Privacy Policy

General Privacy Statement

Introduction and Purpose :

Zimyo is a Human Resource Management Software (HRMS) company , dedicated to providing innovative solutions for efficient HR operations . Our HRMS services encompass various aspects , such as , Employee Management , Payroll Processing, Attendance Tracking , and more. This Privacy Policy outlines our commitment to protecting the privacy and personal data of individuals who interact with our platform.

At Zimyo , we recognise the importance of safeguarding Personal Data and maintaining the trust of our users . This Privacy Policy aims to inform individuals about how we collect , use, store , and protect their Personal Data , as well as their rights and choices regarding their information .

Definitions :

Personal Data : Any information that relates to an identified or identifiable individual .
Data Subject : The individual to whom the Personal Data belongs .
Processing : Any operation performed on personal data , such as collection , recording , organisation , storage , retrieval , or disclosure.

Scope :

This Privacy policy applies to the Personal Data Collected , processed and stored by Zimyo’s HRMS . It covers all the platforms, applications, websites, and services provided or owned/governed by Zimyo that involve the handling of Personal Data .

What does Zimyo’s Privacy Policy Covers ?

Some data protection laws in various jurisdictions distinguish between “Controllers” and “Processors” of Personal Information . While other jurisdictions may use different terminology , the concept typically remains the same . A Controller decides why and how to process Personal Information . A Processor only processes information on behalf of a controller based on the instructions of the controller , the Processor does not make decisions about Personal Information . Zimyo may be either a Controller or a Processor , depending on the scenario.

This Privacy Statement applies when Zimyo is the Data Controller of your Personal information (unless a different Zimyo privacy statement is displayed when we collect your personal information), and explains how Zimyo collects, uses, and shares your Personal Information for its own purposes. For example, this Privacy Statement covers when you:

  • Visit a Zimyo website that links to this Privacy Statement;
  • Interact with Zimyo as a representative of a company that has an account with Zimyo (e.g., you are our customer or our supplier);
  • Create or use an account offered directly by Zimyo (as opposed to an account offered by our customers);
  • Register for or attend a Zimyo marketing, learning, or training event or webinar;
  • Provide us with feedback about our products or services;

Receive a sales or marketing communication from us, including emails or telephone calls.

This Privacy Statement does not cover how we process Personal Information on behalf of our enterprise customers as a processor.

Types of Personal Data Collected :

We may collect various types of Personal Data from our users and employees , including but not limited to :

Names , addresses, location and contact information (Email , phone number , etc.)
Identification details (such as employee ID , Social Security Number , etc.)
Employment history , job titles , and professional details .

Sharing your Personal Information:

Zimyo may share or make accessible your personal information to third parties as follows:

  • Zimyo Affiliates: Zimyo may share personal information with affiliates within the Zimyo group where necessary to fulfill a request you have submitted or for customer support, marketing, technical operations, event registration, and account management purposes.
  • Service providers: Zimyo may share both personal information and the categories of personal information with third-party service providers or vendors contracted to provide services on our behalf (such as IT and hosting, marketing, customer support, call recording and data enrichment, email fulfillment, and payment services). These third-party service providers may use personal information we provide to them only as instructed by Zimyo.
  • Zimyo partners: When you participate in webinars, events, and other activities where Zimyo collaborates with third parties, we may share your contact information and interests in these offerings or services with these approved third parties to communicate with you about Zimyo.
  • Your organization: Where your organisation is a customer or potential customer of Zimyo, we may share your personal information with relevant people within your organisation. For example, we may share a list of individuals attending a Zimyo event, or share inquiries from end users that should be addressed directly by the organisation rather than Zimyo.
  • Additional disclosures: Zimyo may disclose data if we have a good-faith belief that such action is necessary to (a) conform to legal requirements or comply with legal processes; (b) protect and defend our rights or property; (c) enforce our website Terms and Conditions; and/or (d) act to protect the interests of our customers, users, or others. If Zimyo goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your personal information may be among the assets transferred, provided that we inform the actual or potential buyer (or its agents and advisors) that it must use your Personal Information only for the purposes disclosed in this Privacy Statement. Zimyo may also ask for your consent to share your information with other unaffiliated third parties that are not described elsewhere in this statement.

Location Information : 
We request your location (Course or Fine) data only upon your acknowledgement, consent, and agreement that your employer will enable location tracking technology for attendance purposes. If you do not provide consent, we will not request access to, or track, any location-based information from your mobile device at any time during the download or use of the mobile apps. The legal basis for processing this information under GDPR is the contractual obligation to your employer for the provision of services.

Protecting your personal information:

We use technical and organisational measures that provide a level of security appropriate to the nature of, the personal information and the risks that are presented by processing your personal information. However, the security of information transmitted through the internet can never be guaranteed. You are responsible for maintaining the security of your password or other forms of authentication involved in accessing password-protected or secured resources.

Retaining your personal information:

We retain your personal information for as long as we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements).
The criteria used to determine appropriate retention periods for personal information include:

  • The length of time we have an ongoing business relationship with you;
  • The amount, nature, and sensitivity of the personal information we process;
  • Whether we have a legal obligation to retain personal information or whether retaining personal information is necessary to resolve disputes, including the establishment, exercise, or defense of legal claims.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

Legal Processing :
We process Personal Data based on Legal Grounds , such as , the necessity for the performance of contracts , compliance with legal obligation , obtaining consent when required , or pursuing Legitimate interests in accordance with applicable laws .

Purpose of Processing :

We Collect and process Personal data for various purposes related to the provision of HRMS services , including :

  • HR-related activities , such as employee onboarding , performance evaluation , and training .
  • Payroll processing and management .
  • Attendance tracking and leave management .
  • Employee engagement and communication .
  • Compliance with legal obligations.

Date Retention :

We retain Personal Data for as long as necessary to fulfil the purpose outlines in this Privacy policy , taking into account legal requirements and business needs. The retention periods for different categories of personal data may vary . We determine the retention periods based on the nature of the data and the purposes for which it is processed .

Data Security Measures :

We implement reasonable technical and organised measures to ensure the security and confidentiality of personal data . We adhere to industry best practices to protect personal data from unauthorised access, loss, alteration, or disclosure. Individuals have certain rights under applicable data protection laws, such as the right to access, rectify , erase, restrict processing , data portability, and object to processing . To exercise these rights to make any related requests , individuals can contact us using the information provided in the “Contact Information” Section .

Consent :

In certain cases where required by law , we obtain explicit and informed consent from individuals before processing their personal data . Individuals have the right to withdraw their consent at any time . However, please note that withdrawing consent may impact the availability and functionality of our HRMS services .

Cookies and Tracking Technologies :

We may use cookies or similar tracking technologies on our website or application to enhance user experience , analyse usage patterns , and improve our services . By using our website or application, individuals consent to the use to such technologies . They may manage their cookie preferences through their browser settings .

Changes to the Privacy Policy :

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements . Significant changes will be communicated to users thorough appropriate channels . We encourage individuals to review this Privacy policy regularly for any updates .

Contact Information :

If you have any questions , concerns , or queries regarding this Privacy Policy or our privacy practices , please contact us at :

Zimyo
Email: support@zimyo.com