Privacy Policy

Last Updated: June 2026

1. Introduction

AppyShift (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and safeguard your information when you use our workforce management platform (“the Service”), including scheduling, HRIS, timeclock, and attendance tools.

By accessing or using AppyShift, you agree to the practices described in this Privacy Policy.

2. Information We Collect

2.1 Information You Provide

We may collect the following information when you create an account or use the Service:

  • Name, email address, phone number, and company details
  • Employee profiles and HR information
  • Scheduling data, timeclock entries, attendance records, and shift history
  • Billing information (processed securely by third-party payment providers)
  • Support inquiries and communication history

2.2 Automatically Collected Information

When you use the Service, we may automatically collect:

  • IP address and device information
  • Browser type and operating system
  • Usage data (pages visited, actions taken, timestamps)
  • Cookies and similar tracking technologies

On our public website, optional marketing analytics may use browser localStorage to keep a short-lived website session identifier, measure page views, clicks, form submissions, scroll depth, and engagement time, and connect signup events to the public page that referred them. When available from our hosting, CDN, or configured IP geolocation providers, we may store approximate country, region, or city signals. We hash IP address and user-agent values before storing them in marketing analytics tables.

2.3 Employee & Workforce Data

If you upload or manage employee information, schedules, or timeclock data, you are responsible for ensuring you have the legal right to collect and process that information. We process workforce data solely to provide the Service.

3. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve the Service
  • Manage employee scheduling, time tracking, and HR records
  • Process payments and manage subscriptions
  • Communicate with you regarding updates, support, and service notices
  • Enhance security and prevent fraudulent activity
  • Analyze usage to improve performance and user experience
  • Comply with legal obligations

We do not sell your personal information or Customer Data.

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your information under one or more of the following legal bases:

  • Contractual necessity (to provide the Service)
  • Legitimate interests (security, product improvement, fraud prevention)
  • Legal obligations
  • Consent, where required

5. How We Share Information

We may share information with:

  • Service providers (hosting, analytics, payment processors, communication tools)
  • Third-party integrations you choose to connect (e.g., payroll providers, authentication services)
  • Legal authorities when required by law or to protect rights and security

We do not share Customer Data with advertisers or unrelated third parties.

6. Data Retention

We retain your information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. You may request deletion of your data at any time (see Section 10).

7. Data Security

We implement administrative, technical, and physical safeguards to protect your information, including encrypted data transmission (HTTPS), secure access controls, and regular system monitoring. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. Cookies & Tracking Technologies

AppyShift uses cookies, localStorage, and similar technologies to maintain session functionality, improve performance, and analyze usage patterns. Public website analytics and advertising tags can be disabled by configuration and may be shown only after consent where required. You may also disable cookies or clear localStorage in your browser settings, but some features may not function properly.

When enabled, we may use first-party marketing analytics, Google Ads tags, and LinkedIn Insight tags to understand which pages and campaigns lead to trial or setup-link requests. For enhanced conversion measurement, a normalized contact email may be cryptographically hashed before it is sent to Google Ads for matching, subject to the configured consent requirements. Marketing analytics records are retained for up to 180 days by default, unless a shorter or longer legally permitted retention period is configured.

9. Third-Party Services

The Service may integrate with third-party tools. Your use of those tools is governed by their respective privacy policies. We are not responsible for third-party practices.

10. Your Rights

Depending on your location, you may have the right to:

  • Access your personal data
  • Correct inaccurate information
  • Request deletion of your data
  • Restrict or object to processing
  • Export your data (data portability)
  • Withdraw consent where applicable

To exercise these rights, contact us at support@appyshift.com.

11. Children’s Privacy

AppyShift is not intended for individuals under 18. We do not knowingly collect information from minors.

12. International Data Transfers

If you access the Service from outside the United States, your information may be transferred to and processed in the U.S. We take steps to ensure appropriate safeguards are in place.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Continued use of the Service after changes indicates acceptance of the updated policy.

14. Contact Information

If you have questions about this Privacy Policy or your data, contact us at: support@appyshift.com