Overview
G.R. Systems ("we," "our," or "the Company") is committed to protecting the privacy and security of all individuals who use the GRS Monit application. GRS Monit is an HR resource monitoring application designed for use within organisations — installed and administered by employers to manage and monitor workforce activity.
This Privacy Policy applies to all data collected through the GRS Monit Android application available on the Google Play Store. By downloading, installing, or using GRS Monit, you agree to the terms described in this policy.
GRS Monit is deployed and configured by organisations (employers/administrators). If you are using GRS Monit as an employee or team member, your organisation is the primary data controller. Please also refer to your organisation's own data policies for complete information.
This policy covers data collected when you use GRS Monit, including data collected automatically, data you provide directly, and data processed as part of the monitoring functionality the app is designed to provide.
Data We Collect
GRS Monit collects the following categories of data to provide its HR monitoring and workforce management functionality:
2.1 Account & Identity Data
| Data Type | What We Collect | Why It's Needed |
|---|---|---|
| Full Name | First and last name of the registered user | Employee identification and display within dashboard |
| Employee ID | Organisation-assigned employee identifier | Linking activity records to the correct staff member |
| Email Address | Work or personal email used for registration | Account authentication, notifications, and communications |
| Phone Number | Mobile number (optional) | Account recovery and emergency contact features |
| Department / Role | Job title and department assignment | Organisational structuring and report segmentation |
| Profile Photo | User-uploaded profile image (optional) | User identification within the dashboard interface |
2.2 Attendance & Activity Data
| Data Type | What We Collect | Why It's Needed |
|---|---|---|
| Login / Logout Time | Timestamps of app session start and end | Attendance tracking and shift management |
| Check-in / Check-out | Daily check-in and check-out timestamps | Attendance and punctuality records |
| Active / Idle Status | Current availability status (Active, Away, Offline) | Real-time workforce availability monitoring |
| Task Logs | Tasks assigned, started, completed, or flagged | Workload tracking and productivity analysis |
| Work Hours | Daily and weekly working hour summaries | Resource utilization reporting and payroll support |
| Leave & Absence Records | Leave requests, approvals, and absence markers | HR records management and team planning |
2.3 Device & Technical Data
| Data Type | What We Collect | Why It's Needed |
|---|---|---|
| Device Model | Android device make and model | Compatibility diagnostics and bug tracking |
| OS Version | Android operating system version | App optimisation and compatibility assurance |
| App Version | Installed version of GRS Monit | Update management and version-specific support |
| Device Identifier | Anonymised device token (Firebase/FCM) | Push notification delivery |
| Network Type | Wi-Fi or mobile data connection type | Connection quality optimisation |
| Crash & Error Logs | App crash reports and error diagnostics | Stability improvements and bug resolution |
2.4 Location Data
GRS Monit may request location permissions in the following limited scenarios:
- When an organisation enables geo-fencing features to verify on-site attendance at designated locations
- When check-in verification requires location confirmation (configurable by the administrator)
- Location data is only collected when these specific features are enabled by the organisation administrator and is not collected continuously
Location access is optional and only used when explicitly enabled by your organisation. You will be informed before the app requests location access. You can deny location access without losing core app functionality.
2.5 Data We Do NOT Collect
- We do not access, read, or store your personal messages, emails, or phone calls
- We do not access your device camera, microphone, or media files without explicit permission for a specific feature
- We do not collect financial information, credit card numbers, or banking data
- We do not collect data from personal apps installed on your device
- We do not track your internet browsing history or activity outside the GRS Monit app
How We Use Your Data
All data collected through GRS Monit is used solely for the following purposes:
3.1 Core Application Functionality
- Providing real-time employee status and availability information to authorised administrators
- Generating attendance records, work-hour summaries, and productivity reports
- Enabling task assignment, tracking, and completion monitoring
- Sending push notifications for alerts, task updates, and announcements
- Supporting leave management and absence tracking workflows
3.2 App Improvement & Support
- Diagnosing and resolving technical issues, crashes, and bugs
- Analysing anonymised usage patterns to improve app performance and UX
- Providing customer support and technical assistance
- Testing new features and releases
3.3 Legal & Compliance
- Complying with applicable Indian laws and regulations, including the Information Technology Act, 2000
- Responding to lawful requests from government or judicial authorities
- Enforcing our Terms of Service and protecting the rights of users and the company
We do not sell, rent, or trade your personal data to any third party for marketing or commercial purposes. Data is used only as described in this policy.
Data Sharing & Disclosure
GRS Monit shares data only in the limited circumstances described below:
4.1 Within Your Organisation
Your activity data, attendance records, and status information is visible to authorised administrators and managers within your organisation, as defined by the roles configured in the GRS Monit system. This is the primary purpose of the application.
4.2 G.R. Systems Service Providers
We may share technical data with trusted third-party service providers who assist in operating GRS Monit. These providers are bound by strict data protection agreements and are only permitted to use data for the specific service they provide:
- Cloud Hosting Services — for secure data storage and infrastructure
- Firebase (Google) — for push notifications and crash reporting
- Analytics Tools — for anonymised, aggregated usage analytics only
4.3 Legal Requirements
We may disclose your information when required by law, court order, or governmental authority in India, or when we believe in good faith that disclosure is necessary to protect the safety of any person, prevent fraud, or enforce our terms.
4.4 Business Transfers
In the event of a merger, acquisition, or sale of G.R. Systems, user data may be transferred to the successor organisation. We will notify affected users before any such transfer takes place and ensure the new entity maintains equivalent privacy protections.
GRS Monit does not contain any advertising. We do not share your data with advertising networks, data brokers, or any party for commercial targeting purposes.
Data Storage & Security
5.1 Where Data is Stored
Data collected by GRS Monit is stored on secure servers. G.R. Systems primarily processes and stores data within India, in compliance with Indian data protection laws including the Information Technology Act, 2000, and the Digital Personal Data Protection Act, 2023 (DPDPA).
5.2 Security Measures
We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, destruction, or alteration:
- HTTPS/TLS encryption for all data transmitted between the app and our servers
- Encrypted data storage with access controls and role-based permissions
- Regular security audits and vulnerability assessments
- Password hashing — we never store plaintext passwords
- Multi-factor authentication options for administrator accounts
- Secure API endpoints with token-based authentication
While we take all reasonable steps to secure your data, no method of transmission or storage over the internet is 100% secure. We encourage users to use strong passwords and report any suspicious activity to us immediately.
Data Retention
We retain personal data only for as long as necessary to fulfil the purposes described in this policy, or as required by law:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account & Profile Data | Duration of employment + 6 months | Active account management |
| Attendance & Activity Logs | 3 years from record date | HR compliance and audit requirements |
| Task & Work Records | 2 years from record date | Performance review and project history |
| Crash & Technical Logs | 90 days | Bug resolution and quality assurance |
| Location Data | 30 days (if feature is enabled) | Attendance verification only |
| Deleted Account Data | 30 days post-deletion | Account recovery grace period |
Upon the expiry of the applicable retention period, data is either permanently deleted or anonymised so that it can no longer be linked to an individual.
Third-Party Services
GRS Monit integrates with the following third-party services. Each operates under its own privacy policy:
| Service | Provider | Purpose |
|---|---|---|
| Firebase Cloud Messaging | Google LLC | Push notification delivery to Android devices |
| Firebase Crashlytics | Google LLC | Crash reporting and stability diagnostics |
| Google Play Services | Google LLC | App distribution, updates, and licensing |
| Cloud Hosting | G.R. Systems / Provider TBD | Secure backend data storage and API services |
We encourage you to review the privacy policies of these third-party providers. G.R. Systems is not responsible for the privacy practices of third parties, though we carefully vet all providers before integration.
Children's Privacy
GRS Monit is designed exclusively for use in professional and enterprise workplace environments. The app is not directed at, or intended for, any person under the age of 18.
We do not knowingly collect personal information from individuals under 18. If we become aware that a minor has provided us with personal information, we will take immediate steps to delete such information. If you believe a minor has provided data through our app, please contact us immediately at admin@grsystems.co.in.
Your Rights
Under applicable Indian data protection laws including the Digital Personal Data Protection Act, 2023 (DPDPA), you have the following rights regarding your personal data:
How to Exercise Your Rights
To exercise any of these rights, please submit a written request to our Data Protection contact at admin@grsystems.co.in. We will respond to all verified requests within 30 days as required by applicable law.
If you are using GRS Monit as part of your employment, some data rights may be exercised through your organisation's HR department. Your employer, as the data controller, may have specific procedures for data access requests. We recommend contacting your HR team alongside submitting a request to us.
Changes to This Policy
G.R. Systems reserves the right to update or modify this Privacy Policy at any time. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page
- Display a notice within the GRS Monit application informing users of the change
- Where required by law, notify users via email or in-app notification at least 14 days before the changes take effect
Your continued use of GRS Monit after any changes to this Privacy Policy constitutes your acceptance of the updated terms. If you do not agree with any changes, you should discontinue use of the application and contact your administrator.
We encourage you to review this page periodically to stay informed about how we are protecting your information. All previous versions of this policy are available upon request.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact G.R. Systems using the details below. We take all privacy inquiries seriously and aim to respond within 30 days.