Privacy statement ShiftPlanner

Who is responsible for my personal data?

ShiftPlanner is responsible for managing your personal data and ensuring compliance with the General Data Protection Regulation (GDPR) — formerly, the Personal Data Protection Act. Our contact details can be found here About ShiftPlanner and at the bottom of this page.

Please note that this privacy statement only applies to ShiftPlanner. For any account or organization registered with ShiftPlanner a different privacy statement applies.

Why do you collect my personal data?

Personal data is used exclusively to communicate with account administrators. We never share your data with third-party organizations.

What kind of data do you collect?

When setting up an account, we may collect the following information from you:
name, organization name, address, IP address, email address and telephone number. In addition, the ip number you use to log in is also stored for troubleshooting and analysis.

Where is this data stored?

We store your personal data in a secure database, which is housed in a Dutch data centre.

Do you share information with any third-party organizations?

No. We never share your personal data with any third parties unless obligated by law.

Google analytics

Google Analytics is the only external tracking tool that we use. We have entered into a data processing agreement with Google, but remain in full compliance with GDPR. By using our website, you consent to the use of analytical cookies. However, we have switched off ‘data sharing’ and anonymized IP addresses in accordance with the Data Processing Amendment.

How do I manage my data and communication preferences?

To ensure that ShiftPlanner runs correctly, we ask that you keep your details up to date. You can delete your account and all associated user data at any time via general settings. If you do not wish to receive communications from ShiftPlanner, you can let us know by writing to the administrator or responding to the emails you receive from us.

What should I do in the event of a data leak?

As of 1 January 2016, statutory regulation requires any public or commercial entity to report breaches of data. If you suspect that your data has been compromised, please report it to us immediately using the contact details below.

If we detect a data breach, we will inform you within 24 hours. We will let you know the cause and advise you on any actions you can take to redress the issue and/or prevent it from happening again. Please note that all passwords are encrypted and cannot be retrieved by us or any other third-party organization.

For how long do you hold my data?

If you have not logged in for more than twelve months, all data (including all user data) will be destroyed.