Back to HomeTerms of Service
Last updated: January 1, 2025  ·  Effective immediately upon publication
Privacy & Data Protection
by Vibeinn Techverse Pvt. Ltd.
Privacy Policy

We take your privacy seriously. This policy explains exactly what data we collect, why we collect it, how it is protected, and the rights you hold over your information.

Effective: Jan 2025
Indian Law & DPDPA 2023
16 Sections Covered
Related docs:Terms of Service
Section 01

Overview

Vibeinn Techverse Pvt. Ltd. ("we", "our", or "us") operates VIBEHR, a cloud-based Human Resource Management System. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform. We are committed to protecting the privacy of our Subscribers, Authorized Users, and all individuals whose data is processed through VIBEHR. By using the Platform, you consent to the practices described in this Policy.

Section 02

Information We Collect

Account & Identity Data
  • Full name, email address, phone number
  • Employee ID, job title, department
  • Profile photo (if uploaded)
  • Login credentials (passwords stored encrypted)
HR & Payroll Data
  • Salary, compensation, and payroll details
  • Leave records, attendance logs, shift schedules
  • Performance reviews and appraisal data
  • Bank account details for payroll disbursement
Usage & Technical Data
  • IP address, browser type, device information
  • Log data, session duration, pages visited
  • Cookies and similar tracking technologies
  • Error reports and diagnostic data
Section 03

How We Collect Information

  • Directly from Subscribers during onboarding and account setup
  • From Authorized Users when they input or update profile data
  • Automatically via cookies, log files, and analytics tools
  • From third-party integrations enabled by the Subscriber
  • Through support interactions, feedback, and surveys
Section 04

How We Use Your Information

  • To provide, operate, and maintain the VIBEHR platform
  • To process payroll, manage attendance, and generate HR reports
  • To send transactional emails, alerts, and system notifications
  • To improve platform features and user experience
  • To comply with legal obligations and regulatory requirements
  • To detect, prevent, and address fraud or security incidents
  • To respond to customer support requests
Section 05

Sharing of Information

We do not sell, trade, or rent your personal information. We may share data only in the following circumstances:

  • With service providers who assist in platform operations (under strict confidentiality)
  • With the Subscriber organization as the data controller for their employees
  • With government or regulatory authorities when legally required
  • During a merger, acquisition, or sale of business assets
  • With your explicit consent for any other purpose
Section 06

Data Security

We implement industry-standard security measures to protect your data from unauthorized access, disclosure, or destruction.

  • AES-256 encryption for data at rest
  • TLS/SSL encryption for data in transit
  • Role-based access control (RBAC) within the platform
  • Regular security audits and vulnerability assessments
  • Multi-factor authentication (MFA) support
  • Secure data centers with physical access controls
Section 07

Data Storage & Location

Your data is stored on secure cloud servers. We take steps to ensure that data transfers comply with applicable data protection laws.

  • Data is primarily stored in servers located in India
  • Cross-border transfers comply with applicable legal frameworks
  • Subscriber data is logically isolated and never commingled
  • Backups are encrypted and stored in geographically redundant locations
Section 08

Data Retention

We retain personal data only for as long as necessary to provide the Services or as required by law.

  • Active account data is retained for the duration of the subscription
  • Post-termination data is available for retrieval for up to 30 days
  • After 30 days, data is permanently and securely deleted
  • Certain data may be retained longer if required by applicable law
  • Anonymized or aggregated data may be retained for analytics purposes
Section 09

Your Rights

Authorized Users and individuals whose data is processed through VIBEHR have the following rights:

Right to AccessRequest a copy of personal data we hold about you
Right to CorrectRequest correction of inaccurate or incomplete data
Right to DeleteRequest deletion of your personal data (subject to legal obligations)
Right to PortabilityReceive your data in a structured, machine-readable format
Right to ObjectObject to processing of your data for certain purposes
Withdraw ConsentWithdraw consent at any time where processing is consent-based
Section 10

Cookies & Tracking

VIBEHR uses cookies and similar technologies to enhance your experience on the platform.

Essential CookiesRequired for the platform to function; cannot be disabled
Analytics CookiesHelp us understand how users interact with the platform
Preference CookiesRemember your settings and personalisation choices
Session CookiesMaintain your logged-in state; automatically deleted on logout
Section 11

Third-Party Services

VIBEHR may integrate with third-party tools such as payment gateways, communication services, or analytics providers.

  • Third-party services operate under their own privacy policies
  • We are not responsible for data practices of third-party providers
  • Subscribers are responsible for ensuring third-party integrations comply with their obligations
  • We perform due diligence on vendors that process Subscriber data on our behalf
Section 12

Children's Privacy

VIBEHR is a business platform not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected such data, we will promptly and securely delete it.

Section 13

Marketing Communications

We may send you product updates, newsletters, and promotional communications.

  • You can opt out of marketing emails at any time via the unsubscribe link
  • Transactional and service-related notifications cannot be opted out of
  • We do not share your contact data with third-party marketers
  • SMS alerts are sent only when explicitly opted into by the Subscriber
Section 14

Governing Law & Compliance

This Privacy Policy is governed by the laws of India and applicable data protection regulations.

  • Compliant with India's Information Technology Act, 2000 and IT (Amendment) Act, 2008
  • Adheres to the Digital Personal Data Protection Act (DPDPA), 2023
  • Subscribers in other regions may have additional rights under local law
  • Disputes are subject to the jurisdiction of courts in India
Section 15

Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. We will notify Subscribers of significant changes via email or in-platform notification. Continued use of VIBEHR after changes constitutes acceptance of the updated Policy.

Section 16

Contact & Grievances

For any privacy-related queries, data access requests, or complaints, please contact our Data Protection Officer:

Data Protection Officer
Vibeinn Techverse Pvt. Ltd.