Privacy Policy
Trust is the foundation of StaffSchedule.io. We are committed to transparency in how we collect, process, and protect your enterprise data.
1. Introduction
At StaffSchedule.io, we recognize the sensitivity of workforce management data. This Privacy Policy describes how we handle the personal and business information collected through our platform, marketing site, and mobile applications. By using StaffSchedule.io, you agree to the practices described in this document.
We operate as a **Data Processor** for the staff information provided by our business customers, and as a **Data Controller** for the information we collect directly from account owners for billing and administrative purposes. For more details on our user agreement, please see our Terms of Service.
2. Information We Collect
To provide a seamless workforce management experience, we collection information in the following categories:
- Organization Data: Business name, address, tax identifiers, and administrative contact information.
- Staff PII (Personally Identifiable Information): Names, email addresses, phone numbers, and employee ID numbers provided by your organization.
- Operational Data: Work schedules, shift swap histories, availability preferences, and attendance logs.
- Geolocation Data: If enabled by your organization, we may collect GPS-verified coordinates during clock-in and clock-out events to ensure compliance.
- Usage & Device Data: IP addresses, browser types, and interaction logs with our platform to improve performance and security.
3. How We Use Data
We process your information to deliver the core value of our platform:
- Automated Scheduling: Our AI Logic engine uses availability and historical data to suggest optimized shift rotations.
- Payroll Integration: Consolidating attendance logs for export to third-party payroll systems.
- Communication: Facilitating team chat, announcements, and shift-swap notifications.
- Security & Compliance: Monitoring for unauthorized access and ensuring platform integrity.
- Service Improvement: Aggregating de-identified data to benchmark workforce productivity metrics.
5. Security Measures
We implement rigorous, enterprise-grade security protocols to safeguard your information:
- Encryption: Data is encrypted at rest using AES-256 and in transit via TLS 1.3.
- Access Controls: We enforce multi-factor authentication (MFA) and role-based access control (RBAC) throughout the system.
- Vulnerability Management: Regular automated security scans and third-party penetration testing ensure our defenses remain robust.
- Salted Hashing: All user credentials are protected using strong, salted cryptographic hashing.
6. Your Rights & Choices
Depending on your jurisdiction (such as GDPR or CCPA), you may have the following rights:
- Access: The right to request a copy of the data we hold about you.
- Rectification: The right to correct inaccurate or incomplete data.
- Deletion: The right to request the deletion of your data under certain conditions.
- Export: The right to receive your data in a portable, machine-readable format.
Staff users should primary contact their employer (the Organization Administrator) for data access requests, as the employer is the primary Data Controller. Users can also manage basic profile settings within the Staff Portal.
8. Contact Us
If you have any questions or concerns regarding this Privacy Policy or our data practices, please contact our Data Protection Officer:
Email: legal@staffschedule.io
Address: Legal Department, StaffSchedule.io HQ
Response Time: Within 24-48 hours. For technical support, please visit our Help Center.