Privacy Policy

Version 1.0 Effective Date 1/July/2025

This Privacy Policy describes how Mobius Solutions Private Limited ( we, our, or us ) collects, uses, stores, and discloses personal information of individuals ( you, your, or data subject ) when you visit our website, or use our HR and Payroll SaaS platform. Depending on the specific services provided, we may act either as a data controller (for our own business operations and platform users) or as a data processor (when processing personal information on behalf of our customers, who are the data controllers with respect to their employees or other data subjects). When acting as a data processor, our processing activities are governed by separate Data Processing Agreements executed with our customers. We are committed to protecting personal information and ensuring compliance with applicable data protection laws, including the GDPR, CCPA, and India s DPDPA.

1. Information We Collect

Information we collect can be divided into two parts

        Information visible to us this includes

        Personal information like your Name, your Company Name, Registered Email ID, Roles you have in the Application, date of account creation

        Usage data such as IP address, browser type, device information

        Information collected on the platform by the Client this covers a large set of data including but not limited to

        Personal information provided during account registration, such as name, email address, phone number, job title, and company information.

        Employment- related data input by users, including payroll records, attendance, leave, benefits, and government identifiers.

        Usage data such as IP address, browser type, device information, and access logs collected through cookies and similar technologies.

        The Client may collect additional data, including personal or sensitive personal data such as political beliefs, group memberships, and sexual orientation, by configuring custom fields within the platform. The Provider shall bear no responsibility for the collection, classification, or access control of such data, except to the extent that it is stored on the Provider s servers. In such cases, the Provider shall implement reasonable security measures in accordance with its obligations under applicable data protection laws.

2. How We Use Your Information

        The information visible to us is used for the following purposes:

o       To provide support via the chat and ticketing tools available on our website.

o       To communicate with you regarding your account, system updates, and service alerts.

o       To improve the platform through analytics and performance monitoring.

o       To comply with legal obligations and respond to lawful requests from authorities.

        Please note that the information collected on the platform by the Client (e.g., your employer or contracting party) is not controlled or processed by us for our own purposes. Such data is governed by your relationship with the Client. For more information, please refer to the applicable agreement, terms of employment, appointment letter, or related documentation provided by the Client in your capacity as an employee, intern, retainer, or business partner.

3. Legal Basis for Processing

        For users in the EEA, we process personal data based on one or more of the following legal bases:

        Performance of a contract

        Legal obligation

        Legitimate interest

        Consent (when explicitly required)

4. Sharing and Disclosure

        We do not sell personal information to third parties.

        We may share information with trusted sub-processors who assist in delivering the services, subject to confidentiality and security obligations.

        We may disclose information if required by law or to protect our rights and the safety of users.

5. International Data Transfers

        Personal data may be transferred to and processed in countries outside your jurisdiction, including to our data center in India.

        For EEA users, such transfers are governed by Standard Contractual Clauses (SCCs) or other lawful mechanisms as required by GDPR.

        The Provider acknowledges that cross-border transfer provisions under India s Digital Personal Data Protection Act, 2023 (DPDPA) may evolve as additional rules, notifications, or government-issued transfer lists are published. The Provider shall monitor such developments and, where applicable, implement necessary measures to ensure continued compliance with the applicable cross-border transfer requirements under the DPDPA. Both Parties agree to cooperate in good faith to address any regulatory changes that may affect cross-border data transfers during the term of this Agreement.

6. Data Security

        We implement appropriate technical and organizational measures including encryption, access control, and regular audits to protect personal data.

        Personally identifiable information (PII) like name, email id, phone number, family details, address etc. are encrypted and stored so that even in case of unauthorized access this information cannot be read. Other transactional data is not encrypted but is separated using a system generated key which renders it irrelevant if accessed in isolation.

        Documents / photos are stored in folders with encrypted paths which cannot be accessed from anywhere except from inside the application by authorized persons.

7. Data Retention

        As an Employee - Personal data is retained with your Employer as per the terms of your employment.

        As an Agency Personal data is retained with the Company as per the terms agreed with you.

        As a Candidate Personal data is retained with the Company as per the terms agreed with you.

        Data may be anonymized and retained for analytical purposes.

8. Your Rights

        As an Employee -

o       Your right to access, rectify, delete, or restrict the processing of your personal information will depend upon the terms and conditions agreed upon by you with your Employer who are the Data Controller / Fiduciaries.

o       To exercise your rights, contact your company HR

        As an Agency -

o       Your right to access, rectify, delete, or restrict the processing of your personal information will depend upon the terms and conditions agreed upon by you with the Company for whom you the Agency.

o       To exercise your rights, contact the Company contact person

        As a Candidate

o       Your right to access, rectify, delete, or restrict the processing of your personal information will depend upon the terms and conditions agreed upon by you with the Company when you submit your profile for consideration against a job.

o       To exercise your rights, contact the Company Recruitment team.

        To raise a request for deleting your data from our servers you can go to our website www.eazework.com and click on Data Deletion Request link on the footer. We will forward your request to the Company which is the Data Controller / Fiduciary for your record and also share their Email ID with you.

9. Children s Privacy

        Our services are not intended for individuals under the age of 16. We do not knowingly collect data from children.

        Our policy is as per applicable law, including DPDPA.

10. Changes to This Policy

This Privacy Policy forms part of the Master Services Agreement and may only be amended by mutual written agreement of both parties. Notwithstanding the foregoing, Provider may update this Privacy Policy to reflect changes in applicable laws or regulations, provided that any such changes shall not materially reduce the level of data protection afforded to Client without Client s prior written consent.

 

Your device is connected to the internet.
Your device lost its internet connection.
Please enable the background location permission on your Eazework mobile app.
Android user - click here
iOS user - click here