Vel Tech High Tech Dr. Rangarajan Dr. Sakunthala Engineering College

Applicant Privacy Policy

HR Recruitment Portal · Policy version VTHR-PRIVACY-2026-07-R6-GUEST-GOOGLE

1. Purpose of this policy

This policy explains how information and documents submitted through the Faculty / Staff Application Portal are collected, used, accessed, retained and protected. The portal is intended only for legitimate recruitment, HR and authorized educational or institutional purposes.

2. Information collected

The institution may collect identification and contact details, programme preferences, educational qualifications, employment history, salary information, professional identifiers, references, declarations and supporting documents such as a photograph, resume, certificates, identity documents, experience records and signature.

3. Permitted use of applicant data

Applicant data will be maintained and used only for the following purposes:

4. No commercial or unrelated business use

The institution will not sell, rent, trade or commercially exploit applicant data. It will not be used for advertising, marketing, commercial lead generation, unrelated profiling, promotional mailing or any unrelated business purpose.

5. No sharing with unrelated parties

Applicant data and uploaded documents will not be shared with unrelated persons, companies or organisations. Access is limited to authorized HR personnel, institutional authorities, selection committee members and technical administrators only when their official duties require it.

Limited disclosure may occur only when reasonably necessary for authorized credential or background verification, statutory or regulatory compliance, accreditation or affiliation requirements, institutional audit, legal proceedings, protection of institutional rights, or a lawful request from a competent authority. Only the minimum necessary information should be disclosed for such purposes.

6. References and verification

Where the applicant has permitted employer or reference verification, the institution may contact the persons or organisations named in the application. The institution may also verify educational and professional credentials with the relevant issuing or regulatory body where such verification is necessary for recruitment.

7. Optional Google Sign-In and registration records

Applicants may complete the application as a guest or may optionally use Sign in with Google. Guest entry is the default and does not require a Google account. By selecting the Sign in with Google button, the applicant expressly consents to the storage of the verified Google name, verified email address, Google account identifier, sign-in date and time, consent version, and privacy-protected technical audit values used for recruitment security.

Every successful Google Sign-In is recorded in the recruitment database at the time of sign-in, even when the applicant does not later submit an application. This enables authorized HR, Admin and Principal users to distinguish registered Google applicants from completed applications and to investigate duplicate or abusive registrations. The institution does not collect or store the applicant’s Google password, Google access token, Gmail content, Google Drive data, contacts or other Google account data.

If the applicant chooses Google entry for the final application, the verified Google identity is linked to that submitted application. If the applicant switches back to guest entry, the application is processed as a guest application, while the earlier consented Google sign-in audit record remains retained under the purposes and retention conditions of this policy.

8. ORCID and Scopus public-profile verification

Providing an ORCID iD or Scopus Author ID is optional. When an applicant enters either identifier and gives the separate research-profile verification consent, only authorized HR, Admin and Principal users may use the identifier to open the corresponding public profile and retrieve public profile, publication and citation metadata through the official ORCID and Elsevier/Scopus services for recruitment, identity, qualification and research-credential verification.

The portal does not request or store an ORCID or Scopus password, applicant OAuth token, account credential or applicant API key. Public metadata returned by the providers may be cached for a limited period to reduce repeated API calls and support authorized HR review. The institution will not use this consent to edit, write to, merge or otherwise control the applicant’s ORCID or Scopus account. Information visible on those services remains subject to the applicant’s profile settings, provider coverage and access conditions.

Authorized HR, Admin and Principal users may record institution-verified publication-category counts, Scopus document/citation/h-index values, a confirmation or clarification decision, review remarks, reviewer identity and review date. These verification records are maintained only for recruitment, HR administration, educational/institutional assessment, statutory/accreditation verification and related authorized purposes described in this policy.

9. Data retention

Application information will be retained only for the period reasonably required for recruitment, HR, educational, institutional, statutory, audit or legal purposes. When continued retention is no longer required, records should be securely deleted, anonymized or archived under restricted access according to institutional retention practices.

10. Essential security information and cookies

The portal uses an essential browser session cookie and limited security metadata to protect the form, prevent duplicate or automated submissions, and investigate technical abuse. IP addresses and browser identifiers used for submission security are stored only as one-way salted hashes. The public application pages do not require advertising cookies, marketing trackers or commercial profiling tools.

11. Security controls

The portal uses technical and administrative safeguards such as access restrictions, anti-spam controls, server-side validation, file-type and file-size inspection, randomized filenames, protected upload storage, activity logging and role-based document access. No internet system can be guaranteed to be completely risk-free, but reasonable safeguards are applied to reduce unauthorized access, alteration, loss or misuse.

12. Applicant responsibilities

Applicants must submit accurate information, protect the confidentiality of their application number, avoid uploading unnecessary sensitive information, and upload only lawful documents that belong to them or that they are authorized to provide.

13. Correction, withdrawal and queries

An applicant may contact the institution’s HR office to request correction of material inaccuracies or withdrawal of an application. Withdrawal may stop further recruitment processing, but records already required for audit, legal, security or statutory purposes may be retained for the necessary period.

14. Policy changes

The institution may update this policy when recruitment practices, technology or legal requirements change. The policy version displayed at the time of application will be recorded with the applicant’s consent.

15. Consent

By selecting the privacy and data-use consent checkboxes and submitting the application, the applicant confirms that this policy has been read and that the described processing is accepted.