Privacy Policy

Edvenswa Technologies Private Limited ("Edvenswa", "we", "us", or "our") is committed to protecting the privacy of individuals who use the ENS Employee Management Portal ("Service"). This Privacy Policy explains what data we collect, how we use it, and your rights with respect to that data.

By using the Service, you consent to the collection and use of information as described in this Policy.

We collect and process the following categories of personal data:

• Identity data: Full name, employee ID, designation, and department.
• Contact data: Work email address and phone number.
• Employment data: Joining date, employment status, payroll information, and performance records.
• Timesheet data: Work hours, project assignments, and attendance records.
• Authentication data: Encrypted passwords and Microsoft Azure AD tokens (for SSO users).
• Usage data: IP address, browser type, pages visited, and session duration for security and auditing purposes.
• Support data: Content of support tickets and attachments submitted through the platform.

We use the data collected to:

• Authenticate and authorise access to the Service.
• Maintain and display employee records, timesheets, and payroll information.
• Process and respond to support tickets.
• Generate HR analytics and workforce reports for administrators.
• Send system notifications, password reset emails, and service updates.
• Ensure platform security, detect fraud, and investigate suspicious activity.
• Comply with legal and regulatory obligations.

We process personal data on the following legal bases:

• Contract: Processing necessary to fulfil the employment management services agreed upon with the organisation.
• Legitimate interests: Security monitoring, fraud prevention, and platform improvement.
• Legal obligation: Compliance with applicable Indian labour and data protection laws.
• Consent: Where you have provided explicit consent for specific processing activities.

We do not sell, rent, or trade your personal data. We may share data with:

• Your employing organisation: As the data controller, your employer has access to your employment data within the platform.
• Cloud infrastructure providers: For hosting and database services (under data processing agreements).
• Microsoft Azure AD: For SSO authentication where enabled by your organisation.
• Email service providers: For sending transactional notifications.
• Legal authorities: Where required by law or court order.

We retain personal data for as long as your employment record is active within the platform, plus an additional period as required by applicable laws or at the direction of the employing organisation. When data is no longer required, it is securely deleted or anonymised.

We implement industry-standard technical and organisational measures to protect your data, including:

• Encrypted data transmission via HTTPS/TLS.
• Bcrypt-hashed password storage.
• Role-based access control (RBAC) limiting data visibility.
• Regular security audits and vulnerability assessments.
• Session management with automatic timeout.

The Service uses session cookies strictly necessary for authentication and maintaining your logged-in state. We do not use third-party tracking cookies or advertising cookies. You can disable cookies in your browser settings, but this will prevent you from logging in.

Subject to applicable law, you have the right to:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate data.
• Deletion: Request deletion of your data, subject to legal and contractual obligations.
• Portability: Request your data in a structured, machine-readable format.
• Objection: Object to certain types of data processing.

To exercise any of these rights, please contact your organisation's HR administrator or reach out to us directly at noreply-ens@edvenswatech.com.

The Service is intended solely for use by employed adults. We do not knowingly collect personal data from individuals under the age of 18.

We may update this Privacy Policy from time to time. The revised policy will be posted within the platform with an updated effective date. Continued use of the Service after changes constitutes acceptance of the updated Policy.

For privacy-related queries or to exercise your rights, please contact: