Privacy Policy

1. Introduction

Plantime ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our shift planning platform (the "Service"). We are based in Switzerland and operate internationally, adhering to the General Data Protection Regulation (GDPR) and other applicable data protection laws. Paddle.com Market Ltd acts as our merchant of record for all payments processed through our Service.

2. Information We Collect

2.1 Personal Information

We collect the following types of personal information:

• Contact information (such as name and email address)
• Account credentials
• Business information (such as company name and address)
• Employment information (for shift planning purposes)
• Financial information (for payroll purposes)

Note: Payment details for subscription payments are handled directly by Paddle.com and are not stored on our servers.

2.2 Usage Data

We collect information on how you interact with our Service using Posthog analytics and Google Analytics (via Google Tag Manager), including:

• Access times and dates
• Pages viewed
• Features used
• Technical information about your device and internet connection

2.3 Cookies and Similar Technologies

We use first-party cookies for authentication and tracking purposes. These cookies are necessary for the functioning of our Service and to optimize your experience.

3. How We Use Your Information

We use the collected information for the following purposes:

• To provide, maintain, and improve our Service
• To process payments via our payment processor, Paddle
• To enable employers to manage shifts and process payroll information
• To respond to your inquiries and provide customer support
• To monitor usage patterns and optimize the user experience
• To detect, prevent, and address technical issues or security breaches
• To comply with legal obligations

We do not use your personal information for marketing purposes without your explicit consent.

4. Data Sharing and Disclosure

We share your information with the following third-party service providers:

• Vercel - For hosting our platform
• Supabase - For database services and data storage
• Paddle - For payment processing
• Posthog - For analytics and user behavior tracking
• Google (Google Tag Manager and Google Analytics) - For website analytics

These service providers have access to your personal information only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose. We do not share your data with any other third parties, partners, or affiliates beyond what is necessary to provide our Service.

4.1 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

5. International Data Transfers

We are based in Switzerland but operate internationally. Your information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. We ensure that any international transfers of personal data comply with applicable data protection laws, including the GDPR. We implement appropriate safeguards, such as standard contractual clauses, when transferring data outside the European Economic Area (EEA) or Switzerland.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Role-based access controls to ensure only authorized personnel can access data
• Authentication mechanisms to verify user identity
• Encryption of data in transit and at rest
• Regular security assessments and updates

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When you request deletion of your account or organization, we will remove all personally identifiable information (PII) within 30 days of your request. We may retain anonymized data for analytical purposes, but this data cannot be used to identify you.

8. Your Data Protection Rights

Under the GDPR and other applicable data protection laws, you have certain rights regarding your personal information:

• Right to Access - You have the right to request copies of your personal information.
• Right to Rectification - You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• Right to Erasure - You have the right to request that we delete your personal information in certain circumstances.
• Right to Restrict Processing - You have the right to request that we restrict the processing of your personal information in certain circumstances.
• Right to Data Portability - You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.
• Right to Object - You have the right to object to our processing of your personal information in certain circumstances.

To exercise any of these rights, please contact us at info@plantime.io. We will respond to your request within 30 days. Please note that once an account or organization is deleted, this action cannot be reversed, and all associated data will be permanently removed from our systems.

9. Children's Privacy

Our Service is not directed to individuals under the age of 18 ("Children"). We do not knowingly collect personally identifiable information from Children. If you are a parent or guardian and you are aware that your Child has provided us with personal information, please contact us. If we become aware that we have collected personal information from Children without verification of parental consent, we take steps to remove that information from our servers.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us: By email: info@plantime.io