Security & Compliance
HR data is among the most sensitive data an organisation holds. TiStepsHRTech is built with tenant isolation, role-based access, audit trails, and India statutory readiness from the ground up.
How we protect your data
Tenant Isolation
Every customer's data is strictly separated with per-tenant boundaries and scoped access. One organisation can never see another's data.
Authentication & Access
Token-based authentication with role-based access control. Tokens are never persisted in browser storage in the tenant app.
Role-Based Permissions
Access is scoped by role across HR, payroll, and operations, with field-level controls for sensitive information.
Audit Trails
Sensitive actions and AI-assisted decisions are logged for review, with explainability available on assisted outcomes.
Data Protection
Encrypted data at rest, safe and versioned schema evolution, and soft-delete so records are recoverable, not silently lost.
Privacy by Design
Sensitive HR identifiers are handled carefully and kept out of logs, with data minimisation built into the architecture.
India statutory readiness
Statutory components are configurable per location, so payroll stays compliant as you operate across states.
Employee and employer PF contributions with configurable wage ceilings.
ESI eligibility and contribution handling based on wage thresholds.
State-wise professional tax slabs configured per location.
Periodic LWF contributions where applicable by state.
Tax deduction at source on salary with declarations and projections.
Settlement processing including leave encashment on exit.
A note on certifications
This page describes the security posture built into the product architecture. Formal certifications and external audit reports are published only once completed — we don't claim certifications we don't hold. If you have specific compliance requirements, our team is happy to walk through our controls in detail.