Phyzii Privacy Policy
Contact Us customer.support@cirrius.com

Table of Contents

  1. Introduction
  2. Scope
  3. Definitions
  4. Information Collected
  5. Mobile Application Permissions
  6. Purpose of Processing
  7. Data Sharing
  8. Security Measures
  9. Data Retention
  10. DPDP Compliance
  11. GDPR Principles
  12. Data Controller and Processor
  13. International Transfers
  14. User Rights
  15. Children's Privacy
  16. Incident Response
  17. Sub-processors
  18. Account Deletion and Data Removal
  19. Google Play Data Safety
  20. Apple App Store Privacy
  21. Contact Information
  22. Changes to Policy

1. Introduction

This Privacy Policy describes how Phyzii, a product of Cirrius Technologies Pvt. Ltd., collects, uses, stores, processes and protects information. This policy applies to the Phyzii website, mobile applications, cloud services, APIs and related offerings.

2. Scope

This policy applies to all users, customer organizations, administrators, employees, contractors and authorized users of the Phyzii platform.

3. Definitions

Data Principal, Personal Data, Processing, Data Controller, Data Processor, Customer Organization, User, Device Data and Services shall have meanings aligned with applicable privacy regulations.

4. Information Collected

We may collect the following categories of information:

5. Mobile Application Permissions

Camera, location, notifications, storage and phone permissions may be requested only where required for configured business processes.

6. Purpose of Processing

Information is processed for the following purposes:

7. Data Sharing

Phyzii does not sell personal data. Information may be shared with:

8. Security Measures

We implement a range of technical and organizational controls, including:

We value your trust in providing us your personal information and strive to use commercially acceptable means of protecting it. However, no method of transmission over the internet or electronic storage is 100% secure and reliable, and we cannot guarantee absolute security.

9. Data Retention

Information is retained according to contractual obligations, customer instructions, legal requirements and operational needs. Please refer to Appendix A for the Data Retention Matrix.

10. DPDP Compliance

Phyzii supports compliance with the Digital Personal Data Protection Act, 2023, including lawful processing, consent management and grievance handling.

11. GDPR Principles

Where applicable, Phyzii supports the following GDPR principles: lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation and confidentiality.

12. Data Controller and Processor

Customer organizations generally act as Data Controllers. Cirrius Technologies acts as a Data Processor, processing data on documented instructions.

13. International Transfers

Appropriate safeguards may be implemented where information is processed outside the country of origin.

14. User Rights

Subject to applicable laws and customer agreements, users may request:

15. Children's Privacy

The services are intended for enterprise use and are not directed toward children. We do not knowingly collect personally identifiable information from children. Parents and legal guardians are encouraged to monitor their children's internet usage.

16. Incident Response

Security incidents are investigated, documented and managed through formal response procedures.

17. Sub-processors

Cloud hosting, email delivery, monitoring and messaging providers may act as sub-processors under contractual controls.

18. Account Deletion and Data Removal

User accounts for this application are provisioned and managed by authorized administrators of the organization.

If a user requires their account or associated personal data to be deleted, they should contact their organization's administrator or designated IT support team. Upon receiving a valid request, the administrator will review and process the account deletion in accordance with the organization's policies and applicable legal requirements.

Certain information may be retained where required for operational, legal, security or compliance purposes.

19. Google Play Data Safety

Data collected is used only for service delivery, support, analytics, security and compliance. Personal information is not sold.

20. Apple App Store Privacy

Collection of identifiers, diagnostics, location data, images and files depends on permissions granted and enabled workflows.

21. Contact Information

Privacy inquiries may be directed to privacy@phyzii.com. Customer users should first contact their organization administrator.

General support inquiries can also be sent to customer.support@cirrius.com.

22. Changes to Policy

This Privacy Policy may be updated from time to time. Updated versions become effective upon publication. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this page periodically for any changes.

Appendix A – Data Retention Matrix

Data Category Retention Period
CRM DataAs defined by customer contract
Attendance DataAs defined by customer policy
Audit LogsAs per security policy
Support RecordsOperational requirement basis

Appendix B – Security Controls

Document Owner: Cirrius Technologies Pvt. Ltd.

Review Cycle: Annual