behalf under strict data processing agreements. These providers are contractually prohibited from using your data for any purpose other than providing the service.

Legal Requirements: We may disclose data if required by applicable Indian law, court order, or regulatory authority. We will notify affected employees to the extent permitted by law.

Business Transfers: In the event of a merger, acquisition, or restructuring, employee data may be transferred to the successor entity, which will be bound by equivalent privacy protections.

We implement technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure:

Passwords are hashed using industry-standard algorithms and are never stored in plain text. Session tokens are versioned and invalidated on password change or admin reset.

Two-factor authentication (TOTP) is enforced by default for all accounts, providing an additional layer of protection beyond passwords.

Attendance location data is captured at the point of check-in and is not tracked continuously. The geo-fence radius is set by administrators and verified server-side only at the time of punch.

Access to sensitive data fields (Aadhaar, PAN, bank details) is restricted by role. Only System Admins and designated HR personnel have access to financial identity data.

All data in transit is encrypted using TLS. Database access is restricted to internal systems and authenticated service connections only.

Despite these measures, no system can guarantee absolute security. Employees are responsible for maintaining the confidentiality of their credentials and for reporting suspected unauthorised access promptly.

We retain personal data for as long as necessary to fulfill the purposes described in this policy:

Active employment data is retained for the duration of employment plus an additional 7 years in accordance with Indian labour law and tax compliance requirements.

Attendance and leave records are retained for a minimum of 3 years from the date of creation.

Expense claims and receipts are retained for a minimum of 7 years for financial audit compliance.

Security logs, session records, and password reset tokens are retained for 12 months and then purged.

Profile photographs and uploaded documents are retained for the duration of employment. Employees may request removal of such media post-employment by contacting the system administrator.

When an employee's account is moved to TERMINATED or DEACTIVATED status, their data is preserved in a read-only state for the applicable retention period and then deleted or anonymised.

As an employee using the SRS ESS portal, you have the following rights with respect to your personal data:

Right to Access: You may request a summary of personal data held about you by contacting hr@saptarishi.tech.

Right to Correction: If any information in your profile is inaccurate, you may update it directly through the portal's profile section or request a correction via the HR team.

Right to Deletion: Upon the end of your employment, you may request deletion of data not required for legal compliance. Requests are subject to applicable retention obligations.

Right to Portability: You may request a structured copy of your personal data in a machine-readable format. Contact it@saptarishi.tech to make this request.

Right to Object: You may raise concerns about how your data is being used by contacting system.admin@saptarishi.tech. We will respond within 14 business days.

To exercise any of these rights, please contact the HR or IT team through the details listed on the Contact page.

The SRS ESS portal uses strictly necessary cookies and session storage to maintain authenticated sessions and system preferences. No third-party tracking cookies, advertising pixels, or analytics scripts are used.

Session cookies are stored in your browser for the duration of your session and are invalidated on logout. The maintenance mode flag is stored as a short-lived cookie and contains no personal data.

LocalStorage is used solely to remember the last login email if you opt in to "Remember Me" on the login page. This data is stored only on your device and is never transmitted to our servers.

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or platform features. When material changes are made, we will update the "Last Updated" date shown at the top of this page and may issue an in-portal announcement.

Continued use of the SRS ESS portal following the posting of changes constitutes acceptance of the revised policy. We encourage employees to review this page periodically.