Privacy Policy

For data entered by Tenants about their workforce:

• The Tenant is the data controller and determines what personal data is collected and how it is used
• We act as a data processor/service provider, processing data on behalf of Tenants according to their instructions

If you are a Worker with questions about how your personal data is handled, please contact your employer (the Tenant) directly.

For data we collect directly (such as Tenant Admin registration), we act as the data controller.

When Tenants register, we collect:

• Business name and contact information
• Admin names and email addresses
• Billing and payment information
• Account credentials

Tenants may enter information about Workers, including:

• Names and contact information
• Work schedules and time records
• Job assignments and locations
• Profile photos
• Documents and files
• Communication history within the Platform

We automatically collect:

• Device information (type, operating system, browser)
• IP addresses
• Access times and usage patterns
• Feature usage and interactions
• Error logs and performance data

With appropriate permissions:

• GPS location for time clock and geofencing features
• Location data for job site management

We use information to:

• Operate and maintain the Platform
• Process time and attendance records
• Facilitate scheduling and communications
• Generate reports and analytics for Tenants
• Provide customer support

We use information to:

• Analyze usage patterns and improve features
• Identify and fix technical issues
• Develop new capabilities

We use information to:

• Protect against unauthorized access
• Detect and prevent fraud
• Comply with legal obligations

We use contact information to:

• Send service-related notifications
• Provide support responses
• Communicate important updates

We share information with service providers who help us operate the Platform:

Tenants are responsible for ensuring that their use of integrations complies with applicable laws.

We may disclose information when required by law, legal process, or government request.

In the event of a merger, acquisition, or sale, information may be transferred to the acquiring entity.

We may share information with Tenant permission for integrations or services requested by the Tenant.

We retain data while Tenant accounts are active and as needed to provide services.

Following account termination, we retain data for a reasonable period (typically 30-90 days) to allow for data export. Data may be retained longer for:

• Legal compliance requirements
• Dispute resolution
• Aggregated analytics (de-identified)

Backup copies may be retained according to our disaster recovery procedures.

We implement reasonable security measures including:

• Encryption in transit (TLS/SSL) and at rest
• Access controls and authentication
• Regular security assessments
• Employee training and access restrictions
• Monitoring and logging

No system is completely secure. While we take reasonable precautions, we cannot guarantee absolute security of information transmitted to or stored on the Platform.

Account security also depends on:

• Maintaining confidential passwords
• Using secure devices and networks
• Reporting suspected security issues promptly

Tenants may:

• Access and update account information
• Export Platform data
• Delete or modify Worker records
• Close accounts

Workers should contact their employer (the Tenant) to:

• Access their personal information
• Request corrections or deletions
• Understand how their data is used

You may opt out of promotional communications but will continue to receive service-related notices.

Mobile app users may control location permissions through device settings.

Personal information may be processed or stored in Canada, the United States, and other jurisdictions where our service providers operate.

Personal information processed or stored outside Canada may be subject to the laws of those jurisdictions, including lawful access requests by courts, law enforcement, or national security authorities.

We remain responsible for personal information under our control, including information transferred to service providers for processing. We use contractual, technical, and organizational safeguards designed to provide a level of protection comparable to that required under Canadian privacy laws, including PIPEDA.