HR Docu
Book a Demo

Secure · Audit-ready · PIPEDA compliant

Legal

Privacy & Legal

How HR DocU collects, protects, and handles sensitive onboarding documentation, and the terms governing platform use.

Last updated: June 2026Effective: June 2026Jurisdiction: Canada

Disclaimer

Privacy & Data Protection

1

Data Philosophy & Your Privacy Rights

HR DocU is built on the core principle of Privacy by Design. This application serves strictly as a high-security technical infrastructure pipeline to collect, transmit, and store sensitive candidate onboarding documentation. In accordance with GigaSphere's Data Ownership Policy, all documents, personal data, and identification assets uploaded to this platform remain the exclusive property of the employing organization. HR DocU processes this data strictly as a technical agent and explicitly prohibits the commercialization, secondary profiling, or unauthorized third-party sharing of candidate documentation.

2

Strict Access Control & Role-Based Isolation

HR DocU enforces an immutable, compartmentalized data security boundary. Document visibility is structurally locked down at the database layer based on strict Role-Based Access Control (RBAC): only the specific HR personnel assigned to your profile can view or download your files, and cross-contamination between users is algorithmically blocked.

3

Immutable Audit Logging

In alignment with our Logging and Monitoring Policy, every technical action taken within HR DocU, including link generation, document file views, downloads, account modifications, and login attempts, generates an unalterable, centralized audit log file. Super Admins retain exclusive visibility into these logs to support continuous corporate compliance and internal forensic tracking.

4

Cryptographic Safeguards & Canadian Data Residency

All candidate documents and structural metadata are heavily encrypted at rest using AES-256 with isolated directory parameters. Data in transit across all web and upload pipelines is strictly bound to TLS 1.3 encryption protocols. In compliance with Canadian sovereign cloud mandates, all production data, backups, and analytical assets are hosted and processed exclusively within Canadian geographic boundaries.

5

Mandatory Session Security

To prevent unauthorized local access to your data, our platform enforces strict session hygiene. If an authenticated session is idle for two (2) minutes, a visible countdown prompt will appear. If there is no interaction within thirty (30) seconds of the prompt, the system will automatically terminate the session and force re-authentication. Users are also strictly prohibited from sharing individual account credentials.

6

Data Retention & Disposal

We retain your documents only as long as required for compliance and employment purposes. Once our retention window closes, or upon a formal data purge request, your documents are permanently destroyed using a Cryptographic Shredding Protocol. This process renders the data fragments entirely irrecoverable.

Platform Rules

Acceptable Use Policy

In accordance with GigaSphere's Acceptable Use Policy (AUP), this platform must be used strictly for authorized corporate onboarding and legitimate documentation verification. All users are strictly prohibited from:

  • Upload, transmit, or inject malicious code, corrupted files, or malware.
  • Attempt to bypass system access controls, probe platform vulnerabilities, or reverse-engineer database schemas.
  • Submit fraudulent, unapproved, or intentionally falsified identification documents.
  • Interfere with network performance or disrupt the platform's multi-tenant isolation barriers.

Enforcement. Failure to comply may result in immediate account revocation, termination of platform access, and formal escalation to legal authorities.

Agreement

Terms & Conditions

1

Acceptance of Terms & Authorized Use

By accessing or utilizing the HR DocU platform, you agree to comply with and be bound by these Terms and Conditions alongside GigaSphere's Acceptable Use Policy. This platform must be utilized exclusively for legitimate corporate onboarding and authorized document collection workflows. Users are strictly prohibited from uploading, transmitting, or processing malicious code, unapproved assets, or files that violate provincial or federal privacy laws.

2

Mandatory Session Hardening & Security Hygiene

To safeguard sensitive personnel documentation against unauthorized localized access, HR DocU enforces a strict session timeout boundary:

  • Inactivity Rule: If a session remains idle for two (2) minutes, a visible on-screen countdown prompt is triggered automatically.
  • Automated Log-Out: If no user interaction is validated within thirty (30) seconds of the prompt, the session is immediately terminated and re-authentication is forced.

Users are contractually obligated to maintain strict credential confidentiality and are prohibited from sharing individual accounts.

3

Document Retention and Post-Contract Disposal

Organizations utilizing HR DocU are responsible for establishing their own compliance retention windows within their corporate dashboard. Upon the formal termination of a tenant subscription or an explicit data purge request, HR DocU will permanently wipe and neutralize the target document buckets using GigaSphere's Cryptographic Shredding Protocol. Once executed, the underlying data fragments are rendered entirely irrecoverable, and a formal Notification of Disposal will be issued to the tenant within fourteen (14) business days upon request.

4

Technical Limitation of Liability

HR DocU provides a secure encryption pipeline for data collection. The subscribing organization assumes full statutory liability for verifying the legal basis of the documents they demand from candidates and ensuring their internal HR teams adhere to regional employment standards, human rights codes, and privacy frameworks.

Questions about your data or these terms? Contact our privacy team.

Last updated June 2026