Legal
Privacy Policy
Last updated: 15 April 2026 · Effective: 15 April 2026
The short version. We collect only what we need to run PeoplePulse for you. We don't sell your data. We don't share it with advertisers. We store it in India. We encrypt it. We delete it when you ask us to. For worker data specifically, read this alongside our
DPDP Disclosure.
1. Scope
This Privacy Policy covers personal data of:
- Website visitors (anyone browsing peoplepulse.co.in or app.peoplepulse.co.in).
- Customers (the person who signs up as the account admin for a company).
- Customer users (HR officers, supervisors, finance team added by the account admin).
For worker data (your employees whose attendance and payroll we process), please also read our DPDP Disclosure — under the DPDP Act, 2023, you are the Data Fiduciary and we are the Data Processor.
2. What we collect
| Category | Examples |
|---|
| Account data | Name, business email, phone, company name, GSTIN, billing address |
| Payment data | Handled by Razorpay. We see the last 4 digits of your card and the transaction ID only. We never store your full card / UPI PIN / CVV. |
| Usage data | Pages visited, clicks, session length, device type, IP address, browser info |
| Cookies | Functional cookies (login session, preferences) and analytics cookies (aggregated & anonymised) |
| Communications | Emails you send us, WhatsApp messages, support chats |
3. How we use it
- Deliver the Services you've subscribed to.
- Bill you, issue tax invoices, and collect payment.
- Send transactional emails (receipts, system alerts, security notices).
- Send occasional product updates and compliance advisories (you can unsubscribe anytime — the unsubscribe link works).
- Prevent fraud, debug errors, and improve platform security.
- Comply with applicable laws and respond to lawful requests from Indian authorities.
4. What we do NOT do
- We do not sell personal data — not ever.
- We do not share personal data with advertisers or data brokers.
- We do not use worker biometric data for any purpose outside attendance verification.
- We do not track you across other websites.
5. Who we share it with
We share personal data only with:
- Sub-processors who operate the platform under strict data-processing agreements — cloud hosting (in India), email delivery, SMS / WhatsApp, payment gateway (Razorpay). Current list on request.
- Professional advisors — our CA, lawyer, auditor — under confidentiality.
- Authorities, when compelled by a valid legal notice. We narrow disclosure to what the law requires.
6. Security
- TLS 1.2+ encryption in transit; AES-256 encryption at rest.
- Servers in India. Role-based access. All admin access logged.
- Passwords stored as salted hashes; MFA available and recommended.
- Regular backups; periodic vulnerability scans and penetration tests.
7. Retention
- Account data: for the life of your subscription + 90 days.
- Billing records: 8 years (to comply with the Income Tax Act and Companies Act retention requirements).
- Worker data: see the retention schedule in our DPDP Disclosure.
- Support communications: 24 months.
8. Your rights
You can ask us at any time to:
- Confirm what personal data we hold about you.
- Correct or update inaccurate personal data.
- Delete your personal data (subject to statutory retention obligations).
- Export your personal data in a common, machine-readable format.
- Opt out of non-essential communications.
Email admin@peoplepulse.co.in. We respond within 30 days.
9. Cookies
We use a small number of cookies. Essential cookies (login session, CSRF protection) are always on. Analytics cookies are aggregated and anonymised. We do not set third-party advertising cookies. You can clear or block cookies from your browser settings at any time; some features may not work without essential cookies.
10. Children
PeoplePulse is a business-to-business platform. It is not intended for use by anyone under 18, and we do not knowingly collect personal data of minors. Under the DPDP Act, if worker data of any person below 18 is processed, verifiable parental consent is required — that obligation rests with you as Data Fiduciary.
11. International transfers
We store and process personal data in India. We do not transfer data outside India. Any future change is notified in advance.
12. Grievance officer
Our Grievance Officer under the Information Technology Act, 2000 and the DPDP Act, 2023 can be reached at:
Grievance Officer — PeoplePulse
Email: grievance@peoplepulse.co.in
WhatsApp: +91 91577 39743
Response window: within 30 days.
13. Changes to this policy
Material changes are notified on the dashboard and by email at least 15 days before they take effect.
14. Contact
Questions? Email admin@peoplepulse.co.in.
© 2026 PeoplePulse. All rights reserved.