Privacy Policy

Your privacy is important to us. Learn how we collect, use, and protect your personal information.

Last Updated: February 15, 2025

Table of Contents

Introduction
Information We Collect
How We Use Information
Information Sharing
Data Security
Your Rights
Cookies Policy
Third-Party Links
Children's Privacy
International Transfers
Changes to Policy
Contact Us

1. Introduction

Welcome to PravahERP ("we," "our," or "us"). We are committed to protecting your privacy and handling your personal information with transparency and care. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our HRMS software, website, and related services (collectively, the "Services").

About PravahERP

Company Name: RBN Technologies Pvt. Ltd.
Registered Address: D-304, STREET NO. 09, SADH NAGAR, PALAM, South West Delhi, Delhi, 110045
Email: privacy@pravaherp.com
Phone: +91 9871 5526 87

By accessing or using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree with any part of this policy, please do not use our Services.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

Category Examples Purpose
Contact Information Name, email address, phone number, company name Account creation, communication
Employee Data Salary details, bank account info, PAN, Aadhaar, employment history Payroll processing, compliance
Account Credentials Username, password, security questions Authentication, account security
Payment Information Billing address, GST number, payment method details Subscription billing, invoicing
Technical Data IP address, browser type, device info, cookies Service improvement, security

2.2 Sensitive Personal Information

In providing our HRMS services, we may process sensitive personal information including:

  • Government identifiers (PAN, Aadhaar, Passport)
  • Bank account and financial details
  • Biometric data (if you use biometric attendance)
  • Health information (for leave and benefits administration)

We process this information only as necessary to provide our Services and comply with legal obligations.

2.3 Information Collected Automatically

When you use our Services, we automatically collect:

  • Log Data: IP address, browser type, pages visited, time and date
  • Device Information: Device type, operating system, unique device identifiers
  • Usage Data: Features used, actions taken, interaction patterns
  • Location Data: Approximate location based on IP address

2.4 Information from Third Parties

We may receive information about you from:

  • Your employer or organization (when they provide your information for payroll)
  • Integration partners (banking partners, biometric device providers)
  • Social media platforms (if you choose to connect accounts)
  • Background verification agencies (with your consent)

3. How We Use Your Information

We use your information for the following purposes:

Purpose Legal Basis Data Categories Used
Providing HRMS Services Contract performance All personal and employee data
Payroll Processing Contract performance, legal obligation Salary, bank details, tax information
Statutory Compliance Legal obligation PF, ESI, TDS, Professional Tax data
Customer Support Legitimate interest Contact information, account details
Service Improvement Legitimate interest Usage data, technical data
Marketing Communications Consent Name, email, company
Fraud Prevention Legal obligation, legitimate interest Account data, technical data

3.1 Automated Decision Making

We use automated processes for:

  • Payroll calculations and tax deductions
  • Compliance reporting and filings
  • Fraud detection and security monitoring

You have the right to request human intervention in significant automated decisions affecting you.

4. Information Sharing and Disclosure

4.1 When We Share Information

We may share your information in the following circumstances:

Service Providers

Banks, payment processors, cloud hosting providers, customer support tools

Government Authorities

Income Tax Department, EPFO, ESIC, Professional Tax authorities

Your Organization

Employers or administrators of your account

Business Partners

Integration partners, consultants with your consent

4.2 Legal Requirements

We may disclose information if required to:

  • Comply with legal process or government requests
  • Enforce our terms and conditions
  • Protect our rights, property, or safety
  • Prevent fraud or illegal activities

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change.

5. Data Security

Our Security Measures

  • Encryption: AES-256 encryption for data at rest, TLS 1.3 for data in transit
  • Access Controls: Role-based access control (RBAC), multi-factor authentication
  • Infrastructure: ISO 27001 certified data centers in India
  • Monitoring: 24/7 security monitoring and intrusion detection
  • Audits: Regular security audits and penetration testing
  • Backups: Encrypted daily backups with geographic redundancy

5.1 Data Localization

All data is stored in data centers located in India, ensuring compliance with Indian data protection laws. We do not transfer your data outside India without your explicit consent.

5.2 Security Practices for Employees

  • All employees undergo mandatory privacy and security training
  • Strict confidentiality agreements are signed
  • Access to data is logged and audited regularly
  • Background checks are conducted for all employees

5.3 Breach Notification

In the unlikely event of a data breach, we will:

  • Notify affected users within 72 hours
  • Report to relevant authorities as required by law
  • Take immediate steps to mitigate impact
  • Provide guidance to affected users

6. Your Rights and Choices

Under Indian data protection laws, you have the following rights:

Right Description How to Exercise
Right to Access Request a copy of your personal data Email privacy@pravaherp.com
Right to Rectification Correct inaccurate or incomplete data Update in app settings or email us
Right to Erasure Request deletion of your data Submit deletion request
Right to Restrict Processing Limit how we use your data Contact our support team
Right to Data Portability Receive data in structured format Request data export
Right to Withdraw Consent Withdraw previously given consent Update preferences or email us

6.1 Data Deletion Requests

To request deletion of your data:

  1. Use the in-app deletion option in Settings
  2. Email privacy@pravaherp.com with subject "Data Deletion Request"
  3. Submit through our contact form

For Facebook app users, please visit our Facebook Data Deletion Instructions page.

6.2 Response Time

We will respond to your request within 30 days. In complex cases, we may extend this period by another 30 days with notice.

7. Cookies and Tracking Technologies

7.1 What Are Cookies

Cookies are small text files stored on your device that help us provide and improve our Services.

7.2 Types of Cookies We Use

Cookie Type Purpose Duration
Essential Cookies Authentication, security, session management Session / Persistent
Functional Cookies Remember preferences, language settings 1 year
Analytics Cookies Track usage, improve performance 2 years
Marketing Cookies Personalized advertising (with consent) 90 days

7.3 Cookie Preferences

You can control cookies through:

  • Browser settings (block or delete cookies)
  • Our cookie consent banner
  • Third-party opt-out tools

Disabling essential cookies may affect functionality.

8. Third-Party Links and Services

Our Services may contain links to third-party websites or services. We are not responsible for their privacy practices. We encourage you to review their privacy policies.

8.1 Third-Party Integrations

We integrate with the following third-party services:

  • Banking Partners: For salary disbursements
  • Biometric Device Providers: For attendance tracking
  • Payment Gateways: For subscription billing
  • Analytics Tools: Google Analytics (anonymized)

9. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, please contact us immediately.

10. International Data Transfers

We primarily store data in India. If we need to transfer data internationally (e.g., for customer support tools), we ensure:

  • Adequate safeguards are in place
  • Standard contractual clauses are executed
  • Your consent is obtained where required
  • Compliance with applicable laws

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

  • Email notification (for registered users)
  • Notice on our website
  • In-app notification

The "Last Updated" date at the top of this policy will reflect the most recent changes. We encourage you to review this policy periodically.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Address

RBN Technologies Pvt. Ltd., D-304, STREET NO. 09, SADH NAGAR, PALAM, South West Delhi, Delhi, 110045

Response Time

Within 24-48 hours on business days

12.1 Data Protection Officer

Our Data Protection Officer can be reached at:

  • Email: dpo@pravaherp.com
  • Phone: +91 9871 5526 87

12.2 Grievance Officer

In compliance with Indian IT Act and rules, we have appointed a Grievance Officer:

  • Name: [Name of Grievance Officer]
  • Email: grievance@pravaherp.com
  • Phone: +91 9871 5526 87
  • Address: RBN Technologies Pvt. Ltd., D-304, STREET NO. 09, SADH NAGAR, PALAM, South West Delhi, Delhi, 110045

The Grievance Officer will acknowledge your complaint within 24 hours and resolve it within 30 days.

By using our Services, you acknowledge that you have read and understood this Privacy Policy.

Last reviewed: February 2025