At Stratemis HR Technologies Private Limited (henceforth also referred as ‘Stratemis’, ‘We’ or the ‘Company), we understand that you are trusting us with confidential information, and we believe that you have a right to know our practices regarding the information we may collect and use when you use our service. Stratemis is a cloud-based HRMS web platform that enables organizations to manage their human resource related activities, Attendance & Leave processes, Exit Management Process, Travel & Claims processes, Business Expense processes, Reimbursement and Payroll processes & output. Stratemis Mobile App is also part of the same offering. In addition, Stratemis also operates stratemis.com website. A user is the Customer which is an organization who has executed an agreement with Stratemis, of the Services or users of the Website (“end user(s) “) (Customer and end user shall collectively be referred to as “users” or “you “). 

This Privacy Policy describes the policies and procedures of Stratemis on the collection, use, access, correction, and disclosure of your personal information on Stratemis HRMS portal and our Mobile App. This privacy policy does not relate to any personal information that Stratemis collects on behalf of, or under the direction, of its Customer. We may be asked by our Customer to amend, update, or delete your personal information on behalf of our Customer in which case we will do so in accordance with the terms of our contract with our Customer(s). 

This Privacy Policy does not apply to any third-party applications or software that can be accessed from the portal, the Services or the Mobile App. 

Information collected and use of the details 

1. Location Information: We do not ask you for tracking any location-based information from your mobile device at the time of downloading or using the Mobile App. However, if you are using the Stratemis Mobile App, you give consent and agree that your employer would be enable location tracking technology for attendance purposes. Processing this information is the contractual obligation to your employer to perform the Services.  
2. Time & Attendance Logs: If our Customer uses the attendance module, we shall retain and process biometric logs, face recognition logs & Geo fencing with selfie information of the users for the purposes of calculating attendance and payroll using the rules configured by the respective Customer. The information collected consists of employee ID along with timestamps of punches (in and out entries). 
3. Personally Identifiable Information (PII): Personal information is being gathered through the Service consists of any personal details provided consciously and voluntarily by our customer (Employer), end user or the Customer’s administrator or through your use of the Stratemis HRMS platform. This may include your name (first and last), Date of birth, gender, nationality, designation, phone number(s), date of joining, organizational hierarchy, employee ID, PAN, Aadhaar number, Bank account number, present & permanent address, country, city, pin code, family status, spouse’s and other dependents name, gender, salary details and work (Cost to Company, gross salary, Net Salary, overtime, bonuses, statutory payments, tax declarations), all types of leaves, emergency contact details (name, relation, phone number(s)), resignation & termination date & reason, confirmation details, status in the workplace, other identifiers, information the Customer chooses to collect and other information user may choose to provide to Stratemis. 
4. Contact Details: When you express an interest in obtaining additional information about the Services, Website of Stratemis may ask you to provide your personal contact information, such as your name, email address, and phone number. You agree, consent and acknowledge that this information is used to communicate with you by responding to your requests and queries.  
5. Device Information: When using the Mobile App, we may request access to your device’s camera and photo storage. This allows you to take and upload pictures. You may at any time revoke access at the device level. We do not access your device’s camera and photo storage without your permission.  
6. Data Collected as a HRMS service Provider: As a service provider, Stratemis HRMS system only collects information as per the Customer (employer’s) requirement. Our MSA governs the delivery, access, and use of the Services and Mobile App, including the processing of Personal Information and data submitted in the system either by employer or employee. The Customer controls their HRMS platform and any associated customer data. If you have any questions about specific Platform settings, the processing of Personal Information in the HRMS portal, or its privacy practices, please contact the Employer administrator/ Human Resource personnel of your organization of the HRMS portal you use. 

Customer data shall be used by Stratemis in accordance with the Customer’s instructions, applicable terms in the MSA. 

Information Sharing 

1. Information Shared with Stratemis Service Providers: You agree, consent and acknowledge that we may share your information with third parties who provide services to us. These third parties are authorized to use your Personal Information only as necessary to provide these services to us. These services may include the provision of (i) Parsing of resume (ii) Integration with other services as provided and required by the Customer (employer). 
2. Third Party URLs: You may be able to access other Third-Party websites through the HRMS portal, for example by clicking on links to those Third-Party from within the Site. Stratemis is not responsible for the privacy policies and practices of these Third Parties, and you are responsible for reading and understanding respective Third-Party privacy policies. 
3. Shared of details with Partner Processors: We employ and contract with other entities that perform certain tasks on our behalf and who are under our control such RChilli for Resume parser API, helps in parsing resumes of candidates uploaded by customers & AWS for Hosting Stratemis Application. We may need to share Personal Information with our Partner Processors to provide Services to you. Unless specified otherwise, our Partner Processors do not have any right to use Personal Information for any other purpose. 

 

Data Retention 

Stratemis will retain data it processes on behalf of its customers only as long as required to provide the Service to its Customers and as necessary to comply with its legal obligations, resolve disputes and enforce its agreements. The data in Stratemis is backed up for BCP and each backup file may be stored for 1 year or as per the agreed MSA. 

After a termination of services by a Customer, We permanently delete the data as per the discussion with the Customer, provided the customer requests to retain the data as per their requirement by signing an addendum/ MSA.  

Customer may retain Personal Information and other Data about an end user which the end user may have no access to. If you have any questions about the right of the Customer to retain and process your Personal Information you should raise this directly with the Customer (Organization). You hereby agree not to assert any claim against Stratemis in this regard and waive any rights regarding such Data and Personal Information including the right to view and control such Data and Information. 

Data Storage: The Data we collect is hosted on the AWS Cloud in Mumbai Region data centre(s) which provides advanced security features and is compliant with ISO 27001 and other privacy and security standards. Stratemis headquarters in Gurgaon, India from where we provide customer support services. 

 

Information security: We take great care in implementing, enforcing and maintaining the security of the Service, and our users’ Personal Information. Stratemis implements, enforces and maintains security policies to prevent the unauthorized or accidental access to or destruction, loss, modification, use or disclosure of personal data and monitor compliance of such policies on an ongoing basis.  

Stratemis limits access to personal data to those of its personnel who: (i) require access for Stratemis to fulfil its obligations under this Privacy Policy and agreements executed with Stratemis and (ii) have been appropriately and periodically trained on the requirements applicable to the processing, care and handling of the Personal Information (iii) are under confidentiality obligations as required under applicable law. Stratemis takes steps to ensure that its staff who have access to personal data are honest, reliable, competent and properly trained. 

Stratemis shall act in accordance with its policies to promptly notify Customer in the event that any personal data processed by Stratemis on behalf of Customer is lost, stolen, or where there has been any unauthorized access to it subject to applicable law and instructions from any agency or authority. Furthermore, Stratemis undertakes to co-operate with Customer in investigating and remedying any such security breach. In any security breach involves Personal Information, Stratemis shall promptly take remedial measures, including without limitation, reasonable measures to restore the security of the Personal Information and limit unauthorized or illegal dissemination of the Personal Information or any part thereof. 

Privacy Policy Changes 

The terms of this Privacy Policy will govern the use of the Service and any information collected in connection therewith, however, Stratemis may amend or update this Privacy Policy from time to time. The most current version of this Privacy Policy will always be posted at: stratemis.com.  

If you have any questions (or comments) concerning this Privacy Policy, you are welcome to send us an email or otherwise contact us at support@stratemis.com and we will try to reply within a reasonable timeframe. 

By using our Services, you acknowledge you have read and understood this privacy policy. The data controller of the data processed through the Service is the customer of Stratemis who makes available and permits end users to access and use the service or anyone on its behalf. For data collected directly on stratemis.com (for marketing and communication purposes), Stratemis is the “Data Controller”. 

DPO OFFICER 

If you have any further concerns about data protection, feel free to contact pratyush.chatterjee@stratemis.com