Legal & Compliance

Privacy Policy

Last updated: May 25, 2026

1. Introduction

At WikiWorks, we respect your privacy and are committed to protecting the personal data of our customers, contract workers, and visitors. This Privacy Policy explains how we collect, use, store, and share information when you use our SaaS applications, platforms, integrations, and websites (collectively, the "Service").

By using the Service, you consent to the collection and use of information in accordance with this policy. For the purposes of applicable data protection laws, WikiWorks acts as a Data Processor with respect to Customer Data, and our clients act as the Data Controllers.

2. Information We Collect

We collect several types of information to provide and improve our services:

  • Account Information: Name, email address, corporate phone number, company details, and billing information.
  • Worker Onboarding Data: Full name, contact details, emergency contacts, professional details, and government-issued IDs (such as Aadhaar cards for VYN India, SSNs and Form I-9 documents for VYN USA) uploaded by employers or vendors.
  • Biometric Data: Facial photographs and facial recognition templates used for biometric identity verification at attendance terminals (subject to explicit worker consent).
  • Usage and Technical Data: IP addresses, browser types, device information, operating systems, and platform interaction logs collected automatically via internal diagnostics and analytics.

3. How We Use Information

We use the collected data for the following business purposes:

  • To operate, deliver, and maintain the core features of the WikiWorks platform.
  • To automate contractor onboarding and verify worker identities using biometric matching.
  • To track statutory compliance (such as PF, ESIC, CLRA in India) and generate audit-ready reports.
  • To integrate with enterprise systems (like UKG Pro/Ready and other HRIS) via our Boomi iPaaS integration layer.
  • To communicate with users about system updates, feature releases, and customer support queries.

4. Data Sharing and Integrations

We do not sell your personal data. We only share information in the following limited circumstances:

  • With Third-Party Integrations: Data is shared with partner applications (e.g., UKG platforms, Boomi runtime, third-party payroll engines) as configured and authorized by the Customer.
  • With Service Providers: Subprocessors, hosting providers (AWS), and billing gateways who process data on our behalf under strict confidentiality agreements.
  • For Legal Compliance: When required by law, subpoena, or government authority to comply with regulatory audits and legal processes.

5. Biometric Data Protection Policy

WikiWorks provides optional facial recognition modules to verify attendance and reduce buddy punching on shop floors. Regarding biometric templates:

  • Consent: Biometric enrollment is voluntary and requires explicit consent from the worker, as coordinated by the Customer (employer).
  • Security: Facial templates are converted into mathematical representations (hashes) and encrypted. Raw photos are not stored for biometric comparison purposes once templates are generated.
  • Retention: Biometric templates are retained only for as long as the worker remains active on the client's roster, and are permanently deleted within thirty (30) days of contract termination or as required by local regulations.

6. Data Security and Safeguards

We employ enterprise-grade security standards to protect all Customer Data. This includes TLS encryption for data in transit, AES-256 encryption for data at rest, role-based access control (RBAC), and network firewalls. We conduct periodic security assessments and penetration tests to identify and remediate vulnerabilities.

7. International Data Transfers

WikiWorks operates globally, with offices in India and the United States. Information may be transferred to, and processed in, countries outside your state, province, or country. We ensure that such transfers comply with applicable data protection laws, including the use of Standard Contractual Clauses (SCCs) and data transfer agreements between our global entities.

8. Data Retention and Deletion

We retain Customer Data for as long as Customer's subscription is active, or as needed to fulfill the operational purposes detailed in this policy. Upon subscription termination, we will delete or return all Customer Data within ninety (90) days, unless statutory obligations require longer retention (such as tax or labor audits).

9. Your Rights under GDPR and CCPA

Depending on your location, you may have rights under the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA). These include:

  • The right to access and receive a copy of your personal data.
  • The right to request rectification of inaccurate data or deletion of your personal data.
  • The right to object to or restrict processing of your personal data.
  • The right to data portability.
  • To exercise these rights, please contact your employer (the Data Controller) or contact us at legal@wikiworks.com.

10. Contact Us

For questions, clarifications, or requests related to this Privacy Policy, please contact our Data Protection Officer at:

  • Email: privacy@wikiworks.com
  • Physical Address: 4th Floor, #307, Kalyan Nagar, Bengaluru - 560043, India