Privacy Policy for IW Nexus HRMS

Effective Date: January 1, 2025

Last Updated: January 1, 2025

Introduction

IW Nexus ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our IW Nexus HRMS mobile application and related services (collectively, the "Service").

Please read this Privacy Policy carefully. By using our Service, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Personal Information

We may collect the following types of personal information:

Employee Information:

  • Full name, employee ID, and contact details
  • Email address and phone number
  • Date of birth and address
  • Blood group and emergency contact information
  • Employment details (designation, department, joining date)
  • Work schedule and attendance records
  • Profile photos and identification documents

Authentication Information:

  • Firebase authentication credentials
  • Login credentials and session tokens
  • Device identifiers and authentication tokens

Location Information:

  • GPS coordinates for attendance check-in/check-out
  • Location data for field staff tracking (only when app is in use)

Device Information:

  • Device type, operating system, and version
  • App version and usage analytics
  • IP address and network information

Usage Information

We automatically collect information about how you use our Service:

  • App usage patterns and feature interactions
  • Attendance patterns and work hour analytics
  • Error logs and crash reports
  • Performance metrics

How We Use Your Information

We use the collected information for the following purposes:

Primary Business Functions

  • Employee Management: Maintain employee records and organizational structure
  • Attendance Tracking: Record and monitor work hours, check-in/check-out times
  • Payroll Processing: Calculate salaries, overtime, and attendance-based compensation
  • Performance Analytics: Generate reports and insights for management
  • Communication: Send work-related notifications and updates

Service Improvement

  • Enhance app functionality and user experience
  • Troubleshoot technical issues and bugs
  • Analyze usage patterns to improve features
  • Ensure service security and prevent fraud

Legal Compliance

  • Comply with employment laws and regulations
  • Maintain records as required by labor laws
  • Respond to legal requests and government inquiries

Information Sharing and Disclosure

Within Your Organization

  • Employee data is accessible to authorized personnel only
  • Managers can view team member information as per access controls
  • HR and admin personnel have broader access as needed for business operations

Third-Party Services

We may share information with trusted third-party services:

  • Firebase (Google): Authentication and app analytics
  • Amazon Web Services (AWS): Document storage and data hosting
  • Resend: Email communication services

Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal processes or government requests
  • Protect our rights, property, or safety
  • Investigate potential violations of our terms
  • Respond to emergency situations

Business Transfers

In case of merger, acquisition, or sale of assets, user information may be transferred as part of the business transaction.

Data Security

We implement appropriate security measures to protect your information:

Technical Safeguards

  • End-to-end encryption for data transmission
  • Secure database storage with access controls
  • Regular security audits and vulnerability assessments
  • Multi-factor authentication for admin access

Organizational Safeguards

  • Employee training on data protection
  • Access controls based on job responsibilities
  • Regular backup and disaster recovery procedures
  • Incident response procedures for data breaches

Data Retention

We retain your information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements

Retention Periods:

  • Active Employee Data: Retained while employed and for 7 years after termination
  • Attendance Records: Retained for 3 years as per labor law requirements
  • Authentication Logs: Retained for 1 year
  • App Usage Data: Retained for 2 years

Your Rights and Choices

Access and Control

You have the right to:

  • Access: Request copies of your personal information
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your data (subject to legal requirements)
  • Portability: Request transfer of your data in a readable format

Privacy Controls

  • Location Services: You can disable location tracking in device settings
  • Notifications: You can control push notification preferences
  • Data Sharing: You can request restrictions on data sharing

How to Exercise Your Rights

To exercise these rights, contact us at contact@breakdecode.com with:

  • Your full name and employee ID
  • Specific request type
  • Verification of your identity

Children's Privacy

Our Service is designed for workplace use and is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18.

International Data Transfers

Your information may be processed and stored in countries other than your own. We ensure appropriate safeguards are in place for international transfers in accordance with applicable privacy laws.

Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new policy in the app
  • Sending email notifications for significant changes
  • Updating the "Last Updated" date

Continued use of the Service after changes constitutes acceptance of the updated policy.

Contact Information

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Email: contact@breakdecode.com

Developer: Firosh (BREAKDECODE)

Compliance

This Privacy Policy is designed to comply with:

  • Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (India)
  • General Data Protection Regulation (GDPR) where applicable
  • California Consumer Privacy Act (CCPA) where applicable
  • Other applicable privacy laws and regulations

Definitions

  • Personal Information: Any information that can be used to identify an individual employee.
  • Sensitive Information: Information such as biometric data, financial details, health information, and location data.
  • Processing: Any operation performed on personal data, including collection, storage, use, and disclosure.

Acknowledgment

By using the IW Nexus HRMS application, you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of your information as described herein.

This Privacy Policy was last updated on January 1, 2025 and is effective as of January 1, 2025.