Privacy Policy

Privacy Policy

Last updated: March 12, 2026

1. Introduction

Shryft ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our shift management service.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide to us:

  • Account Information: Name, email address, password, business name
  • Business Information: Company name, locations, business details
  • Employee Information: Names, email addresses, phone numbers, roles, shift preferences
  • Communication Data: Shift notifications, responses to shift offers, messages
  • Integration Data: Data from connected services (Google Calendar, Slack, WhatsApp)

2.2 Automatically Collected Information

We automatically collect certain information when you use the Service:

  • Log Data: IP address, browser type, operating system, access times, pages viewed
  • Device Information: Device type, unique device identifiers
  • Cookies: Session cookies, authentication tokens, preference cookies
  • Usage Data: Features used, shift acceptance rates, notification engagement

2.3 Information from Third Parties

We may receive information from third-party services you connect:

  • Google Calendar: Calendar events, availability, event metadata
  • Slack: Workspace information, user IDs, channel data
  • WhatsApp: Phone numbers, message delivery status

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the shift management service
  • Send shift notifications via email, Slack, and WhatsApp
  • Process shift acceptances, declines, and dropouts
  • Manage waiting lists and automatic shift filling
  • Synchronize with Google Calendar for shift scheduling
  • Authenticate users and maintain account security
  • Send administrative information and service updates
  • Analyze usage patterns to improve the Service
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations and enforce our Terms of Service

4. How We Share Your Information

We may share your information in the following circumstances:

4.1 With Your Consent

We share information when you explicitly authorize us to do so.

4.2 Service Providers

We share information with third-party service providers who perform services on our behalf:

  • Cloud hosting providers (for data storage)
  • Email delivery services
  • Analytics providers
  • Security and fraud prevention services

4.3 Integrated Services

When you connect third-party integrations (Google Calendar, Slack, WhatsApp), we share relevant data with these services to provide the integration functionality.

4.4 Legal Requirements

We may disclose information if required by law or in response to valid legal process.

4.5 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

We do NOT sell your personal information to third parties.

5. Data Retention

We retain your information for as long as your account is active or as needed to provide services. We will retain and use your information as necessary to:

  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements
  • Maintain audit trails and security logs

Upon account deletion, we will delete or anonymize your personal information within 90 days, except where retention is required by law.

6. Data Security

We implement appropriate technical and organizational measures to protect your information:

  • Encryption of data in transit (HTTPS/TLS)
  • Encrypted data storage
  • Access controls and authentication
  • Regular security audits and monitoring
  • Secure API integrations with signed requests

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

7.1 Access and Portability

You can request a copy of your personal information in a portable format.

7.2 Correction

You can update or correct your information through your account settings.

7.3 Deletion

You can request deletion of your account and associated data.

7.4 Opt-Out

You can opt out of non-essential communications, though operational shift notifications are required for service functionality.

7.5 Object to Processing

You can object to certain types of data processing.

To exercise these rights, contact us at info@shryft.io.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place for such transfers in compliance with applicable laws.

9. Children's Privacy

Our Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Essential Cookies: Required for authentication and service functionality
  • Preference Cookies: Remember your settings and preferences
  • Analytics Cookies: Understand how you use the Service

You can control cookies through your browser settings, though disabling essential cookies may affect service functionality.

11. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to say no to the sale of personal information
  • Right to access your personal information
  • Right to equal service and price

We do not sell personal information.

13. European Privacy Rights (GDPR)

If you are in the European Economic Area, you have rights under the General Data Protection Regulation:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object
  • Rights related to automated decision-making

Our legal basis for processing includes consent, contract performance, and legitimate interests.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a prominent notice on the Service. Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

15. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: info@shryft.io

← Back to Home