Security Policy

Zero-Trust Workforce Infrastructure

1. Statutory Security Standards

SAMÍNUS Private Limited implements "Reasonable Security Practices and Procedures" as mandated by Section 43A of the Information Technology Act, 2000. This includes comprehensive technical, administrative, and physical safeguards to prevent unauthorized access to sensitive personal data.

2. Zero-Trust Workforce Security

Session Fingerprinting

Security tokens are crypto-bound to specific browser fingerprints and IP ranges to prevent session-token theft and side-channel attacks.

Immutable Audit Persistence

Critical actions like Salary Payouts and Data Exports generate immutable logs, providing a forensically sound audit trail for court submission if required.

3. Data Residency

All data fiduciaries using SAMÍNUS HR-OS are guaranteed that their primary and backup data resides on cloud infrastructure located strictly within the sovereign territory of India, ensuring compliance with RBI and SEBI data localization guidelines where applicable.

Breach Notification

In the unlikely event of a security breach, SAMÍNUS Private Limited maintains procedures to notify the Indian Computer Emergency Response Team (CERT-In) and affected Data Principals within the statutory timelines prescribed under the law.