Nexvitech HRMS (the “App”, “Service”, or “Platform”) is a human-resource management system provided by NEXVITECH INDIA PVT LTD (“Nexvitech”, “we”, “us”, or “our”). It is used by employer organisations to manage their workforce — including attendance, leave, payroll, tasks, internal communication, and statutory compliance. This Privacy Policy explains what personal information the App handles and the choices available to you.
The App is intended for use by employees, supervisors, HR personnel, and management of organisations that subscribe to Nexvitech HRMS. In most cases your employer is the data controller (it decides why and how your data is processed) and Nexvitech acts as a data processor on the employer’s behalf. If you have questions about your personal data, you may contact either your employer’s HR team or us using the details at the end of this policy.
- Information we collect
- How we use information
- Legal basis
- Biometric & sensitive data
- How information is shared
- Push notifications
- Third-party services
- Data retention
- Data security
- Your rights & choices
- Account & data deletion
- Children’s privacy
- Data storage & transfers
- Changes to this policy
- Contact us
1. Information we collect
We collect only the information needed to operate the HR functions your employer has enabled. Categories include:
| Category | Examples |
|---|---|
| Identity & profile | Name, employee code, work email, username, designation, department, work location, company, profile photo, and the role assigned to you (employee, supervisor, HR, director). |
| Authentication | Login credentials (passwords are stored only as salted one-way hashes), session and refresh tokens. |
| Attendance | Clock-in / clock-out times, attendance status (present, absent, half-day, leave), supervisor markings, attendance flags, and monthly attendance summaries. |
| Biometric attendance data | Where your employer uses biometric devices, the App receives attendance events (an employee identifier, timestamp, and verification mode). See Section 4. |
| Payroll & statutory | Salary structure and components, earnings and deductions, payable/paid days, net pay, payslips, and statutory identifiers used for compliance (e.g. PF / UAN, ESIC, Professional Tax) where applicable. |
| Leave | Leave requests, balances, types, and approval status. |
| Tasks | Tasks you create or are assigned, descriptions, due dates, statuses, and comments. |
| Messaging & content | Messages, announcements, and any files or images you choose to upload or share within the App. |
| Device & technical | App version, device type and operating system, a push-notification token, IP address, and diagnostic/log data used to keep the Service reliable and secure. |
We do not request access to your contacts, photos library (beyond files you explicitly attach), microphone, or continuous background location. The App does not track your location in the background.
2. How we use information
- To provide core HR functionality: attendance, leave, payroll and payslips, tasks, messaging, announcements, and reporting.
- To authenticate you and keep your account secure.
- To calculate pay and generate payslips, and to support statutory compliance filings on your employer’s behalf.
- To send operational notifications (for example, task assignments, approvals, comments, and payslip availability).
- To maintain, troubleshoot, secure, and improve the Service.
- To comply with applicable laws and respond to lawful requests.
We do not sell your personal information, and we do not use it for advertising or behavioural profiling.
3. Legal basis for processing
Depending on the jurisdiction, we and your employer rely on one or more of the following: performance of your employment relationship; compliance with legal obligations (such as labour, tax, and social-security laws); the legitimate interests of the employer in administering its workforce; and, where required, your consent.
4. Biometric & sensitive data
Some employers use biometric terminals (such as fingerprint or facial-recognition devices) to record attendance. In these deployments:
- Biometric enrolment templates are captured and matched on the physical device. The HRMS Platform generally receives only the resulting attendance event — an employee identifier, the timestamp, and the verification method — not raw fingerprint data.
- Where a deployment captures a verification photo or selfie at punch time, that image is stored solely to confirm and audit attendance and is accessible only to authorised HR/administrative users of your organisation.
- Biometric and other sensitive data are processed strictly for attendance and payroll purposes, retained only as long as necessary, and protected with appropriate safeguards.
The specific biometric configuration is determined by your employer. Please contact your HR team for details of the device(s) in use at your workplace.
5. How information is shared
We share information only as needed to run the Service:
- Your employer — authorised HR, supervisors, and management within your organisation can access information relevant to their role (for example, a supervisor can view their direct team’s attendance and payslips; an employee can view only their own).
- Statutory and government bodies — where your employer is legally required to file or report (for example, provident-fund or social-security authorities), the necessary information is included in those filings.
- Service providers — vetted vendors who host or support the Platform (such as cloud-hosting and push-notification delivery), acting under contract and only on our instructions.
- Legal & safety — when required by law, regulation, legal process, or to protect rights, safety, and the integrity of the Service.
We do not sell or rent personal information to third parties.
6. Push notifications
If you enable notifications, the App registers a push token to deliver operational alerts (e.g. task assignments, approvals, new messages, and payslip availability) through Apple Push Notification service (APNs) and Google/Expo push services. You can turn notifications off at any time in your device settings.
7. Third-party services
The Platform relies on a small number of infrastructure providers, including cloud hosting (Amazon Web Services, located in India) and push-notification delivery (Expo, Apple APNs, and Google FCM). These providers process data only to deliver their specific service and are bound by their own privacy and security obligations.
8. Data retention
We retain personal information for as long as your account is active and as long as needed to provide the Service to your employer. Attendance, payroll, and statutory records are typically retained for the periods required by applicable employment, tax, and social-security laws. When data is no longer required, it is deleted or anonymised. Your employer determines the retention periods that apply to its workforce.
9. Data security
- All traffic between the App and our servers is encrypted in transit using HTTPS/TLS.
- Passwords are stored only as salted one-way hashes; we cannot read your password.
- Access is governed by role-based permissions, so users see only the data appropriate to their role.
- The Platform is hosted on access-controlled infrastructure with regular backups.
No method of transmission or storage is completely secure, but we work to protect your information using industry-standard measures.
10. Your rights & choices
Subject to applicable law, you may have the right to access, correct, update, or request deletion of your personal information, to object to or restrict certain processing, and to obtain a copy of your data. Because your employer is usually the data controller, the quickest route is to contact your organisation’s HR team. You may also contact us using the details below, and we will assist or forward your request to the appropriate controller.
11. Account & data deletion
Accounts in Nexvitech HRMS are created and managed by your employer, so individual accounts cannot be self-deleted from within the App. To request deletion of your account or personal data, please contact your employer’s HR team, or email us at privacy@nexvitech.in with the subject “Data Deletion Request”. We will verify the request with your organisation and action it in accordance with applicable law and the employer’s statutory record-keeping obligations.
12. Children’s privacy
The App is a workplace tool intended for use by employed adults. It is not directed to children and we do not knowingly collect personal information from anyone under the age of 18.
13. Data storage & transfers
Personal data is stored on servers located in India. If information is ever transferred to or accessed from another country, we take steps to ensure it remains protected in line with this policy and applicable law.
14. Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will revise the “Last updated” date above and, where appropriate, provide additional notice. Continued use of the App after an update constitutes acceptance of the revised policy.
15. Contact us
NEXVITECH INDIA PVT LTD
Email: privacy@nexvitech.in
Website: https://hrms.nexvitech.in