Privacy Policy
Effective date: 18 June 2026 · Last updated: 29 June 2026
1. Introduction
Workzent is an intelligent enterprise HRMS and business operations platform developed and operated by Aimzent Private Limited ("Aimzent", "we", "us", or "our"), a company incorporated under the laws of India. Workzent is an enterprise-only platform — accounts are created and managed exclusively by employer organizations. Public self-registration is not available.
This Privacy Policy explains what personal information we collect, why we collect it, how we use and protect it, and your rights with respect to that information when you access or use the Workzent platform (the "Platform") as an employee, administrator, or authorized user of a subscribing organization.
By using the Platform, you acknowledge that you have read and understood this Privacy Policy. If you have any questions, contact us at support@workzent.com.
2. Information We Collect
We collect the following categories of information to operate and improve the Platform:
- Personal identifiers: Name, employee ID, work email address, phone number, department, and designation — provided by your employer during account creation.
- Operational data: Attendance check-in/out records, leave requests and approvals, expense claims, payroll details, task assignments, and performance data generated through normal Platform use.
- Device and technical information: IP address, device model, operating system, app version, browser type, and session logs collected automatically for security and diagnostics.
- Location data: Precise GPS coordinates captured only during attendance punch events for geofencing and fraud prevention. Location is not tracked continuously in the background.
- Camera and face data: Live selfie images captured during face-verified attendance, and the face templates derived from them. This data is used for identity verification and is retained as described in Section 6 (Face Check and Face Data).
- Voice and audio data: When you use voice input features (such as dictating notes, commands, or W-Cobalt AI queries), your voice is recorded through your device microphone, transmitted to our speech-to-text processing service, and converted into text. The resulting text is used to operate the requested feature within the app. Raw audio recordings are not stored after transcription is complete and are not shared with third parties for any purpose other than transcription.
- AI Assistant data: Messages and queries you send to W-Cobalt AI — whether typed or transcribed from voice — are processed in real time by our AI infrastructure to generate responses. Conversation history may be retained to improve response quality, subject to your organization's settings.
- Financial and compliance records: Invoice data, reimbursement records, and audit logs required for your organization's statutory compliance obligations.
3. How We Use Your Information
We use the information we collect for the following purposes:
- Delivering and operating all Platform features including HRMS, attendance, payroll, expenses, and W-Cobalt AI.
- Verifying identity during attendance and security-sensitive operations.
- Generating reports, analytics, and dashboards for authorized administrators within your organization.
- Detecting and preventing fraudulent, unauthorized, or abusive activity.
- Fulfilling your organization's legal, regulatory, and audit obligations.
- Providing customer support and responding to inquiries.
- Improving, testing, and developing new Platform features and AI capabilities.
- Sending system notifications, security alerts, and service announcements.
4. App Permissions
The Workzent mobile app requests the following device permissions. All permissions are used solely for the stated purpose:
- Camera: Required — captures selfie for face-verified attendance check-in/out.
- Precise Location: Required — validates that punch events occur within authorized geofenced zones.
- Notifications: Optional — in-app alerts for approvals, shift reminders, and important system messages.
- Storage / Media: Optional — allows attaching photos to expense claims or leave requests.
- Microphone: Required for voice features — the app records your voice to convert speech to text for use within the app (e.g., voice commands, W-Cobalt AI dictation, note entry). Audio is processed solely for transcription and is not stored, shared, or used for any other purpose. You may deny this permission; doing so disables voice input features but does not affect other Platform functionality.
You may deny or revoke permissions through your device settings at any time. Revoking required permissions may limit certain Platform features such as attendance verification.
5. AI Features and Third-Party AI Processing
Workzent includes AI-assisted features, including W-Cobalt AI, to help users with workplace actions such as attendance, leave, field activity, expenses, approvals, and other work-related requests.
When a user chooses to use W-Cobalt AI, Workzent may process and transmit the following data to a third-party AI service provider — currently Anthropic, PBC (the provider of Claude) — for the purpose of generating a response or helping complete the user's request:
- The user's message or voice input after conversion to text.
- User and organization identifiers, such as user ID, company ID, role, and permissions.
- Relevant workplace context needed to respond to the request, such as attendance, leave, request, expense, approval, field activity, or wallet-related information.
Workzent does not use W-Cobalt AI data for advertising or marketing. AI-assisted features are used only to provide app functionality requested by the user or enabled by the user's organization.
Before sharing personal data with a third-party AI service provider, Workzent will display an in-app notice explaining what data may be sent and will ask the user for permission. If the user does not provide permission, Workzent will not send the user's AI request to the AI service provider, and the user may continue using non-AI Workzent features.
Third-party AI service providers are required to process data only for the purpose of providing the AI functionality and to protect the data with safeguards that are the same as or substantially equivalent to those used by Workzent. Our AI providers do not use your enterprise data to train their own models, and do not retain it beyond a limited period needed for safety and operational purposes, consistent with our data processing agreements.
AI-generated responses are informational in nature and may not always be accurate, complete, or current. They do not constitute professional legal, financial, medical, or HR advice. Always verify important decisions with qualified professionals or your organization's HR and compliance teams.
6. Face Check and Face Data
Workzent uses camera-based face-check functionality for attendance verification and related workplace workflows. Face data collected by Workzent may include:
- A live photo captured during face-check attendance or profile/work-related photo capture.
- Attendance metadata associated with the capture, such as user ID, company ID, timestamp, and location where required by the organization.
Before the first face capture, Workzent displays an in-app notice describing this collection and its purpose and obtains the user's acknowledgement before any face data is captured.
Workzent uses this data to verify that the authorized employee is performing the attendance action, prevent attendance misuse, maintain attendance records, support audit requirements, and provide organization-managed workforce workflows.
Workzent does not use face data for advertising, marketing, or profiling unrelated to workplace verification. Workzent does not sell face data.
Face data is stored securely on Workzent/AIMZENT-controlled systems or cloud infrastructure used to operate the Workzent service. Face data is accessible only to authorized organization administrators, authorized Workzent support personnel where required, and systems necessary to provide the service.
Workzent does not share face data with third parties for advertising or marketing. If face data is processed by a service provider for storage, security, hosting, or verification support, such provider is required to protect the data with safeguards that are the same as or substantially equivalent to those used by Workzent.
Face Data Retention
Workzent retains face-check photos and face templates for up to 12 months from the date of capture or while the employee account remains active, whichever is shorter, unless a longer retention period is required by the employer's attendance, audit, payroll, legal, contractual, or compliance obligations.
This retention period is required to verify attendance records, prevent attendance misuse, investigate attendance disputes, support payroll and HR audit processes, and maintain legally required workforce records.
After the applicable retention period, face-check photos and face templates are deleted or anonymized unless continued retention is required by applicable law, contractual obligations, security requirements, or the organization's compliance policies.
Users or organizations may request deletion of face data by contacting Workzent support or the organization administrator. Deletion requests are processed subject to applicable law, attendance records, payroll obligations, audit requirements, security requirements, and organizational compliance obligations.
7. Data Sharing
We share your information only in the following circumstances:
- Your employer organization: Authorized administrators within your organization have access to your operational data as part of managing the workforce.
- Cloud infrastructure providers: We use reputable cloud hosting providers to store and process data securely. These providers act as data processors under contract with Aimzent.
- AI service providers: Query content is shared with our third-party AI provider (currently Anthropic, PBC, the provider of Claude) as described in Section 5.
- Legal compliance: We may disclose data when required by applicable law, regulation, court order, or governmental authority.
- Business transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction. Affected users will be notified.
We do not sell, rent, trade, or otherwise disclose your personal information to third parties for marketing or advertising purposes.
8. Data Retention
We retain your personal data for as long as your account remains active and as required to fulfil the purposes described in this Policy. Your employer organization controls the tenant-level retention policies for operational records.
Certain categories of data — including attendance records, financial documents, payroll records, and audit logs — may be retained for the period required by applicable Indian laws and regulations (typically 3–7 years) even after an account is deactivated or deleted. This retention is mandatory for statutory compliance and cannot be waived.
9. Security
We implement industry-standard technical and organizational safeguards to protect your data, including:
- Encryption in transit (TLS) and at rest for sensitive data.
- Role-based access controls limiting data access to authorized personnel.
- Regular security audits and vulnerability assessments.
- Secure cloud infrastructure with redundancy and monitoring.
While we take all reasonable precautions, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, but we are committed to promptly addressing any security incidents that occur.
10. Your Rights
Depending on your role and applicable law, you may have the right to:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete data through your profile settings or your HR administrator.
- Deletion: Request deletion of your account and associated personal data. See our Account Deletion page for the process. Note that legally mandated records will be retained.
- Portability: Request an export of your data in a commonly used format through your organization administrator.
To exercise these rights, contact your organization's HR administrator or reach us at support@workzent.com.
11. Children's Privacy
The Platform is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected data from a minor, we will take prompt steps to delete it. Please contact us at support@workzent.com if you believe this has occurred.
12. International Data Transfers
Our cloud infrastructure may involve servers located outside India. When your data is transferred internationally, we ensure appropriate safeguards are in place through contractual obligations with our service providers, consistent with applicable Indian data protection laws and the IT Act, 2000.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will post the updated Policy on this page with a revised effective date. Your continued use of the Platform after the effective date constitutes acceptance of the updated Policy. For material changes, we will notify you via the Platform or email.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your data, contact us: