Legal Document

Privacy Policy

We are committed to protecting your personal information and your right to privacy. This policy explains how PinHR collects, uses, and safeguards your data.

✓ Last Updated: July 1, 2025 Effective Date: January 1, 2024
Table of Contents
Information We Collect How We Use Your Info Data Sharing Data Security Data Retention Your Rights Cookies Policy Third-Party Links Children's Privacy Policy Changes Contact Us
Questions about this policy? Email us at privacy@pinhr.in
Plain-language summary: PinHR collects only the data needed to run payroll and HR services. We never sell your data. We use industry-standard encryption and security practices. You can request deletion of your data at any time.

1 Information We Collect

We collect information you provide directly, information generated through your use of our platform, and in some cases, information from third-party sources. The categories include:

  • Account Information: Name, email address, phone number, company name, designation, and password when you register for PinHR.
  • Employee Data: Personal details, bank account information, PAN, Aadhaar, salary structure, leave records, attendance data, and other HR-related information uploaded by your organization.
  • Usage Data: Log files, IP addresses, browser type, pages visited, session duration, and other analytics to improve our service.
  • Device Information: Device type, operating system, and unique device identifiers when accessing our mobile or web application.
  • Payment Information: Billing details and transaction history, processed securely through PCI-compliant payment gateways. We do not store full card numbers.
  • Communications: Messages, support tickets, and emails sent to our team are stored to provide customer support.

2 How We Use Your Information

PinHR uses collected information for legitimate business purposes only:

  • To provide, operate, and maintain the PinHR platform and its features
  • To process payroll, generate payslips, and facilitate statutory compliance filings
  • To send transactional emails like login alerts, payslip notifications, and system alerts
  • To provide customer support and respond to your inquiries
  • To detect, prevent, and address fraud, abuse, and security incidents
  • To analyze usage patterns and improve product features and performance
  • To comply with legal obligations, including tax authority requirements
  • To send product updates and marketing communications (with your consent)
We will never use your employee data for advertising, profiling, or sell it to data brokers under any circumstances.

3 Data Sharing & Disclosure

We do not sell, trade, or rent your personal data to third parties. We may share data only in the following limited circumstances:

  • Service Providers: Trusted vendors who assist in operating our platform (cloud hosting, email delivery, analytics) under strict data processing agreements.
  • Legal Compliance: When required by law, court order, or government authority (e.g., income tax department requests).
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.
  • With Your Consent: Any other sharing will only occur with your explicit written consent.

4 Data Security

We implement comprehensive technical and organizational measures to protect your data:

  • AES-256 encryption for data at rest and TLS 1.3 for data in transit
  • Role-based access control (RBAC) ensuring staff access only what they need
  • Multi-factor authentication (MFA) for all administrative accounts
  • Regular third-party security audits and penetration testing
  • Automated threat detection and intrusion prevention systems
  • 99.9% uptime SLA with geo-redundant data backups

Despite our best efforts, no method of transmission over the internet is 100% secure. We encourage you to use strong passwords and report any suspicious activity immediately.

5 Data Retention

We retain your data only for as long as necessary to fulfill the purposes outlined in this policy:

  • Active account data is retained for the duration of your subscription
  • Payroll and statutory records are retained for 7 years as required by Indian tax laws
  • Upon account termination, personal data is deleted within 90 days
  • Anonymized, aggregated analytics data may be retained indefinitely
  • Backup copies may persist for up to 30 additional days post-deletion

6 Your Rights

As a PinHR user or data subject, you have the following rights under applicable data protection laws:

  • Right to Access: Request a copy of all personal data we hold about you
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing for marketing or profiling purposes
  • Right to Withdraw Consent: Withdraw consent for optional data processing at any time

To exercise any of these rights, email privacy@pinhr.in. We will respond within 30 days.

7 Cookies Policy

PinHR uses cookies and similar tracking technologies to enhance your experience:

  • Essential Cookies: Required for the platform to function (authentication, session management). Cannot be disabled.
  • Analytics Cookies: Help us understand how users interact with our platform (Google Analytics, Hotjar). You may opt out.
  • Preference Cookies: Remember your settings and preferences for future visits.
  • Marketing Cookies: Used to show relevant ads on third-party platforms. Only set with your consent.

You can manage cookie preferences through your browser settings or our cookie consent banner. Disabling essential cookies may affect platform functionality.

8 Third-Party Links

Our platform may contain links to third-party websites, integrations, or services. We are not responsible for the privacy practices of those sites. We encourage you to review the privacy policies of any third-party service you access through PinHR. Our current integration partners include payment gateways, accounting tools, and biometric device manufacturers, each governed by their own privacy frameworks.

9 Children's Privacy

PinHR is a B2B platform intended for use by businesses and organizations. Our services are not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected data from a minor, please contact us immediately at privacy@pinhr.in and we will delete it promptly.

10 Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this page
  • Send an email notification to registered account administrators
  • Display a prominent banner within the PinHR platform for 30 days

Continued use of PinHR after such changes constitutes your acceptance of the updated policy.

11 Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please reach out to our Data Protection Officer:

PinHR Data Protection Officer
📧 privacy@pinhr.in
📞 +91 7978 516 069
📍 PinHR., Bhubaneswar, Odisha – 751024, India
🌐 www.pinhr.in