Security
Payroll data deserves finance-grade controls.
Run Payroll is designed around tenant isolation, role-based access, PII protection, audit history, and DPDP-aware operating practices.
Tenant-scoped access
AvailableCompany data is designed to stay scoped to the active tenant and role.
PII encryption and masking
AvailableSensitive payroll identifiers should remain protected at rest and masked in normal workflows.
Audit history
AvailablePayroll-sensitive changes are captured for review and investigation.
MFA for sensitive access
AvailableStep-up controls are used for high-risk authentication and account operations.
DPDP-aware processes
PracticeData handling, breach response, export, and erasure workflows are shaped around Indian privacy expectations.
SOC 2 / ISO 27001
RoadmapFormal external certifications are not claimed for launch; they remain a future roadmap item.
Controls
Security, explained in plain payroll language.
You should know exactly how employee data, salary data and statutory outputs are kept safe before you trust the system.
Tenant-scoped by design
Your payroll data is read and changed only inside your own company and role.
Sensitive data protected
PAN, Aadhaar, UAN, ESIC and bank details are treated as protected payroll data.
Masked by default
Sensitive values stay hidden in everyday work and reveal only for people who are allowed.
A clear history
Payroll-sensitive actions are traceable for reviews, disputes and audits.
Stronger sign-in
Sensitive account and admin actions can require an extra verification step.
Run with discipline
Backups, access review and incident response are part of how the service is operated.
We do not claim completed SOC 2 or ISO 27001 certification. Those stay marked as roadmap items until they are formally completed and verified.
Keeping your records in order
We promise only what we can explain and operate today. Stronger certifications are added when the evidence exists — never before.