1. Introduction

ManageMate ("we," "our," or "us") operates the ManageMate workforce scheduling platform, including our website and mobile application (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Service.

As a Netherlands-based service, we comply with the European Union's General Data Protection Regulation (GDPR) and Dutch data protection laws.

2. Data Controller Information

3. Legal Basis for Processing

We process your personal data based on:

• Contract performance: To provide scheduling and workforce management services
• Legitimate interests: For system administration, security, and service improvement
• Consent: For marketing communications (where applicable)
• Legal obligation: For tax, employment law, and regulatory compliance

4. Information We Collect

4.1 Information You Provide

• Account Information: Name, email address, phone number, employee ID
• Profile Data: Work availability, job role, department, contact preferences
• Scheduling Data: Shift preferences, vacation requests, timesheet information
• Communication Data: Messages sent through our contact forms or support channels

4.2 Information Automatically Collected

• Usage Data: Pages visited, features used, time spent on the platform
• Technical Data: IP address, browser type, device information, operating system
• Performance Data: App crashes, load times, feature usage analytics

4.3 Authentication Data

• Login credentials managed through Supabase authentication
• Session tokens and security-related information

5. How We Use Your Information

We use your personal data to:

• Provide workforce scheduling and management services
• Generate work schedules based on availability and business needs
• Process timesheet and payroll-related information
• Manage vacation and leave requests
• Send work-related notifications and schedule updates
• Provide customer support and technical assistance
• Ensure platform security and prevent unauthorized access
• Comply with employment and tax regulations
• Improve our services through analytics (anonymized when possible)

6. Information Sharing and Disclosure

6.1 Within Your Organization

• Managers and administrators can access employee scheduling data
• HR personnel may access profile and timesheet information
• Colleagues may see published work schedules

6.2 Third-Party Service Providers

We share data with trusted service providers who assist in:

• Supabase: Database hosting and user authentication
• Gmail/Email Services: For sending notifications and communications
• Cloud Infrastructure: For secure data storage and processing

6.3 Legal Requirements

We may disclose information when required by:

• Dutch or EU legal obligations
• Court orders or government requests
• Protection of our rights or safety of users

7. Data Retention

We retain your personal data for:

• Active accounts: While you remain an active user
• Terminated accounts: Up to 7 years for employment/tax compliance
• Usage analytics: Up to 2 years in anonymized form
• Legal compliance: As required by applicable laws

You may request earlier deletion subject to legal and contractual obligations.

8. Your GDPR Rights

As an EU resident, you have the right to:

• Access: Request copies of your personal data
• Rectification: Correct inaccurate or incomplete information
• Erasure: Request deletion of your data (subject to legal requirements)
• Portability: Receive your data in a machine-readable format
• Restriction: Limit processing of your data in certain circumstances
• Objection: Object to processing based on legitimate interests
• Withdraw consent: For consent-based processing

To exercise these rights, contact us at privacy@managemate.online.

9. Data Security

We implement appropriate technical and organizational measures:

• Encryption in transit and at rest
• Regular security assessments and updates
• Access controls and authentication mechanisms
• Employee training on data protection practices
• Incident response procedures

10. International Data Transfers

Our service providers (including Supabase) may process data outside the EU. We ensure adequate protection through:

• Adequacy decisions by the European Commission
• Standard contractual clauses
• Other appropriate safeguards as required by GDPR

11. Cookies and Tracking

We use essential cookies for:

• User authentication and session management
• Preference storage (theme, language settings)
• Security and fraud prevention

You can control cookies through your browser settings. Disabling essential cookies may limit platform functionality.

12. Children's Privacy

ManageMate is designed for workplace use and not intended for individuals under 16. We do not knowingly collect data from children under 16 without parental consent.

13. Changes to This Policy

We may update this Privacy Policy to reflect service changes or legal requirements.We'll notify users of material changes via:

• Email notification to registered users
• Platform notifications
• Website announcements

Continued use after changes indicates acceptance of the updated policy.

14. Contact Information

For privacy-related questions or to exercise your rights: