Privacy Policy

Effective Date: June 04, 2026

1Introduction and Scope

This section establishes who runs the portal and defines the structural operational boundaries of our organizational data aggregation processes.

Governing Body Declaration

This Privacy Policy applies completely to all web interfaces, internal Management Information System (MIS) portals, databases, and structural smartphone mobile applications built, updated, managed, or deployed by the Sukkur Water and Sewerage Corporation (SWSC).

Consent Clause

By registering a portal account, utilizing our public services, or loading the internal employee mobile attendance framework module onto a smartphone device, you express full operational consent to the collection and data security rules outlined in this document.

2Information Collected

This component provides complete visibility to data subjects by itemizing the technical telemetry signatures and explicit personal identifiers our systems aggregate.

  • Personal Identifiers: Full legal names, computerised national identity card (CNIC) records, organizational email channels, secure phone contact numbers, assigned job designations, and institutional department structures.
  • Transactional Records: Financial payment histories, household/commercial water connection consumer registration strings, utility billing logs, and electronic procurement bid files.

Advanced Smartphone Tracking Metrics (For MIS/Attendance Module)

To verify workplace proximity protocols, the smartphone system captures the following datasets upon active event registration:

  • Spatial Geolocation Signature: Absolute high-precision Global Positioning System (GPS) latitude and longitude variables captured exclusively during the Time-In and Time-Out punch cycles.
  • Device Infrastructure Metadata: Smartphone manufacturer names and model types (e.g., iPhone 15, Samsung Galaxy S24), running mobile operating system versions, custom application installation hashes, and runtime diagnostic performance values.
  • Network Logging Protocols: Detailed timestamp logs recording device IP addresses, network connection states, nearby cellular tower reference flags, and real-time geofence calculation metrics confirming user presence within an explicit 100-meter radius of the registered corporate facility hub center.

3Purpose of Processing and Data Utilization

This segment defines the business justifications and legal bases for running background logging routines on public citizens and internal staff data items.

Service Fulfillment

Fulfilling consumer applications for structural water infrastructure links, logging automated helpdesk tickets, and deploying field crews to address local public sewerage networks or environmental incidents.

Security & Verification Auditing

Using smartphone hardware telemetry and geographical metrics to maintain tamper-proof audit trails, verify worker authentication signatures, and permanently mitigate system manipulation risks (such as buddy punching).

Procurement Compliance

Executing systematic automated bid evaluation routines, tracking transparent supplier credentials, and archiving vendor documentation parameters.

4Data Sharing and Third-Party Disclosures

This outlines the transparent regulatory limits regarding external parties who may view or access the aggregated database tables.

  • Statutory Compliance: Data records may be processed for auditing by judicial authorities, statutory government boards, or institutional audit panels in strict compliance with state digital administrative frameworks.
  • Technical Service Providers: Secure database fragments interface exclusively with verified software services, including cloud environment providers, secure financial clearing houses, map rendering APIs (e.g., Google Maps, Leaflet), or automated communication networks.
  • No-Commercialization Pledge: SWSC does not barter, distribute, share, or sell user records or smartphone geolocation logs to commercial advertising operations or marketing aggregators.

5Data Security and Safeguards

We implement rigorous technical barriers to insulate stored relational data blocks (especially tracking tables like attendance_logs) against unauthorized leakage or modification.

Cryptographic Frameworks

All interaction traffic routed from user endpoints or mobile applications is encrypted in transit using industry-standard Transport Layer Security (TLS/HTTPS) technology.

Access Control Mechanisms

Database queries are restricted via role-based access controls (RBAC). Only verified system administrators and credentialed Human Resources personnel possess authorization to query spatial logging parameters.

Database Retention Parameters

Staff proximity logs and spatial tracking records follow rolling system cleanup configurations. Ledger profiles and consumer bill files are permanently secured in isolated, immutable data stores.

6User Rights and Controls

This summarizes the native system settings and manual access privileges extended to digital account owners.

Access and Correction

Users maintain full rights to review their active profile details, file system correction tickets, or update inaccurate administrative identifiers inside the MIS directory.

Smartphone Sensor Controls

Staff members retain complete control over device sensors. Location services may be managed through native smartphone security menus outside scheduled work shifts.

7Contact Information

For inquiries regarding data processing, security controls, or personal information management, please reach out to our administration office through these direct channels:

Email Support

privacy@swsc.gov.pk

MIS Department

071-XXXXXXX (Ext 402)

HQ Address

SWSC Main HQ, Sukkur, Sindh