Security & Compliance
Enterprise-grade security, built in.
Your employee, payroll, and HR data is protected with industry-standard security practices.
Security & Compliance
Enterprise-Grade Security & Compliance
Your employee, payroll, and HR data is protected with industry-standard security practices.
GDPR Ready
Privacy-first data handling practices.
DPDP Act Ready
Aligned with India's Digital Personal Data Protection requirements.
256-bit SSL Encryption
Secure communication using HTTPS encryption.
Role-Based Access Control
Restrict access based on employee roles and permissions.
Secure Cloud Infrastructure
Hosted on reliable and secure cloud infrastructure.
Daily Data Backups
Automated backups for business continuity.
Audit Logs
Complete activity tracking and audit history.
Data Encryption at Rest
Sensitive data remains encrypted while stored.
How we protect your data
Six pillars, every plan.
Security isn't an add-on or an enterprise tier. It's how SignHR is built — for every team, from day one.
Data Security
Your data is encrypted the moment it leaves a device and stays encrypted while we hold it.
- TLS 1.2+ on every connection, HSTS enforced.
- Sensitive data encrypted at rest.
- Each workspace isolated in its own database.
Infrastructure
Hosted on hardened, reputable cloud infrastructure with India-region data residency.
- Managed cloud hosting in the ap-south-1 (India) region.
- Network isolation and least-privilege service access.
- Continuous monitoring and automated patching.
Access Control
People see only what their role allows — and you stay in control of who that is.
- Granular role-based permissions, down to the module.
- Token-based auth scoped to a single workspace.
- Admins manage roles, access, and offboarding centrally.
Backup & Recovery
Automated backups and documented recovery so your data is never one mistake from gone.
- Automated daily database backups.
- Versioned object storage for uploaded files.
- Documented, tested recovery procedures.
Compliance
Privacy-by-design practices aligned with the regulations that matter for Indian teams.
- GDPR-aligned data handling.
- Aligned with India's Digital Personal Data Protection (DPDP) Act.
- Data Processing Agreement available on request.
Privacy
Your data is yours. We collect only what we need, and we never sell it.
- Export or delete your data on request.
- We never sell or rent customer data.
- Configurable retention windows.
Read the fine print.
The policies and agreements behind how we handle your data.
