Privacy Policy

1 Information We Collect

Information You Provide Directly

When you register for an account, contact us, or use our services, we may collect the following types of personal information:

• Account Information: Full name, email address, phone number, company name, job title, and designation
• Billing Information: Payment card details (processed securely through third-party payment processors), billing address, and transaction history
• Employee Data: Information you enter about your employees including names, contact details, work schedules, attendance records, salary information, and leave balances
• Communications: Messages, support requests, feedback, and any other content you send to us
• Profile Information: Profile pictures, company logo, and other customization data

Information Collected Automatically

When you use our platform, we automatically collect certain technical data to ensure the service works properly and to improve your experience:

• Usage Data: Pages visited, features used, time spent on the platform, clicks, and navigation paths
• Device Information: IP address, browser type and version, operating system, device identifiers, and screen resolution
• Location Data: General geographic location derived from IP address; precise GPS location only when you explicitly enable location-based clock-in features
• Log Data: Server logs including timestamps, error reports, and diagnostic information
• Cookies & Tracking Technologies: As described in Section 5 below

Information from Third Parties

We may receive information about you from third-party services, such as authentication providers (if you sign in with Google or similar), payroll integrations, or business verification services. This information is used solely to improve your account setup and service experience.

2 How We Use Your Information

We use the information we collect for the following purposes:

Service Delivery

• To provide, operate, and maintain our employee management and attendance tracking platform
• To process transactions and send related information including purchase confirmations and invoices
• To manage your account and provide customer support
• To enable time tracking, payroll calculations, leave management, and reporting features

Service Improvement

• To understand how users interact with our platform and identify areas for improvement
• To develop new features, products, and services
• To conduct research, analysis, and troubleshooting
• To monitor and improve platform performance and security

Communications

• To send administrative notices, product updates, and security alerts
• To respond to your comments, questions, and requests
• To send marketing communications (only with your consent, and you may opt out at any time)
• To send notifications related to your account activity

Legal & Compliance

• To comply with applicable laws, regulations, and legal obligations
• To enforce our Terms and Conditions and other agreements
• To detect, prevent, and address fraud, security issues, and technical problems

3 How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

• Service Providers: Trusted third-party vendors who assist us in operating our platform, such as cloud hosting providers, payment processors, email delivery services, and analytics tools. These providers are contractually obligated to use your data only for the services they provide to us.
• Business Transfers: If Staff Timing is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your personal information is transferred and becomes subject to a different privacy policy.
• Legal Requirements: We may disclose your information if required to do so by law, court order, governmental authority, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
• With Your Consent: We may share your information with third parties when you have given us explicit consent to do so.
• Aggregated Data: We may share anonymized, aggregated data that cannot reasonably be used to identify you, for research, marketing, or analytical purposes.

4 Data Storage & Security

We take the security of your data seriously and implement industry-standard measures to protect your information:

• Encryption: All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security). Sensitive data at rest is encrypted using AES-256 encryption.
• Access Controls: We implement strict role-based access controls. Only authorized personnel with a legitimate business need can access your data.
• Infrastructure Security: Our platform is hosted on enterprise-grade cloud infrastructure with regular security audits, penetration testing, and vulnerability assessments.
• Authentication: We support multi-factor authentication and enforce strong password policies to protect your account.
• Incident Response: We maintain a documented incident response plan and will notify affected users promptly in the event of a data breach, as required by applicable law.

While we take all reasonable precautions to protect your data, no method of internet transmission or electronic storage is 100% secure. We encourage you to use a strong, unique password and enable two-factor authentication on your account.

5 Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our platform. Cookies are small text files stored on your device that allow us to recognize you between visits.

Types of Cookies We Use

• Essential Cookies: Required for the platform to function properly. These cannot be disabled without affecting core functionality (e.g., session management, authentication).
• Performance Cookies: Help us understand how visitors interact with our platform by collecting anonymized usage data. Used to improve performance and user experience.
• Functional Cookies: Remember your preferences and settings (e.g., language, timezone, display settings) to provide a more personalized experience.
• Analytics Cookies: Used by tools such as Google Analytics to track aggregate usage patterns and improve our services.

You can control cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of our platform. For more information on managing cookies, visit your browser's help documentation.

6 Your Rights & Choices

Depending on your location, you may have certain rights regarding your personal information. We honor the following rights for all users:

• Access: You have the right to request a copy of the personal information we hold about you.
• Correction: You may request that we correct any inaccurate or incomplete information we hold about you.
• Deletion: You may request that we delete your personal data, subject to certain legal obligations that require us to retain specific records.
• Portability: You have the right to request your data in a structured, machine-readable format so you can transfer it to another service.
• Objection: You may object to the processing of your personal data for direct marketing or other purposes based on legitimate interests.
• Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
• Opt-Out of Marketing: You may unsubscribe from marketing emails at any time by clicking the "unsubscribe" link in any email or by contacting us directly.

To exercise any of these rights, please contact us at info@stafftiming.com. We will respond to your request within 30 days.

7 Children's Privacy

Staff Timing's services are intended for use by businesses and professionals and are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information promptly. If you believe a child has provided us with personal data, please contact us immediately at info@stafftiming.com.

8 International Data Transfers

Staff Timing operates globally and your information may be transferred to, stored, and processed in countries other than your country of residence. These countries may have different data protection laws than your home country.

When we transfer personal data internationally, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission, or rely on adequacy decisions where applicable, to ensure your data is protected to the standard required by applicable law.

For users in the European Economic Area (EEA) or United Kingdom, by using our services you consent to the transfer of your information to countries outside the EEA, including the United States, where our servers may be located.

9 Third-Party Links

Our platform may contain links to third-party websites, integrations, or services that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

We strongly advise you to review the Privacy Policy of every site you visit. Our Privacy Policy does not apply to the collection, use, or disclosure of information by third parties.

10 Retention of Data

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Account Data: Retained for the duration of your account plus 90 days after account deletion, to allow for account recovery requests.
• Employee Attendance & Payroll Records: Retained for a minimum of 7 years to comply with labor and tax record-keeping requirements in most jurisdictions.
• Billing Records: Retained for 7 years for tax and accounting compliance.
• Support Communications: Retained for 3 years after your last interaction to assist with future support requests.
• Usage & Analytics Data: Retained in aggregated, anonymized form indefinitely for platform improvement purposes.

When data is no longer required, we securely delete or anonymize it in accordance with our data retention procedures.

11 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other business reasons. When we make material changes, we will:

• Post the updated Privacy Policy on this page with a revised "Last updated" date
• Send an email notification to registered account holders at least 14 days before changes take effect
• Display a prominent notice within our platform for 30 days after the update

Your continued use of our services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. If you do not agree with the changes, you should discontinue using our services and may request deletion of your account.

12 Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: