Privacy Policy

At ORIS Intelligence Pvt. Ltd. (the entity behind PeopleOS), data privacy is foundational to our “Compliant by Design” philosophy. This Privacy Policy describes how we collect, use, and protect information within our HRMS platform.

1. India DPDP Act compliance

We are fully committed to the Digital Personal Data Protection (DPDP) Act, 2023. PeopleOS acts primarily as a Data Processor for our corporate clients, who serve as the Data Fiduciaries for their employees’ personal data.

2. Data sovereignty

All data related to Indian organisations and their employees is stored exclusively on servers located within the territory of India (AWS Mumbai / Azure West India regions). No employee PII leaves Indian jurisdiction.

3. Information we collect

• Employee master data (name, contact, employment details)
• Statutory identifiers (PAN, UAN) — Aadhaar stored only as tokens via Aadhaar Data Vault
• Payroll information and bank account details (encrypted at rest)
• Attendance and geo-location data (when enabled by the employer)
• Communication logs via ORIS AI (PII redacted before LLM processing)

4. AI data handling

ORIS AI processes natural-language queries for compliance and analytics. All personally identifiable information is stripped before any data is sent to LLM providers. AI never modifies payroll data directly — all proposals require explicit human approval.

5. Your rights

Employees have the right to access, correction, and erasure of their personal data through their employer (the Data Fiduciary). Data portability requests are processed within 30 days of receipt.