Privacy Policy

CSIR Employee Portal

Data Collection
What employee information we collect and why

Personal Information

We collect personal information necessary for employee portal operation and management, including:

  • Staff ID, name (surname and other names), and employee identification details
  • Email address and phone number for account verification and communications
  • Division, institute, and organizational information
  • Employee status and HR approval status
  • Contact preferences and account settings

Operational Data

We collect and process data related to your use of the Employee Portal, including:

  • Leave requests, approvals, and leave balance information
  • Skeletal staff requests and related submissions
  • Login times, portal access history, and feature usage
  • System interactions and submitted forms for operational and audit purposes
How We Use Your Data
Purpose and usage of collected employee information

Primary Uses

  • Providing and maintaining Employee Portal functionality
  • Processing and managing leave requests and approvals
  • Handling skeletal staff requests and staffing arrangements
  • Verifying employee identity and managing portal access
  • Communicating important portal updates, security notices, and account information
  • Ensuring system security and preventing unauthorized access
  • Complying with CSIR policies and applicable regulations
  • Generating reports for HR and management purposes (aggregated and anonymized where appropriate)

Data Sharing

Your personal information is not sold, rented, or shared with third parties except as required by law, for system operation (e.g., cloud service providers under strict confidentiality agreements), or with your explicit consent. Leave requests and skeletal staff submissions may be shared with authorized HR personnel, supervisors, and management as necessary for processing and approval. All third-party service providers are bound by strict data protection agreements.

Data Storage and Security
How we protect your employee information

Storage Location

Employee data is stored on secure servers with appropriate physical and technical safeguards. We use industry-standard security measures including encryption (both in transit and at rest), access controls, and regular security audits to protect your personal information, leave records, and skeletal staff data.

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce our agreements. Employee records, including leave history and skeletal staff records, are typically retained in accordance with CSIR retention policies and applicable regulations. Data may be archived after active use but will be securely stored and accessible as needed for compliance and operational purposes.

Your Rights
Your rights regarding your personal data

Access and Correction

You have the right to access, review, and correct your personal information stored in the Employee Portal. You can update most information through your profile settings, including contact details. For changes to organizational information (division, institute), please contact HR or your system administrator.

Data Portability

You may request a copy of your personal data, including leave request history, in a structured, machine-readable format, subject to applicable legal and organizational restrictions.

Deletion Requests

You may request deletion of your personal information, subject to legal, regulatory, and organizational requirements that may require us to retain certain data. Employee records, leave history, and skeletal staff records may need to be retained for compliance, audit, operational, or legal purposes even after employment termination or account closure.

Contact Us
Questions about privacy or data protection

If you have questions, concerns, or requests regarding this privacy policy or how we handle your personal information in the Employee Portal, please contact us:

Privacy Contact:

Email: info@csirstrategicplan.org

We will respond to your inquiry within a reasonable timeframe and in accordance with applicable regulations.

Policy Updates
Changes to this privacy policy

This privacy policy may be updated periodically to reflect changes in our practices, technology, legal requirements, or for other operational, legal, or regulatory reasons. Significant changes will be communicated to employees through the portal, email notifications, or other appropriate channels.

Last Updated: February 18, 2026