General Information

The data controller of is

PeopleWorks – A division of Crossdomain Solution Software Private Limited,

Tejas Arcade, No 527/B, 3rd Floor, 1st Main Road,

Dr. Rajkumar Road, Rajajinagar, Bangalore – 560010

The PeopleWorks data protection officer can be reached at

Privacy Policy

This Privacy Policy covers the privacy practices Peopleworks employees when Peopleworks customers (“Employers are our Customers”) use our Cloud-Based Enterprise Applications (the “Service”).

In the normal course of using the PeopleWorks Software as a service, Customers will input electronic data into the PeopleWorks systems (“Customer Data”). The use of information collected through our service shall be limited to the purpose of providing the service for which the Customer has engaged PeopleWorks. PeopleWorks may access Customer Data for the purposes of providing the Service, preventing or addressing service or technical problems, responding to support issues, and responding to Customer’s instructions, or as may be required by law, in accordance with the relevant agreement between Customer and PeopleWorks.

Information we collect and how we use it

Personal Information:

We generally collect and process the following types of Personal Information:

Personal Information of employees which is being gathered through the Service consists of any personal details provided consciously and voluntarily by our Customers (Employer), End User or the Customer’s administrator or through your use of the PeopleWorks platform. This may include your Employee id, name (first and last), date of birth, gender, nationality, designation, mobile number(s), date of joining your employer, department you work in,  permanent account number, address, country, city, postal pincode, spouse’s and other dependents name, gender and birth date, your bank account details (bank name, account number, branch address), details regarding your salary and work (payments, base salary, gross salary, overtime, bonuses, commissions, statutory payments such as sick, maternity/paternity leave, salary payment currency, Income tax , emergency contact details (name, relation, phone number(s), email address(es), city, country, post code), termination date, termination reason, probation end date, status in the system and in the workplace, IP address and other unique identifiers, User’s information relating to tax declarations, information the Customer chooses to collect and other information User may choose to provide to PeopleWorks and to its employee.

Location Information We do not ask you for, access, or track any location based information from your mobile device at any time while downloading or using the Mobile Apps. However, if you are using the PeopleWorks Mobile App, your employer may enable location tracking technology for time keeping purposes. Processing this attendance information is the contractual obligation to your employer to perform the Services. If you punch in or punch out by pressing a button available in PeopleWorks mobile app our application starts tracking your real time location which is required to your employer to ensure roles and responsibility assigned to you are performed in the location its expected.

Attendance Logs If our Customer (Employer) chose to utilize the optional Time and Attendance module, we shall retain and process biometric device logs of the users for the purposes of calculating attendance and payroll using the rules configured by the employer. The information collected consists of employee or attendance id along with timestamps of punches (in and out entries)

Contact Information When you express an interest in obtaining additional information about the Services, the Site, or Mobile Apps, PeopleWorks may ask you to provide your personal contact information, such as your name, email address, and phone number. This information is used to communicate with you by responding to your requests, comments and questions.

Device Information When using the PeopleWorks Mobile Apps, we may request access to your device’s storage details. PeopleWorks software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information We store within the analytics software to any Personal Information you submit within the Mobile Apps. When you download and use the Mobile Apps, we automatically collect your device information such as operating system version, type, hardware usage statistics, etc. Processing this information is the contractual obligation to your employer to perform the Services.

Data Collected as a Service Provider: As a service provider, PeopleWorks systems only collects information as per the Customer (employer’s) requirement. Our Master Subscription Agreement governs the delivery, access, and use of the Services and Mobile Apps, including the processing of Personal Information and data submitted through Services accounts. The Customer (e.g., your employer) controls their Platform and any associated client data. If you have any questions about specific Platform settings, the processing of Personal Information in the Platform, or its privacy practices, please contact the employer HR or administrator of the Platform you use. PeopleWorks is only a processor of Customer (employers) data and Customer is the controller

Sharing of your Information

Third Party Services

At times, you may be able to access other Third Party Services through the Site, for example by clicking on links to those Third Party Services from within the Site. We are not responsible for the privacy policies and/or practices of these Third Party Services, and you are responsible for reading and understanding those Third Party Services’ privacy policies.

Information Shared with Our Service Providers.

We may share your information with third parties who provide services to Us. These third parties are authorized to use your Personal Information only as necessary to provide these services to Us. These services may include the provision of (i) email ticketing services to manage support queries, (ii) mapping services, and (iv) cloud infrastructure.


Information Shared with Our Sub-Processors

We employ and contract with people and other entities that perform certain tasks on Our behalf and who are under Our control such as an email service provider to send emails on Our behalf, mapping service providers, and customer support providers Our “Sub-Processors”). We may need to share Personal Information with Our Sub-Processors in order to provide Services to you. Unless We tell you differently, Our Sub-Processors do not have any right to use Personal Information or other information We share with them beyond what is necessary to assist Us. Transfers to subsequent third parties are covered by onward transfer agreements between PeopleWorks and each Sub-Processor.

Information Disclosed for Our Protection and the Protection of Others

In certain situations, we may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We also reserve the right to access, read, preserve, and disclose any information as We reasonably believe is necessary to (i) satisfy any applicable law, regulation, legal process or governmental request (ii) enforce this Privacy Policy, including investigation of potential violations hereof, (iii) detect, prevent, or otherwise address fraud, security, or technical issues; (iv) respond to user support requests; or (v) protect Our rights, property, or safety. This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention. We require all third parties to respect the security of your Personal Information and to treat it in accordance with applicable laws. We do not allow third party service providers and Sub-Processors We share your Personal Information with to use it for their own purposes and only permit them to process your Personal Information for specified purposes in accordance with Our instructions. Except as set forth above, you will be notified when your Personal Information is shared with third parties, and will be able to prevent the sharing of this information. Unless We otherwise have your consent, we will only share your Personal Information in the ways that are described in this Privacy Policy.

Data Retention

Any Customer may request information regarding the storage and retention of data (“Audit”) by contacting us. PeopleWorks shall make reasonable efforts to respond to the Audit in a reasonable time and subject to applicable law (Customer’s personnel may be required to executed a non-disclosure agreements).

PeopleWorks will retain data it processes on behalf of its Customers only for as long as required to provide the Service to its Customers and as necessary to comply with its legal obligations, resolve disputes and enforce its agreements. The data in PeopleWorks is backed up for system continuity purposes and each backup file may be stored for 2 days.

Each User must keep the appropriate backup of its data. PeopleWorks shall not be responsible for any deletion of data or for any breach to database or for any erroneous data unless otherwise agreed with its Customer.

After a termination of services by a customer, process will begin that permanently deletes the data in 30 days. Once data is completely deleted cannot be reversed and data will be permanently deleted. Some data will not be deleted and shall be kept in an anonymized manner.

PeopleWorks collects and retains metadata and statistical information concerning the use of the Service which are not subject to the deletion procedures in this policy and may be retained by Peopleworks for no more than required to conduct its business. Some data may be retained also on our third-party service providers’ servers in accordance with their retention policies. You will not be identifiable from this retained metadata or statistical information.

Customer may retain Personal Information and other Data about an End User which the Controller owns and the End User may have no access to. If you have any questions about the right of the Customer to retain and process your Personal Information you should raise this directly with the Customer. You hereby agree not to assert any claim against PeopleWorks this regard and waive any rights regarding such Data and Personal Information including the right to view and control such Data and Information.

Please note that some data will not be deleted and shall be kept in an anonymized manner. Some metadata and statistical information concerning the use of the Service are not subject to the deletion procedures in this policy and may be retained by PeopleWorks. We will not be able to identify you from this data. Some data may also be retained on our third-party service providers’ servers until deleted in accordance with their privacy policy and their retention policy.

Where do we store your Data?

The Data we collect is hosted on the Microsoft Azure Cloud in Central India data centers which provides advanced security features and is compliant with ISO 27001 standard. PeopleWorks headquarter is based in Bangalore- India from where we provide customer support services, but no customer data is stored, except for customer call data.

Therefore, in providing your Personal Information to PeopleWorks, your Personal Information will be sent to India, where your Data is transferred outside of India, we will take all steps reasonably necessary to ensure that your Data is subject to appropriate safeguards, such as relying on a recognized legal adequacy mechanism, and that it is treated securely and in accordance with this privacy policy.

Security and storage of information

We take a great care in implementing, enforcing and maintaining the security of the Service, and our Users’ Personal Information. PeopleWorks implements, enforces and maintains security policies to prevent the unauthorized or accidental access to or destruction, loss, modification, use or disclosure of personal data and monitor compliance of such policies on an ongoing basis. PeopleWorks is certified under the ISO 27001:2013.

The Personal Information is hosted on the Microsoft Azure in India, which provides advanced security features and is compliant with ISO 27001 standard, among other certifications, as listed here: All Personal Information is stored with logical separation from information of other customers. However, we do not guarantee that unauthorized access will never occur.

PeopleWorks limits access to personal data to those of its personnel who: (i) require access in order for PeopleWorks to fulfil its obligations under this Privacy Policy and agreements executed with PeopleWorks and (ii) have been appropriately and periodically trained on the requirements applicable to the processing, care and handling of the Personal Information (iii) are under confidentiality obligations as required under applicable law. PeopleWorks takes steps to ensure that its staff who have access to personal data are honest, reliable, competent and periodically properly trained.

PeopleWorks shall act in accordance with its policies to promptly notify Customer in the event that any personal data processed by PeopleWorks on behalf of Customer is lost, stolen, or where there has been any unauthorized access to it subject to applicable law and instructions from any agency or authority. Furthermore, PeopleWorks undertakes to co-operate with Customer in investigating and remedying any such security breach. In any security breach involves Personal Information, PeopleWorks shall promptly take remedial measures, including without limitation, reasonable measures to restore the security of the Personal Information and limit unauthorized or illegal dissemination of the Personal Information or any part thereof.

PeopleWorks maintains documentation regarding compliance with the requirements of the law, including without limitation documentation of any known breaches and holds reasonable insurance policies in connection with data security.

The Service may, from time to time, contain links to external sites. We are not responsible for the operation, privacy policies or the content of such sites.

Your Rights associated with your information

If we are storing your personal information, you have the following rights to your information based on the services and your region.

When acting as a service provider of Our Customer, Peopleworks has no direct relationship with the individuals whose Personal Information is provided to PeopleWorks through the Services. An individual who is or was employed by one of Our Customers and who seeks access to, or who seeks to correct, amend, object to the processing or profiling of, or to delete his/her Personal Information in the Platform, should direct his/her query to the HR department of the Customer Organization that uses the Platform and for which he/she works or used to work if he/she cannot make the appropriate changes via its access to the Platform provided by the Customer.

In the event that you have provided Personal Information to Us on our website ,we will provide you with information about whether we hold any of your Personal Information. You may access, correct, or request deletion of your Personal Information by contacting us at , We will respond to your request within a reasonable timeframe.

Changes to the privacy policy:

We reserve the right to change or update this Privacy Statement at any time. Changes to the Privacy Statement will be posted on this website and links to the Privacy Statement will indicate that the statement has been changed or updated. We encourage you to periodically review this Privacy Statement for any changes. For new users, changes or updates are effective upon posting. For existing users, changes or updates are effective 30 days after posting.

Last Revised: October 11, 2021