StaffCals follows a multi-tenant architectural principle where data isolation is non-negotiable. Every instance of an organization’s hub is isolated from others, ensuring your employee master data, banking details, and payroll registers are invisible to all external parties except your authorized administrators.
To deliver our clinical payroll automation, we collect the following types of information when provided by your authorized team:
We employ bank-grade encryption protocols (AES-256) for all data at rest and TLS 1.3 for data in transit. Our infrastructure is hosted on secure cloud environments with 24/7 monitoring and automated threat detection.
StaffCals interacts with statutory platforms (like the EPFO portal) only upon direct administrative trigger for ECR exports. We do not sell, trade, or share your organizational data with third-party marketing firms.
Administrators have the absolute right to export, modify, or deactivate their organization’s data at any moment. For data deactivation, we follow a strict archival policy where data is purged after a retention period, in compliance with local labor laws.