This Privacy Policy describes how Klyper Technology ("Klyper", "we", "us", or "our") collects, uses, stores, and protects personal information through the Klyper HRMS mobile application and web application (together, the "Service"). Klyper HRMS is a workforce management platform that organizations ("Employers") provide to their employees for attendance, leave, payroll, and related human-resource functions.
1. Who We Are
Klyper Technology is a software company based in Bhubaneswar, Odisha, India, that develops and operates the Klyper HRMS platform.
- Company: Klyper Technology
- Address: Plot No. 2377/9633, Near SR Valley, Elegance Villa, Puri Bypass, NH-316, Badagada, Bhubaneswar, India, 751018
- Email: klypertechnology@gmail.com
- Phone: +91 78550 79698
2. Scope & Roles
Klyper HRMS is a business-to-business product. Employee accounts are created and managed by the Employer — you cannot self-register. In privacy terms:
- Your Employer is the data controller (data fiduciary). It decides which features are enabled (for example, whether location tracking applies to your role), which data is collected, and how long it is kept.
- Klyper Technology is the data processor. We host and operate the Service on the Employer's behalf and process data only as needed to provide the Service.
This policy covers what the Klyper HRMS applications collect and how that data is handled. Your Employer's own workplace and privacy policies also apply to your employment data.
3. Information We Collect
| Category | Examples | Source |
|---|---|---|
| Identity & profile data | Name, employee code, work email, mobile number, gender, date of birth, department, designation, profile photo, emergency contact | Provided by your Employer or by you in the app |
| Employment & HR records | Joining date, employment type, shifts, leave balances and applications, attendance records, overtime, salary and compensation details, bank details for payroll, uploaded documents (e.g. ID proofs), expense claims and receipts | Provided by your Employer or by you in the app |
| Attendance verification data | Punch-in / punch-out timestamps, face verification images and face embeddings (see Section 5), punch location (if enabled by your Employer) | Collected by the mobile app when you punch |
| Location data | Precise GPS location, movement path, and location-service status during working hours (see Section 4) — only for employees designated for field tracking by their Employer | Collected by the mobile app during on-duty sessions |
| Device & technical data | Device model, operating system version, unique device identifier, app version, push notification token, IP address, and login/session records | Collected automatically |
4. Location Data (Including Background Location)
If your Employer designates your role for field-force tracking, the Klyper HRMS mobile app collects your device's precise location, including in the background (while the app is closed or not in use), subject to all of the following safeguards:
- Working hours only. Location is collected only while you are punched in / on an active attendance session. Tracking stops when you punch out or your shift session ends.
- Prominent disclosure and consent. Before location collection ever starts, the app shows a clear in-app disclosure explaining what is collected and why, and asks for your permission through the operating system's permission dialogs.
- Visible while active. On Android, tracking runs as a foreground service with a persistent notification, so you can always see when it is active.
- Purpose limitation. Location data is used solely for workforce management purposes: live team visibility for authorized managers, route and attendance verification, and distance/coverage reporting. It is not used for advertising and is never sold.
If location tracking is not enabled for your role, the app may still record a one-time location at the moment of punch-in/punch-out, where your Employer has enabled punch-location capture.
5. Face & Biometric Data
Klyper HRMS uses face verification to confirm that the person punching attendance is the account holder. Here is exactly how it works:
- Enrollment. During enrollment you capture reference photos of your face. The app converts these into face embeddings — a compact numerical representation of facial features. Embeddings cannot be reversed into a photograph.
- On-device matching. Face comparison is performed on your own device. The face-matching model runs locally; your face is not matched on external third-party face-recognition services.
- What is stored. Face embeddings and, where enabled by your Employer, the punch-time photo are stored on the Service's servers as part of your attendance record so your Employer can audit attendance authenticity.
- Consent and re-enrollment. Enrollment happens with your knowledge and participation. Your Employer's administrators can reset your enrollment, after which new reference captures are required.
- No other use. Biometric data is used only for attendance verification. It is never used for profiling, advertising, or any unrelated purpose, and is never sold or shared with third parties other than as described in Section 7.
6. How We Use Information
- Authenticate you and operate your employee account securely
- Record and verify attendance, shifts, overtime, and corrections
- Process leave requests, approvals, and balances
- Compute payroll inputs, reimbursements, and salary advances
- Provide live location visibility and route history to authorized managers (field roles only)
- Send service notifications (approvals, reminders) via push notification
- Maintain security, prevent fraud and misuse, and keep audit logs
- Diagnose technical problems and improve the reliability of the Service
We do not use your personal data for advertising, and we do not sell it to anyone.
7. How Information Is Shared
- With your Employer. Your attendance, leave, location (if applicable), and HR records are visible to your Employer's authorized personnel (such as HR administrators and your reporting managers) according to role-based permissions.
- With service providers. We use a small number of infrastructure providers to operate the Service — for example, cloud hosting providers and Google Firebase Cloud Messaging for push notifications. These providers process data only on our instructions.
- For legal reasons. We may disclose information if required by law, regulation, legal process, or enforceable governmental request, or to protect the rights, safety, and security of users and the Service.
- Business transfers. If Klyper Technology is involved in a merger, acquisition, or asset sale, personal data may be transferred as part of that transaction, subject to this policy's protections.
We never sell personal data.
8. Data Retention
- HR and attendance records are retained for the duration of your employment and thereafter as required by your Employer's policies and applicable labour, tax, and statutory record-keeping laws.
- Detailed location points are retained for a limited, configurable period for reporting purposes and are then deleted or archived according to the Employer's retention configuration.
- Face embeddings are retained while face-verified attendance is enabled for your account and are deleted when your enrollment is reset or your account is removed.
- When an account is deleted, associated personal data is deleted or anonymized within a reasonable period, except where longer retention is legally required.
9. Data Security
- All data in transit is encrypted using HTTPS/TLS
- Each Employer organization runs on an isolated deployment and database
- Role-based access control limits who can see what inside your organization
- Authentication uses short-lived tokens with secure session management
- Audit logging on sensitive administrative operations
- Credentials are stored using strong one-way hashing
No method of transmission or storage is 100% secure, but we continuously review and improve our safeguards.
10. App Permissions
| Permission | Why the app needs it |
|---|---|
| Camera | Face-verified attendance punches and capturing documents/receipts |
| Location (foreground & background) | Field-force tracking during working hours and punch-location capture, as described in Section 4 |
| Photos / media | Choosing a profile photo or attaching receipts and documents |
| Notifications | Approval updates, reminders, and important workplace notices |
You can revoke permissions at any time in your device settings. Some features (such as attendance punch or field tracking) will not function without their required permissions.
11. Your Rights & Choices
Because your Employer controls your employment data, requests to access, correct, or delete your data should generally be made to your Employer's HR department. We support Employers in fulfilling these requests. Subject to applicable law, you have the right to:
- Access the personal data held about you
- Request correction of inaccurate or incomplete data
- Request deletion of your data when it is no longer required
- Withdraw consent for optional processing (e.g. by disabling permissions)
- Raise a grievance about how your data is handled (see Section 15)
You may also contact us directly at klypertechnology@gmail.com and we will assist, coordinating with your Employer where necessary.
12. Children's Privacy
Klyper HRMS is a workplace application intended for use by employed adults. It is not directed at children, and we do not knowingly collect personal data from anyone under 18 years of age.
13. Compliance with Indian Law (DPDP Act)
We process personal data in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and other applicable Indian laws. This includes processing employment data for legitimate employment purposes, honouring the principles of purpose limitation and data minimisation, implementing reasonable security safeguards, and providing a grievance redressal channel (Section 15). Data is primarily stored and processed in India unless otherwise agreed with the Employer.
14. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify Employers or display an in-app notice. Continued use of the Service after changes take effect constitutes acceptance of the revised policy.
15. Contact Us & Grievance Officer
For privacy questions, requests, or grievances relating to Klyper HRMS, contact:
- Grievance / Privacy Contact: Klyper Technology — Privacy Desk
- Email: klypertechnology@gmail.com
- Phone: +91 78550 79698
- Address: Plot No. 2377/9633, Near SR Valley, Elegance Villa, Puri Bypass, NH-316, Badagada, Bhubaneswar, India, 751018
We aim to acknowledge grievances promptly and resolve them within statutory timelines.