Privacy Policy – Zydex Group Intranet App

Last Updated: March 9, 2026

This Privacy Policy explains how Zydex Group (“Company”, “we”, “our”, or “us”) collects, uses, stores, and protects personal information when employees, authorized users, consultants, contractors, and other permitted users access or use the Zydex Group intranet mobile application (“App”). The App is intended only for internal business use and is made available to authorized users for official work-related purposes.

1. Scope of this Policy
   This Policy applies to information collected through the App, related login processes, device interactions, and internal support activities associated with the App.
   This Policy does not apply to third-party websites, services, or systems that may be linked from the App unless they are specifically operated by Zydex Group.
2. Information We May Collect
   We may collect personal and business-related information that is necessary to provide secure access to the App and support its intended functions. This may include: user name, employee ID, designation, department, business email address, official phone number, office location, reporting manager details, login credentials or authentication identifiers, device information, operating system, app version, IP address, access timestamps, activity logs, and support requests.

Depending on the functionality enabled in the App, we may also collect information voluntarily submitted by users while using intranet features, such as attendance data, internal approvals, directory information, task updates, helpdesk requests, announcements read status, forms, or other work-related data processed through the App.

Some information may also be collected automatically when the mobile application is installed or used on a device distributed through the Google Play Store. This may include device identifiers, crash logs, usage diagnostics, and application performance information required to maintain service reliability and security.

If the App uses device permissions such as camera, file access, notifications, or biometric authentication, such permissions are used only to support authorized business features and improve security or user convenience.

3. How We Use Information
   We use the collected information to provide and manage access to the App, authenticate users, maintain system security, enable intranet features, improve performance, troubleshoot issues, communicate important updates, comply with internal policies, maintain audit trails, and meet legal or regulatory obligations where applicable.

Information may also be used for administrative reporting, resource planning, compliance monitoring, and continuity of internal operations.

4. Legal Basis and Internal Purpose
   Where applicable, information is processed for legitimate business purposes, internal administration, compliance, system security, employment-related administration, and performance of obligations connected with the user’s role or engagement with the Company.

By using the App, authorized users acknowledge that certain data processing is necessary for secure and effective operation of Company systems.

5. Sharing and Disclosure of Information
   We do not sell personal information collected through the App.

Information may be shared internally with authorized departments, management personnel, HR, IT administrators, compliance teams, or designated support staff on a need-to-know basis.

We may also share information with trusted service providers, hosting partners, cloud infrastructure providers, security vendors, analytics providers, or implementation partners who assist in operating the App, provided they are bound by confidentiality and data protection obligations.

Information may be disclosed if required by applicable law, valid legal process, regulatory direction, corporate restructuring, investigation of misuse, or protection of the rights, property, and safety of the Company and its stakeholders.

6. Data Storage and Security
   We take reasonable technical, administrative, and organizational measures to protect information against unauthorized access, disclosure, alteration, misuse, or loss. These measures may include role-based access controls, password protection, secure hosting, encryption in transit, audit logging, periodic backup, and restricted administrative access.

However, no system can be guaranteed to be completely secure, and users are also responsible for maintaining the confidentiality of their credentials and complying with internal information security policies.

7. Data Retention
   Information collected through the App is retained for as long as necessary for business operations, legal compliance, security, audit, dispute resolution, recordkeeping, or other legitimate internal purposes.

Retention periods may vary depending on the nature of the data, the module in which it is used, employment status, and applicable internal or legal retention requirements.

8. Device Permissions
   The App may request certain device permissions only when relevant features require them. For example, camera access may be used for document capture, profile update, or QR/barcode scanning; storage or media access may be used for attachment upload or download; notifications may be used for alerts, reminders, or approvals; and biometric access may be used for secure login where enabled.

Users may manage device permissions through their device settings, although disabling required permissions may affect App functionality.

9. International Transfers
   If the App or its supporting infrastructure is hosted or supported across different geographic locations, information may be processed or stored in locations outside the user’s immediate jurisdiction, subject to reasonable safeguards and internal controls.
10. User Responsibilities
    Users are expected to use the App only for authorized work-related purposes, provide accurate information where required, keep login credentials confidential, promptly report suspected unauthorized access, and comply with Company policies governing acceptable use, confidentiality, and information security.
11. Children’s Privacy
    The App is not intended for use by children. It is an internal business application made available only to authorized adult users or other permitted persons connected with the Company’s business operations.
12. Policy Updates
    We may update this Privacy Policy from time to time to reflect changes in the App, business operations, legal requirements, or security practices. The updated version may be posted on the Company website or made available through the App, and the revised effective date will be updated accordingly.
13. Contact Information
    For any privacy-related questions, requests, or concerns regarding this Policy or the App, users may contact:

Zydex Group
Website: https://zydexgroup.com
Email: info@zydexgroup.com
Address: Zydex House, 61, Gotri, Vadodara, Gujarat, India