One App - One Experience

Single, unified interface for multiple HR products. Be it attendance, payroll, surveys, meetings, emergen...

Know More

Features

Unified Approvals

A single, cohesive interface for approvals for enhancing efficiency and decision-making speed. Supports multiple backend approval workflows, with real-time notifications as per approval hierarchies.

e-Ngage Unified Approvals Feature Interface

Unified Notifications (from all existing backend applications)

Consolidates business alerts and messages from all back-end applications, ensuring no important updates are missed. Real-time notifications with customizable settings to prioritize and filter alerts based on relevance and urgency.

e-Ngage Unified Notifications Feature Interface

Unified Communications (Survey, Feedback forms, Announcements)

Allows real-time publishing of surveys, feedback forms, and company-wide announcements into one cohesive platform, enhancing organizational communication. Real-time analytics and response tracking provide valuable insights and ensure timely follow-up. Centralized dashboard simplifies managing communications, fostering a more engaged and informed workforce. Customisable Templates Included.

e-Ngage Unified Communications Feature Interface

Unified Requests (Leave, Muster, etc..)

Centralizes the submission of leaves, muster, and expense requests etc. simplifying the process for employees and managers. A single place for submitting requests, tracking status, and receiving approvals in real-time.

e-Ngage Unified Requests Feature Interface

Unified Document Storage

All company related documents of an employee handy in a single, secure repository, streamlining access. It offers advanced capabilities like sharing, searching and tagging, making it easy to locate files quickly. This allows single click access to important documents like Salary Slips [FILL MORE] reducing the risk of document loss and duplication.

e-Ngage Document Storage and Management Interface
e-Ngage Unified Approvals Feature Interface

Industry Insights

Customers

Loved by over 5 million users from companies like

ICICI Bank
Aditya Birla Group
ICICI Securities
RBL Bank
Fullerton India
NKGSB Bank

Articles

More Articles
×

Privacy Policy

1. Objective

This policy aims to ensure that everyone handling personal data is aware of the requirements and acts in accordance with data protection procedures.

2. Scope

This policy applies to all staff employees and business partners, implementers, and our consultants.

3. Overview

The Indian Information Technology Act 2000 mandates the secure processing of personal information and prevention of misuse of Information. On April 11, 2011, India's Ministry of Communications and Information Technology passed the Information Technology (Reasonable Security Practices, Procedures and Sensitive Personal Data or Information) Rules which deals with practices and procedures for protection and maintenance of Personal Information.

Cyber Managers Software Services Pvt Ltd needs to keep certain information about its clients' data, business partners and employees to carry out its day-to-day operations, to meet its objectives and to comply with legal obligations.

The organization is committed to ensuring any personal data will be dealt with in line with the relevant data protection & privacy regulations. To comply with the law, personal information will be collected and used fairly, stored safely and not disclosed to any other person unlawfully.

This document also highlights key data protection procedures within the organization.

Definitions

In line with the relevant Data Protection & Privacy principles, Cyber Managers Software Services Pvt Ltd will ensure that personal data will:

  • Be obtained fairly and lawfully and shall not be processed unless certain conditions are met
  • Be obtained for a specific and lawful purpose
  • Be adequate, relevant but not excessive
  • Be accurate and kept up to date
  • Not be held longer than necessary
  • Be processed in accordance with the rights of data subjects
  • Be subject to appropriate security measures
Personally Identifiable Information (PII) / personal data:

Personally Identifiable Information means any information that relates to a natural person, which either directly or indirectly, in combination with other information available or likely to be available with the organization, can identify such a person.

Processing:

Refers to any action performed on PII / personal data such as collecting, recording, organizing, storing, transferring, modifying, using, disclosing, uploading or deleting.

Sensitive Personal Data:

Under the Indian IT Rules 2011, sensitive personal data means such personal data which consists of information relating to:

  • Password
  • Financial Information such as bank account or credit card or debit card or other payment instrument details
  • Physical, physiological, and mental health condition
  • Sexual orientation
  • Medical records and history
  • Biometric information
  • Any other details pertaining to the above, provided by any person to Cyber Managers Software Services Pvt Ltd for providing services
  • Any information received pursuant to the above by Cyber Managers Software Services Pvt Ltd for processing or storing such information under lawful contract or otherwise

Provided that any Information that is freely available or accessible in public domain or furnished under the Right to Information Act 2005 or any other law for the time being in force will not be Sensitive Personal Data

Employee:

"Employee" means a Cyber Managers Software Services Pvt Ltd current or former employee. As far as it applies to employees, the Policy covers all stages of the employment cycle including recruitment and selection, promotion, evaluation, and training.

Relevant individual:

"Relevant Individual" means an employee, customer / client / stakeholder, contractor and/or any other third party working on Cyber Managers Software Services Pvt Ltd behalf and job applicants.

The Personal Data Guardianship Code:

This code suggests five key principles of good data governance on which best practice is based. The organization will seek to abide by this code in relation to all the personal data it processes, i.e.

  • Accountability: those handling personal data follow publicized data principles to help gain public trust and safeguard personal data.
  • Visibility: Data subjects should have access to the information about themselves that an organization holds. This includes the right to have incorrect personal data corrected and to know who has had access to this data.
  • Consent: The collection and use of personal data must be fair and lawful and in accordance with the DPA's eight data protection principles. Personal data should only be used for the purposes agreed by the data subject. If personal data is to be shared with a third party or used for another purpose, the data subject's consent should be explicitly obtained.
  • Access: Everyone should have the right to know the roles and groups of people within an organization who have access to their personal data and who has used this data.
  • Stewardship: Those collecting personal data have a duty of care to protect this data throughout the data life span.

3.1 Type of information processed

Cyber Managers Software Services Pvt Ltd processes the following information:

  • Personal Details, Educational Qualification, previous employment details (if applicable)

Groups of people within the organization who will process personal information are: Only those individuals (Cyber Managers Software Services Pvt Ltd employees and non-employees) designated with approved access and signed confidentiality & non-disclosure agreements.

4. Policy

4.1 General provisions

Cyber Managers Software Services Pvt Ltd as a corporate body is the governing body to control the distribution of and access of personal data to the rest of the staff and its business partners and consultants on a need-to-know basis.

The governing body will delegate tasks to a manager who deals with day-to-day Data Protection matters, such as subject access requests, and is a point of contact for issues relating to Data Protection contacts and is responsible for:

  • Understanding and communicating obligations under the Act
  • Identifying potential problem areas or risks
  • Producing clear and effective procedures

All staff employees and business partners or implementors and vendors who process personal information must ensure they not only understand but also act in line with this policy and the data protection principles.

4.2 Implementation

To meet our responsibilities, we will:

  • Ensure any personal data is collected in a fair and lawful way
  • Explain why it is needed at the start
  • Ensure that only the minimum amount of information needed is collected and used
  • Ensure the information used is up to date and accurate
  • Review the length of time information is held
  • Ensure it is kept safely
  • Ensure the rights people have in relation to their personal data can be exercised

We will ensure that:

  • Everyone managing and handling personal information is trained to do so
  • Anyone wanting to make enquiries about handling personal information, whether a member of staff, volunteer or service user, knows what to do
  • Any disclosure of personal data will be in line with our procedures
  • Queries about handling personal information will be dealt with swiftly and politely

4.3 Training

Training and awareness raising about any relevant Data Protection regulations and how it is followed in this organization will take the following forms:

On induction: At the time of engagement with an employee, we sign the "offer letter and employment terms" document which has data privacy terms & conditions.

General training & awareness: ISO/IEC 27001 based ISMS awareness training provided to employees will include data privacy & security topics.

4.4 Collection of personally identifiable information

Throughout the relationship with the Relevant Individual, Cyber Managers Software Services Pvt Ltd needs to collect Personal Data. The type of Information that may be collected includes (but is not limited to), where relevant:

  • Employee's Personal Details, Educational Qualification, previous employment details

4.5 Purposes of collection and processing of Personal Data

Cyber Managers Software Services Pvt Ltd may collect, process and disclose Personal Data of the Relevant Individuals for purposes connected with its business activities including the following purposes, hereinafter the "Agreed Purposes":

  • Managing the Relevant Individual's employment/ work with Cyber Managers Software Services Pvt Ltd including deployment/assignment of the individual to specific client projects
  • Record-keeping purposes; Payroll Administration, Payment of the Relevant Individual's salary or invoice; Performance Assessment and Training
  • Compliance with a legal requirement / obligation; health and safety rules and other legal obligations
  • Administration of benefits, including insurance, provident fund, pension plans
  • Immigration, visa related purposes
  • Cyber Managers Software Services Pvt Ltd Group reporting purposes
  • Background verification purposes; credit and security checks
  • Operational issues such as promotions, disciplinary activities, grievance procedure handling
  • Audits, investigations, analysis and statistics, for example of various recruitment and employee retention programs
  • IT, Security, Cyber security and Access Controls
  • Disaster recovery plan, crisis management, internal and external communications
  • For any other purposes as Cyber Managers Software Services Pvt Ltd may deem necessary

Cyber Managers Software Services Pvt Ltd only collects users and discloses Personal Data for purposes that are reasonable and legitimate. Such Personal Data shall be processed in a manner compatible with the Agreed Purposes; unless the Relevant Individuals have consented to it being processed for a different purpose or the use for a different purpose is permitted by applicable law. There may be circumstances, when the Relevant Individual may have volunteered personal information and given explicit/fully informed consent to its processing (for example by submission of a CV)

4.6 Limited Access

Only those Employees who "need-to-know" or require access to function in their role should have access to Personal Data. Cyber Managers Software Services Pvt Ltd will not disclose Personal Data to any person outside Cyber Managers Software Services Pvt Ltd except for the Agreed Purposes, or with the Relevant Individuals' consent, or with a legitimate interest or legal reason for doing so, such as where Cyber Managers Software Services Pvt Ltd reasonably considers it necessary to do so and where it is permitted by applicable law. In each instance, the disclosed Personal Data will be strictly limited to what is necessary and reasonable to carry out the Agreed Purposes.

When Cyber Managers Software Services Pvt Ltd works with third parties which may have access to Personal Data in the course of providing their services, Cyber Managers Software Services Pvt Ltd contractually requires third party to process Personal Data only on Cyber Managers Software Services Pvt Ltd instructions and consistent with Cyber Managers Software Services Pvt Ltd Data Privacy policies and applicable Data Protection laws.

4.7 Disclosure and Transfer of Personal Data

Cyber Managers Software Services Pvt Ltd may, from time to time, disclose and/or transfer the Relevant Individuals' Personal Data to third parties (including but not) listed below:

  • Group Companies, affiliate companies and/or other business associates Cyber Managers Software Services Pvt Ltd insurers and banks
  • External and internal auditors
  • Medical practitioners appointed by Cyber Managers Software Services Pvt Ltd, Administrator of Cyber Managers Software Services Pvt Ltd mandatory provident fund scheme
  • Third parties who are involved in a merger, acquisition or due diligence exercise associated with Cyber Managers Software Services Pvt Ltd
  • External companies or third-party service providers Cyber Managers Software Services Pvt Ltd engages to perform Services on the Company's behalf
  • Third Parties providing certain information technology and data processing services to enable business operations
  • The applicable regulators, governmental bodies, tax authorities or other industry recognized bodies as required by any applicable law or guidelines of any applicable jurisdiction
  • To any other party as deemed necessary by Cyber Managers Software Services Pvt Ltd

Notwithstanding anything contained elsewhere, any Personal or Sensitive Personal Data may be disclosed by Cyber Managers Software Services Pvt Ltd to any third party as required by a Court of Law or any other regulatory or any other law enforcement agency established under a statute, as per the prevailing law without the Relevant Individual's consent

As Cyber Managers Software Services Pvt Ltd is part of a larger group of companies operating internationally, it may transfer Personal Data for the Agreed Purposes described above to its own operations, or to other subsidiaries or affiliated companies located in other jurisdictions. Such transfer is justified on the basis that there is a "need-to-know" and it is reasonable and legitimate to allow Cyber Managers Software Services Pvt Ltd companies and businesses to operate effectively and competitively. Personal information is only transferred to another country, including within the Cyber Managers Software Services Pvt Ltd Group, only in as far as a reasonable level of data protection is assured in the recipient country.

When using external data processers or transferring personal data to external third parties, Cyber Managers Software Services Pvt Ltd shall enter into agreements with appropriate contractual clauses for protection of Personal Data and confidentiality including requirements to process the Personal Data only in accordance with instructions from Cyber Managers Software Services Pvt Ltd and to take appropriate technical and organizational measures to ensure that there is no unauthorized or unlawful processing or accidental loss or destruction of or damage to Personal Data.

4.8 Retention and Deletion of Personal Data

It is Cyber Managers Software Services Pvt Ltd policy to retain certain Personal Data of the Relevant Individuals when they cease to be employed/ engaged by Cyber Managers Software Services Pvt Ltd. This Personal Data may be required for Cyber Managers Software Services Pvt Ltd legal and business purposes, including any residual activities relating to the employment/engagement, including for example, provision of references, processing of applications for re-employment/re-engagement, matters relating to retirement benefits (if applicable) and allowing Cyber Managers Software Services Pvt Ltd to fulfil any of its contractual or statutory obligations.

All Personal Data of the Relevant Individuals may be retained for periods as prescribed under law or as per Cyber Managers Software Services Pvt Ltd policy from the date the Relevant Individuals cease to be employed/engaged by Cyber Managers Software Services Pvt Ltd. The Personal Data may be retained for a longer period if there is a subsisting reason that obliges Cyber Managers Software Services Pvt Ltd to do so, or the Personal Data is necessary for Cyber Managers Software Services Pvt Ltd to fulfil contractual or legal obligations. Once Cyber Managers Software Services Pvt Ltd no longer requires Personal Data, it is destroyed appropriately and securely or anonymized in accordance with the law.

4.9 Security of Personal Data

Cyber Managers Software Services Pvt Ltd takes reasonable security measures to protect Personal Data against loss, misuse, unauthorized or accidental access, disclosure, alteration and destruction. Cyber Managers Software Services Pvt Ltd has implemented policies and maintains appropriate technical, physical, and organizational measures and follows industry practices and standards in adopting procedures and implementing systems designed for securing and protecting Personal Data from unauthorized access, improper use, disclosure and alteration.

Cyber Managers Software Services Pvt Ltd shall implement data masking techniques for protection of PII such as:

  • Revealing minimum amount of data to employees processing PII
  • Obfuscating (hiding) certain pieces of data at the request of the individuals and only allowing authorized employees to access and process PII data sections relevant to them.

4.10 Accuracy of Personal Data

Cyber Managers Software Services Pvt Ltd aims to keep all Personal Data as accurate, correct, up-to-date, reliable and complete as possible. However, the accuracy depends to a large extent on the data the Relevant Individuals provide.

4.11 Subject Access Requests

Relevant individuals / employees have the right to request details of their personal data that Cyber Managers Software Services Pvt Ltd holds on them by submitting a Subject Access Request.

5. Responsibility & authority

The Human Resource Department and top management are responsible for this policy.

6. Communication of Policy Details

This policy and relevant specific policies and procedures shall be published in the company's Shared Drive and communicated to all employees and relevant external parties.

7. Review of policy

This policy shall be reviewed on a yearly basis or if significant changes occur to ensure its continuing suitability, adequacy, and effectiveness.

The core ISMS team would review this Policy, the compliance and implementation status, effectiveness of controls and their implementation, considering Internal Audit Reports, idents, suggestions and feedback from related parties and make appropriate recommendations for improvements.

8. Violation of the Information Security Policies

Non-compliance or violation of this policy shall result in disciplinary action as per the Human Resources Security Policy and other such rules prevalent at the time of violation.