Purpose
This Privacy Policy defines the approach of Noryaan Systems LLP (“the Company,” “we,” “us,” or “our”) to securing the Personally Identifiable Information (“PII”) of all personnel we engage with, including employees, contractors, suppliers, and clients. The policy governs the collection, processing, storage, and transmission of such information.

The Company enforces this policy organization-wide to ensure that PII is not disclosed to any third party without the explicit consent of the individual, as detailed herein. This document also serves to educate our team on the critical importance of data protection and privacy.

Any violation of this policy, whether accidental or willful, may result in disciplinary action, up to and including termination of employment or partnership.

Why We Collect Personal Information?
Personal Data refers to any information relating to an identifiable living individual. We collect personally identifiable information solely for employment and professional engagement purposes.

What Information We Collect and How We Use It
The Company may collect “Personal Information,” which identifies you as an individual or relates to an identifiable person. Categories of Personal Information we may collect include:

• Name and contact details (email, physical address, home, and mobile numbers).
• Job search preferences, employment history, educational background, skills, and references.
• Information contained in your resume or application.
• Any login credentials created for our systems.
• Information required to verify identity and employment eligibility, such as government-issued IDs, proof of address, relevant certificates, and background verification reports (including criminal records and drug tests, where applicable).

By providing your mobile number, you opt-in to receive communications from us, which may include text messages sent via automated systems.

This information is stored in secure, cloud-based systems for future reference, with retention periods outlined later in this policy.

How We Collect This Information
We collect this information through:

• Partner job portals where candidates publicly post their resumes.
• Direct submission during interviews and the subsequent employment onboarding process.

By submitting your information through a partner portal or directly to us, you consent to the portal’s or our terms and provide permission for the sharing and processing of your data for employment-related purposes.

Where We Store This Information
All employee documentation and related data are stored in secure, cloud-based environments accessed by our Human Resources department to manage onboarding and employment records. Relevant information is also stored within our payroll processing software for compensation purposes.

Consent
We seek explicit consent from candidates and employees to collect and process their personal data. The provision of accurate information and consent is a necessary part of our screening and onboarding process. Without it, we cannot proceed with employment or engagement.

Security
We employ robust security measures to protect your data:

• Data is stored on cloud platforms with strong encryption (TLS 1.2 or higher).
• We implement reasonable administrative, technical, and physical safeguards, including role-based access controls, CCTV, restricted printing, and encrypted company devices.
• HR operations are conducted in a physically secure, access-controlled area with dedicated, secure equipment.

Documents, Records, and Retention Period

We retain personal information only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law.

• Employee Files (Exited Employees): These records are retained for a period of 7 years following the end of employment to comply with statutory and legal obligations. After this period, they are securely destroyed.
• Qualified Candidates (Not Hired): Information for candidates who were qualified but not selected for a role may be retained for a reasonable period for future opportunities, unless deletion is requested. This retention is subject to periodic review.
• Non-Qualified Candidates: Applicant data for individuals not meeting the initial criteria for a role is typically destroyed within 6 months of the application or recruitment cycle conclusion.
• Payroll Records: All payroll-related information is retained for the duration mandated by applicable financial and labor laws.

Request for Data Deletion or Access/Correction

Individuals have the right to request access to, correction of, or deletion of their personal information. To do so, please send a written request verifying your identity to:
Noryaan Systems LLP
5WS3 Mani Casadona, Newtown,
Kolkata, West Bengal 700160
Email: info@noryaan.com

We will action verified requests within 30 days of receipt.

Data Handling Upon Exit
PII of former personnel is retained only as long as necessary to fulfill legal, statutory, or contractual obligations, after which it is securely disposed of.

Enforcement
We maintain a formal management system to ensure the enforcement of this policy and the ongoing protection of all personal information in our care.

Data Breach Response
In the event of a suspected or actual data breach, all personnel must immediately notify their designated manager and the HR lead. The responsible managers will take urgent steps to contain the breach, assess the risk, and initiate recovery procedures. If data is compromised, senior management will be informed, and appropriate actions will be taken, which may include notifying affected individuals and relevant authorities. A root cause analysis and mitigation plan will be developed to prevent recurrence.

Contact Us
For questions, complaints, or to update your personal information, please contact us at:

Noryaan Systems LLP
5WS3 Mani Casadona, Newtown,
Kolkata, West Bengal 700160
Email: info@noryaan.com

Please note: Email communication is not inherently secure. Avoid sending highly sensitive information (e.g., full ID numbers, financial details) via unencrypted email.

Policy Review
This Privacy Policy is reviewed biannually and updated as necessary to comply with changes in law, technology, and industry best practices, ensuring our commitment to data protection remains current and effective.