Data Security Policy
Application Level Data Security
Access Control i.e. Authorization Service – The access to application and the employee data, to the users of the application i.e. Workforce Enterprise, is strictly based on Role. The user’s role will decide the user’s access to the application’s functionality and employee data. The application has strict Authorization module.
Authentication Service – The access to Workforce Enterprise is granted upon the user Authentication, data security is ensured by password encryption. The password will be stored in the database in encrypted format.
Secure Socket Layer (SSL) – The specified transactions or data access can be configured to use SSL to ensure the data security.
Hosting Server Level Data Security
The application will be deployed on the dedicated cloud server setup. The server machine deployed on a reputed cloud service provider’s infrastructure e.g. Rackspace, Linode or Amazon. The hosting server will exclusively host the Workforce Enterprise application instance for an organization. No other application will be deployed on this machine, hence ensuring exclusive infrastructure for the application.
To the server, only the Server Admin team of Baryons will have the access. The administration will be done as per the laid out process.
Database Server Level Data Security
The database server to be used by the application instance will be hosted on the exclusive Hosting
Server itself. The access to database will available to the Server Admin team only.
Data Backup and Archival
The database backup will be done on weekly basis; the backup data will be transferred through FTP
to Archive Server and stored there for 2 weeks. Data Archival will be governed by the customer’s archival need, generally the archival is done with the expiry of the student academic year.
Service Contract and Governance
The data security will be also ensured through the required documentation i.e. Service Agreement, Non Disclosure Agreement, Policy based Server Administration and maintenance & archiving of logs at Application, Server, Database levels.
SUBSCRIPTION AND LICENSING
- Baryons provisions web-based ‘Hosted Solutions’ in the Application Service Provider model as a pure service, bound by separate licenses metrics and terms for different Solutions. Service taxes and levies as applicable in your country might apply.
- A subscription results in a license grant that allows usage of the subscribed product only, for the period of subscription only.
- A solution subscription cannot be construed to mean any of the following
- A license grant to redistribute the solution, or by any means cause people outside of the customer’s organization to gain access to the solution.
- A right to modify the solution by any means.
- A right to use the solutions for demos outside the customer’s organization.
- The Intellectual Property of the solutions, including designs, documentation, source code, provisioning infrastructure, management infrastructure, domain intelligence and all other current and future components of the solutions, resides solely with Baryons.
- Subscription to a ‘Hosted Solution’ includes the following –
- Usage of the software application provisioned by Baryons
- Usage of the hosting resources provisioned by Baryons
- Standard data storage, backup and recovery
- Automatic access to the Baryons help desk
- Subscription to a ‘Hosted Solution’ does not automatically include the following –
- Any new domain names required for Solution provisioning
- Any customizations done for fitment of the Solution to a customer’s unique requirements
- Any non-standard data storage, backup and recovery procedures uniquely required by a customer
CUSTOMER DATA AND CUSTOMIZATIONS
- Baryons ensures that the customer’s data is kept confidential and not utilized for any purpose other than the customer’s usage of the subscribed services.
- Baryons makes all efforts possible within the limitations of technology to guard against data loss. This includes secure data storage and regular data backups.
- Baryons delivers customizations of the Hosted Solutions requested by customers for their unique needs. However, Baryons reserves the right to utilize any such customizations to enhance the generally available solution.
- Baryons includes access to the Baryons Help Desk with the purchase of any solution for the period of the subscription only.
- Baryons Help Desk resolves customer queries and logged issues. However, Baryons reserves the right to prioritize customer issues as per our business policies.
- Baryons Help Desk standard access included with the purchase of any solution is via email only. No phone support is provided.
- Usage and Access queries are generally responded to, within a period of 24 hours (not including weekends and National and Local Holidays in Bangalore).
- Logged issues that are accepted as bugs will be included into the upcoming releases of the software and all customer environments will automatically receive the fixes.
- The help desk will not resolve unique customer requirements, beyond the scope of the solution. Baryons’ customization services can be utilized for that purpose and will be separately charged from the subscription fees.
LIMITATION OF LIABILITY
- Baryons, in any case and eventuality, cannot be held liable for any business impacts that customers face due to misuse or mal-performance of the software applications or the underlying software or hardware platforms.
- Baryons, in any case and eventuality, cannot be held liable for any business impacts that customers face due to any temporary or permanent loss of data or services.
- In any case Baryons’ liability will be limited to the subscription fees paid for the active subscription period.
TERMINATION OF SUBSCRIPTION
- A subscription is considered terminated on specific request logged by a customer. The setup and subscription fees are not refundable in this case.
- A subscription is considered terminated in case it is not renewed within 1 month of expiry.
- In case renewal is not received within 15 days of expiration, the rights to use the solution and the access to the solution will be revoked. However, the accounts on our servers will be available for an additional period of 90 days, with all the customizations and data intact, and the services will be restored upon renewal.
- Post a renewal grace period of 90 days, the solution along with the customizations and data will be removed from Baryon’s servers. In case a customer wishes to re-subscribe, the provisioning fees will be applicable in addition to the subscription fees, and any previously stored customizations and data will not be available.
BUSINESS CONTINUITY PROVISIONS
- In case Baryons must discontinue services and support for Workforce Enterprise for its own business reasons, such an intention will be communicated to the customer at least 30 days in advance.
- In case of discontinuation of services by Baryons, the customer will be entitled to continued usage of the application through the following methods –
- Handover of the cloud server with customer’s Workforce Enterprise instance and data to customer’s IT team.
- Interminable Rights to use and extend Workforce Enterprise for own use.
- The provisions in this section can be invoked only by Baryons in the interest of the Customer, and cannot be demanded by the Customer under any circumstances.
- Under any circumstances, the provisions in this section cannot be construed as –
- A license grant to redistribute the solution
- A grant of Intellectual Property (IP) rights of the Workforce Enterprise application.
This Agreement shall be governed by the laws of India. The courts in Bangalore shall have the exclusive jurisdiction over any matter arising out of this Agreement.