Security & Privacy

Privacy Policy

Last Updated: May 2026 ISO 27001 Certified

1. Introduction

KRAVES Technologies Inc. ("KRAVES", "we", "us", or "our") respects the privacy of our clients and their employees. This Privacy Policy describes how we collect, use, process, share, and protect personal data collected via the KRAVES Intelligent Business Transformation Suite, mobile applications, and background verification (BGV) systems.

By deploying the platform or submitting information to us, you consent to the data collection and processing practices described in this policy, aligned with global regulations including GDPR, CCPA, and regional employment laws.

2. Data We Collect

To provide unified workforce management and verification, KRAVES processes the following categories of data:

  • Corporate Client Information: Business registration, billing address, administrator contact information, and licensing metrics.
  • Employee Identity Information: Full names, government-issued IDs (SSN, Passport, etc.), dates of birth, contact details, and emergency contacts.
  • Employment & Performance History: Resume files, job descriptions, promotion logs, attendance markers, evaluation scores, and onboarding documents.
  • Background Verification (BGV) Data: Criminal records, education history, credential certifications, prior employment references, and identity screening results.
  • Technical Usage Metadata: IP addresses, browser specifications, login histories, and activity logs within our application database.

3. How We Use Data

We use collected information strictly to execute core business suite functionality, including:

  • Providing and maintaining the SaaS environment.
  • Processing background verification requests submitted by your organization's administrators.
  • Automating recruitment pipelines, digital onboarding, and exit clearances.
  • Generating secure workforce analytics and operational summaries.
  • Mitigating fraudulent activities, ensuring security compliance, and updating system modules.

4. Security & Compliance

KRAVES utilizes advanced security architectures to keep sensitive identity and BGV records safe. We employ AES-256 data encryption at rest and TLS 1.3 for all data transit.

To guarantee isolation, each corporate tenant is stored in an independent database partition with strictly defined access control policies. Access logs are immutable and audited continuously.

5. Data Sharing and Third Parties

KRAVES does not sell, lease, or distribute employee databases or verification records to marketing agencies. Data is only shared with trusted parties under the following conditions:

  • Verification Partners: To conduct legal background screening (e.g. academic or criminal records validation).
  • Cloud Infrastructure Services: Secure hosting environments (e.g. Google Cloud Platform, Amazon Web Services) under strict data protection addendums.
  • Legal Mandates: When required by court orders, regulatory agencies, or government entities to comply with national security laws.

6. Retention and Rights

We retain personal data only for as long as a client's subscription remains active, or as required by law for employment audit retention. Client administrators can export or request deletion of data at any time. Employees wishing to access or correct their information should contact their organization's HR administrator.