Privacy Policy

1. Information We Collect

We collect the following categories of information depending on your role (Employer/Admin, Employee/User, Partner) and the platform used.

1.1. Information You Provide

• Name, phone number, email address
• Business name, GST number, EIN, or other business identifiers
• Employee records provided by employers
• Work schedules, attendance information
• Communication content sent through chat, support, or forms
• Payroll and compliance data (if using payroll features)

1.2. Information Collected Automatically

Website, Web App, and App Usage:

• IP address, device ID, browser type, operating system
• Pages viewed, clicks, referring URLs
• Cookies and analytics data
• App version, crash logs, performance data

1.3. Precise and Background Location Data (Employees)

Collected only when allowed by the employer and with employee consent:

• Real-time GPS location
• Background location when clocking in/out
• Geo-fencing and geo-tracking data used for attendance validation
• Worksite location mapping

We do NOT track employees outside work-related activities as defined by their employer.

1.4. Financial Information

(Only when payroll, early salary, or financial services are used)

• Bank account details
• UPI/ACH payment details
• Transaction history
• Salary disbursement records

We do not store full credit/debit card numbers

1.5. Communications & Support

• Call, chat, and email logs
• Tickets and support messages
• Business documents voluntarily uploaded

1.6. SMS/Mobile Data

• Data Sharing: You must explicitly state that mobile phone numbers and consent data will not be shared or sold to third parties for marketing purposes. This is a common reason for application rejection.
• Data Collected: Mention that you may collect delivery status and interaction data (such as which buttons users clicked in the RCS message).

2. How We Use Your Information

We use personal data to:

2.1. Provide and Operate the TrueTym Platform

Collected only when allowed by the employer and with employee consent:

• Attendance, scheduling, and timesheets
• Payroll management
• Workforce analytics
• GPS-based attendance verification
• Notifications and alerts

2.2. For Employers

We process employee data on behalf of employers as a data processor/vendor.

Employers are responsible for obtaining employee consent under the DPDP Act.

2.3. Improve, Secure, and Customize the Service

• Enhancing accuracy of GPS and geo-fencing
• Fraud and anomaly detection
• AI-based insights and recommendations
• Debugging and performance optimization

2.4. Legal & Compliance

• Respond to lawful requests
• Maintain security and audit logs
• Prevent unauthorized access or misuse

3. Legal Basis for Processing

We process personal data based on:

• Consent (DPDP Act)
• Contractual necessity (providing workforce services)
• Legitimate business interest (improving & securing the platform)
• Compliance with law (tax, labor, payment regulations)

4. How We Share Information

We may share data with:

4.1. Employers

Employee data entered into the system is shared with their employer/admins.

4.2. Service Providers

• Cloud hosting (AWS/GCP/Azure)
• SMS and email gateways
• Payment processors
• Compliance partners
• Analytics tools (with IP anonymization where required)

All service providers follow strict confidentiality agreements.

4.3. Legal Requirements

We may disclose data if required by:

• Court order
• Government authority
• Applicable laws (India, US)

4.4. Business Transfers

If TrueTym undergoes a merger, acquisition, or restructuring, user information may be transferred with appropriate safeguards.

5. Data Retention

We retain personal data:

• As long as the account is active
• As required by law (tax, payroll, compliance)
• For legitimate business purposes (audit logs, security)

Employers may request deletion of employee data after their business relationship ends.

6. Cookies & Tracking Technologies

We use cookies for:

• Authentication
• Analytics
• Security
• User experience personalization

Users can manage cookies through their browser settings.

7. Data Security

We use industry-standard security measures:

• Encryption (in-transit & at rest)
• Role-based access controls
• Multi-factor authentication (MFA)
• Secure cloud infrastructure
• Routine audits and monitoring

Despite these measures, no system is 100% secure.

8. International Data Transfers

Data may be stored or processed in:

• India
• United States
• Other global data centers used by our cloud partners

We ensure adequate protection and contractual safeguards (including SCCs where applicable).

9. Your Rights

Under India’s DPDP Act:

• Right to access
• Right to correction
• Right to erasure
• Right to grievance redressal
• Right to withdraw consent (may limit certain features)

Under U.S. State Privacy Laws (CCPA/CPRA):

• Right to know
• Right to deletion
• Right to correction
• Right to opt-out of data sharing
• Right to non-discrimination
• Right to access information collected in the last 12 months

To exercise these rights, contact:

privacy@truetym.com

10. Children’s Privacy

TrueTym is not intended for users under 18 years unless part of a workforce and registered by their employer as per applicable labor laws.

We do not knowingly collect data directly from minors.

11. Third-Party Links

Our platform may contain links to third-party websites. We are not responsible for their content or privacy practices.

12. Changes to This Policy

We may update this Privacy Policy periodically.

The latest version will always be posted on our website with the “Effective Date.”

13. Contact Us

For any privacy-related questions or requests:

• privacy@truetym.com
• TrueTym Inc., 828 E Market St, Louisville KY 40206 USA
• www.truetym.com