Privacy Policy

Personal Information

We collect personal information necessary for employee portal operation and management, including:

• Staff ID, name (surname and other names), and employee identification details
• Email address and phone number for account verification and communications
• Division, institute, and organizational information
• Employee status and HR approval status
• Contact preferences and account settings

Operational Data

We collect and process data related to your use of the Employee Portal, including:

• Leave requests, approvals, and leave balance information
• Skeletal staff requests and related submissions
• Login times, portal access history, and feature usage
• System interactions and submitted forms for operational and audit purposes

Primary Uses

• Providing and maintaining Employee Portal functionality
• Processing and managing leave requests and approvals
• Handling skeletal staff requests and staffing arrangements
• Verifying employee identity and managing portal access
• Communicating important portal updates, security notices, and account information
• Ensuring system security and preventing unauthorized access
• Complying with CSIR policies and applicable regulations
• Generating reports for HR and management purposes (aggregated and anonymized where appropriate)

Data Sharing

Your personal information is not sold, rented, or shared with third parties except as required by law, for system operation (e.g., cloud service providers under strict confidentiality agreements), or with your explicit consent. Leave requests and skeletal staff submissions may be shared with authorized HR personnel, supervisors, and management as necessary for processing and approval. All third-party service providers are bound by strict data protection agreements.

Storage Location

Employee data is stored on secure servers with appropriate physical and technical safeguards. We use industry-standard security measures including encryption (both in transit and at rest), access controls, and regular security audits to protect your personal information, leave records, and skeletal staff data.

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce our agreements. Employee records, including leave history and skeletal staff records, are typically retained in accordance with CSIR retention policies and applicable regulations. Data may be archived after active use but will be securely stored and accessible as needed for compliance and operational purposes.

Access and Correction

You have the right to access, review, and correct your personal information stored in the Employee Portal. You can update most information through your profile settings, including contact details. For changes to organizational information (division, institute), please contact HR or your system administrator.

Data Portability

You may request a copy of your personal data, including leave request history, in a structured, machine-readable format, subject to applicable legal and organizational restrictions.

Deletion Requests

You may request deletion of your personal information, subject to legal, regulatory, and organizational requirements that may require us to retain certain data. Employee records, leave history, and skeletal staff records may need to be retained for compliance, audit, operational, or legal purposes even after employment termination or account closure.