Your employees' data is the most sensitive asset your organisation holds. We treat it that way.
All data encrypted with AES-256 at rest and TLS 1.3 in transit. Database connections use SSL. Payslip PDFs are generated server-side and never cached in browser storage.
All data for Indian organisations is stored exclusively on servers in India (AWS Mumbai / Azure West India). No employee PII leaves Indian jurisdiction. Singapore and Malaysia data follows local residency rules.
Aadhaar numbers are never stored in the application database. We use a separate encrypted Aadhaar Data Vault with tokenisation. Only tokens are referenced in employee records.
Before any data is sent to LLM providers (Claude), all personally identifiable information is stripped. ORIS AI never sees employee names, Aadhaar, PAN, or bank details.
Every payroll event is recorded in an append-only, event-sourced ledger with hash-chain verification. Corrections are made via compensating events — history is never overwritten.
Fully compliant with the Digital Personal Data Protection (DPDP) Act, 2023. PeopleOS acts as Data Processor; your organisation remains the Data Fiduciary. Data portability requests processed within 30 days.
Our security team is happy to walk through our practices in detail.