Data processing policy
Effective from Date: 14/12/2023
1. Introduction
This Data Processing Policy (“Policy”) explains how Relyon Softech Limited (“Relyon”, “we”, “our”, “us”) collects, processes, stores, and safeguards data provided by users through Saral applications and related services (“Services”).
Relyon acts as a dataprocessing entity for users who utilize our platforms for statutory compliance, payroll management, and human resource management activities.
This Policy applies to all Saral products, including but not limited to:
- Saral GST, Saral TDS, Saral Income Tax For return filing and statutory compliance
- Saral HRM-for employee and employer data processing related to payroll and HR operations.
2. Data Collection
Relyon collects and processes data that is necessary to deliver its Services efficiently and in compliance with applicable laws. This includes:
a. For TDS, GST, and Income Tax Return Filing:-Personally Identifiable Information (PII) such as name, contact details, PAN, TAN, and GSTIN
- Financial, transactional, and organizational details required for statutory compliance.
- Documents and records submitted for return preparation and filing.
b. For Saral HRM (Payroll and HR Management):
- Employee Information: Name, address, contact details, identification details (PAN, Aadhaar), bank account details, and attendance records
- Employer Information: Organization name, registration details, statutory numbers (EPF, ESIC, TAN), and payroll structure data
- Employment Data: Designation, department, compensation details, leave and attendance records, and statutory contribution data (PF, ESI, PT, etc.)
All data is collected directly from the users or their authorized representatives through secure interfaces within the Saral applications.
3. Purpose of Data Processing
The collected data is processed solely for legitimate business and statutory purposes, including:
- Preparation, validation, and filing of TDS, GST, and Income Tax returns
- Payroll processing, salary computation, and generation of statutory reports
- Human resource management activities such as attendance tracking, leave management, and employee record maintenance
- Compliance with applicable legal and regulatory requirements
4. Data Storage and Location
All user data is securely stored in Amazon Web Services (AWS) Relational Database Service (RDS) infrastructure.
The data is hosted within Indian borders, ensuring compliance with the applicable Indian data protection and localization requirements. Relyon ensures that the AWS RDS environment is equipped with industry-standard security features, including data encryption, restricted access, and continuous monitoring.
5. Data Retention
Relyon retains user data only for the duration necessary to fulfill the purpose of processing or to comply with legal and regulatory obligations. Once the data is no longer required, it is securely deleted or anonymized in accordance with best practices and compliance guidelines.
6. Data Security
We employ stringent administrative, technical, and physical safeguards to ensure the confidentiality, integrity, and availability of all processed data. These include, but are not limited to:
- Data encryption (in transit and at rest)
- Role-based access controls
- Secure authentication and authorization mechanisms
- Periodic security assessments and infrastructure monitoring
7. Data Sharing and Disclosure
Relyon does not sell or share personal or organizational data with any unauthorized third parties. Data may be disclosed only to:
- Authorized government systems or agencies (e.g., Income Tax Department, GSTN) for statutory compliance
- Authorized partners or service providers assisting in processing activities, under strict confidentiality and data protection agreements
8. User Rights
Users have the right to:
- Access and review their personal data processed by Relyon
- Request corrections for any inaccuracies
- Request deletion of data, subject to statutory and regulatory requirements
All such requests can be made to the Data Protection Officer as detailed below.
9. Contact Information
For any queries or concerns related to this Policy or data protection practices, please contact:
- Data Protection Officer
- Relyon Softech Limited
- legal[at]relyonsoft[dot]com
10. Policy Updates
Relyon reserves the right to modify or update this Data Processing Policy from time to time in order to align with changes in laws, regulations, or operational practices. Any updates will be published on this page with a revised effective date.
