Last Updated: 11 August, 2025
Welcome to SocialSchedules Inc. (“SocialSchedules,” “we,” “us,” or “our”). We value your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and protect personal information when you use our websites, mobile applications, and related services (collectively, the “Platform” or “Services”). It also describes your rights and choices regarding your personal information. This Policy applies globally to all types of users, including but not limited to:
● Business Customers (Employers/Merchants) – organizations that subscribe to or pay for our Services.
● Employees and Contractors (“Workers”) – individuals using the Platform at the direction of a Business Customer (e.g., employees, staff, or independent contractors managed via SocialSchedules).
● End Users & Consumers – individuals who interact with our Services indirectly (for example, receiving a delivery arranged through our Platform as an end-customer of a Merchant).
● Third-Party Providers – such as delivery couriers or other service providers who interface with our Platform.
By using the Platform, you acknowledge that you have read and understood this Privacy Policy. Our privacy practices comply with applicable laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) and global standards like the EU/UK General Data Protection Regulation (GDPR). We may provide additional privacy notices to explain special use cases – any such notice should be read together with this Policy. If you do not agree with this Policy, please discontinue use of our Services.
Note: If you are using SocialSchedules as an employee/worker or as a customer of one of our Business Customers, that Business Customer may separately act as a data controller of your information. We process such personal data on behalf of that business (as its “service provider” or “processor”) and rely on the business to have obtained any necessary permissions for us to process your information. In such cases, we handle your data in accordance with this Policy and any applicable data processing agreement with the business.
We collect personal information about you in a few ways: (1) information you or your organization provide to us; (2) information we automatically collect from your use of the Platform; and (3) information from third parties (such as service integrations). Below, we describe the categories of personal information we collect and process:
● Identifiers and Contact Information: This includes basic details like your name, email address, telephone number, postal address, username, and account login credentials. For example, when a company creates an account or a manager adds an employee to the Platform, we collect names and contact details. We may also collect business contact information (e.g., company name, job title, workplace location) for users in a business context.
● Profile and Account Details: Information associated with your user profile or account, such as your role or permission level on the Platform, preferences, and any profile photo or avatar you choose to upload. If you are an employee/worker user, this may include an internal employee ID or team association.
● Employment and Work Information: For Workers using the Platform, we collect information related to your job or work shifts. This can include your work schedule, time clock entries (clock-in/clock-out times), hours worked, hourly rates, breaks, time-off requests, approvals, shift notes, and related employment details input into the Platform. We also handle communications through the Platform, such as messages or shift swap requests between employees and managers. If your employer uses our compliance features, we may process information about your work eligibility or certifications (as provided by your employer).
● Payroll and Compensation Information: If a Business Customer uses our Payroll add-on service, we will collect and process the information necessary to run payroll and pay employees/contractors. This may include but is not limited to the government or tax identifiers (wage and salary information, hours and overtime data, and any other data required for calculating pay and taxes. This data is generally provided by the employer or the worker and is used to facilitate payroll processing (in partnership with our payroll provider, as described below).
● Merchant Transaction & Delivery Information: If you are a Merchant using our Platform for orders or deliveries (e.g. via InhouseDelivery), we collect information about the orders and deliveries. This includes details you input about your end-customers (such as the customer’s name, phone number, delivery address, and order details) in order to facilitate the delivery service. If you are an end-customer receiving a delivery, we handle your contact information and order details on behalf of the Merchant to fulfill the delivery request. We consider this information to be the Merchant’s data (we process it according to this Policy and our agreements with the Merchant). We do not collect direct payment card information from end-customers through our delivery Platform (payments for orders would be handled by the Merchant or its payment processor).
● Payment and Billing Information: For our Business Customers, if you make purchases or subscribe to paid Services, we (or our payment processors) collect billing details such as your business address and payment method information. Payment card numbers or bank account details used for subscriptions or service fees are typically processed directly by our third-party payment processors – we generally receive limited information like the card’s last four digits or payment confirmation. Payment transactions are secured and processed in accordance with industry standards.
● Device and Usage Information: When you use our Platform (whether on our website or mobile app), we automatically collect technical information about your device and how you interact with our Services. This includes:
○ Device identifiers and attributes: e.g. your device type, operating system version, unique device ID, browser type, and app version.
○ Network and log information: e.g. IP address, MAC address, mobile network, and timestamps and logs of your interactions (such as when you log in, view a page, or perform an action in the app).
○ Usage data: e.g. click-stream data, feature usage patterns, pages or screens viewed, links clicked, and crash reports. This information helps us operate and secure the Platform, and understand usage to improve our Services.
● Geolocation Data: In certain cases, we may collect geolocation information. For example, if a Worker uses our mobile app to clock in/out, the app may capture the approximate location of the clock-in (with the user’s permission) to verify attendance or compliance with geofencing rules. Similarly, for InhouseDelivery, our system processes addresses and may display courier or delivery tracking locations in real time for the end-customer. We do not continuously track users’ precise GPS location in the background for any other purposes, but we do process location data as needed for providing specific features (such as showing a delivery tracking map or confirming that a mobile user is at the designated job site).
● Cookies and Online Tracking Data: When you visit our websites or certain web pages delivered through our Platform, we (and authorized third parties) use cookies and similar tracking technologies. These may collect data about your online activities over time and across different sites or services. For instance, on a delivery tracking webpage we send to end-customers, we may use cookies or pixel tags to collect analytics on page views and interactions. For more details on cookies, see Section 6 below.
● Communications and Support: If you contact us for support or communicate with us (by email, phone, chat, or via social media), we will collect the information you provide in those interactions. This may include your contact details, the content of your communications, and any attachments or screenshots you send. We use this information to respond to you and improve our Services (e.g. fixing bugs or enhancing features based on feedback). We also maintain records of your communications with us for training and quality assurance.
● Other Information You Choose to Provide: You might provide information in other contexts – for example, filling out a form on our site, participating in a survey or beta program, or submitting feedback. We will collect whatever information you choose to provide and use it for the purposes for which you submitted it.
We do not seek to collect any sensitive personal information unless necessary for the functioning of our Services. We do not knowingly collect data revealing racial or ethnic origin, religious or philosophical beliefs, or genetic/biometric data from users, except if an employer or user voluntarily enters such information into the Platform (which is uncommon and against our guidelines). We do not allow use of our Platform by children under 13, and our Services are not directed to minors. If you are under 13, you may not create an account or use our Services. We may collect limited information about minors in the context of employment (e.g. if a business uses our platform to schedule a 16-year-old employee, basic personal and work info about that minor will be processed), but our Platform is intended for business use and not for children’s use as consumers. If we learn that we have inadvertently collected personal information from a child under 13 (or under 16 in California without the necessary consent), we will delete that information.
We use the personal information we collect for the following business and commercial purposes:
● Providing and Improving the Service: We primarily use your information to operate the SocialSchedules Platform and deliver the features and services you expect. This includes creating and managing user accounts, authenticating users at login, facilitating schedule management and communication between companies and workers, processing orders and deliveries, and running payroll services for those who opt in. We also use data to debug, troubleshoot, and improve platform performance and functionality over time (for example, analyzing usage trends to optimize the user experience or deploying automated systems to improve scheduling algorithms and compliance tools).
● Communicating with You: We use contact information (like email and phone number) to send you service-related communications. These include confirmations, reminders, and notifications (for example, notifying an employee of a new published schedule or an upcoming shift, sending an end-customer updates about their delivery, or alerting an admin about account usage). We may also send administrative messages such as changes to our terms or this policy, security or fraud alerts, and support communications in response to your inquiries. If you subscribe to any marketing communications, we may use your contact details to send you newsletters, offers, or product updates, but you can opt out of marketing at any time as described below. We do not send marketing messages to end-customers of our Merchants, aside from any communications a Merchant asks us to send on their behalf (like a promotion included on a delivery tracking page).
● Facilitating Transactions: We use relevant information to facilitate any transactions you request. For example, if you are a Merchant using InhouseDelivery, we use the provided customer and order details to arrange the delivery and share necessary information with the courier (such as the delivery address and contact info). If you utilize our payroll services, we use the employment and pay information to calculate wages, withhold taxes, and process direct deposits to employees’ bank accounts. For subscription customers, we use billing information to charge fees and process payments (through our payment processors).
● Analytics and Product Development: We and our analytics providers analyze how users interact with our Platform to understand what is working and what could be improved. This data helps us develop new features, test and enhance user interfaces, and make informed business decisions. Where possible, we use aggregated or de-identified data for analytics to avoid using personal data when it is not necessary. For instance, we might generate anonymized usage statistics or performance metrics to improve service reliability or to create industry benchmarks.
● Personalization and User Experience: We may use certain data to personalize your experience on the Platform. For example, remembering your preferences (such as language or notification settings), or suggesting features that are relevant to your role (e.g. an employee seeing their upcoming shifts prominently, or a manager seeing alerts about shift coverage). In some cases, we might also tailor content – for example, showing a Merchant user tips or guides related to features they haven’t tried.
● Advertising and Marketing Purposes: SocialSchedules itself engages in limited direct advertising, but we may use data for contextual marketing related to our Services. For example, we might use your email to send you information about new features or promotions if you are a registered Business Customer or have subscribed to such updates. We do not sell your personal information to third-party advertisers for their independent marketing. However, we may use third-party advertising networks or social media platforms to show ads for SocialSchedules to potential new customers. In doing so, we might use cookies or tracking technologies to measure ad performance or reach users with relevant ads (see Section 6 on Cookies). Additionally, as part of certain services to our business clients, we might assist with marketing to their end-customers – for instance, as noted, on a delivery tracking page we might display an advertisement or special offer on behalf of the Merchant for the end-customer’s benefit. Any such uses will be done in compliance with this Policy and applicable law (for example, we require Merchants to obtain any necessary consent to send their customers marketing content via our Platform).
● Security and Fraud Prevention: We are dedicated to keeping our Platform secure. We use personal information as needed to detect, investigate, and prevent fraud or misuse of our Services. For example, we may monitor account credentials and login activity to identify suspicious behavior, or use cookies and device information to distinguish legitimate users from bots or malicious actors. We may also use and share information as needed to enforce our Terms of Service and other usage policies, to protect the rights and safety of our users, SocialSchedules, and the public. This can include investigating violations, banning abusive users, and assisting law enforcement as legally required.
● Legal Compliance: Finally, we use personal information to comply with our legal and regulatory obligations. This includes maintaining records as required for finance and tax regulations, honoring privacy rights requests, and fulfilling obligations under employment, consumer protection, or privacy laws. For instance, in the payroll context we use data to file tax forms or remittances as required by law. If we are subject to a legal demand (such as a subpoena or court order), we may process and disclose personal information as necessary to respond, after taking appropriate steps to ensure any such disclosure is lawful.
We will not use personal information for purposes that are incompatible with the above, unless we obtain your consent or are required/permitted by law. If we plan to use your data for a new purpose not described here, we will update this Privacy Policy and notify you when required.
We understand the importance of your personal information and share it only as needed with trusted parties, as described below. SocialSchedules does not sell your personal data for monetary compensation to third parties. However, some of our data sharing practices (for example, with advertising or analytics partners) may be considered a “sale” or “sharing” of personal information under certain privacy laws like the CCPA – please see Section 9 for details on your opt-out rights. We disclose personal information to the following categories of recipients for business or authorized purposes:
● Service Providers (Processors): We share personal information with third-party companies that provide services to us, to facilitate or support the functions of our Platform. These providers act on our behalf and are contractually bound to protect your information and use it only for the purposes we specify. Examples of such service providers include:
○ Cloud Hosting and Storage: Providers that securely host our application and data (for instance, cloud infrastructure services) – they store information such as databases of user accounts, schedules, and messages.
○ Email, Text, and Push Notification and In-app Messaging Providers: Services that help us send communications (e.g. sending out email alerts or SMS messages to users or end-customers on our behalf). These communications may include shift reminders, delivery notifications, verification codes, etc.
○ Payment Processors: If you make payments to SocialSchedules (for subscription fees or payroll related charges), your payment-related information will be shared with and retained by our payment processing partners (e.g. credit card processors or banking partners) to complete the transaction. Similarly, for payroll, wage payments to employees are facilitated via our third-party service provider Check HQ through integrated payment services. We do not retain any payment -related information, but we ensure that these partners utilize industry best practices in managing financial data securely.
○ Analytics and Performance Tools: We use analytics services (such as web or mobile app analytics providers) that receive device and usage information in order to help us understand usage patterns and improve the Platform. These providers may set their own tracking technologies (cookies or SDKs) on our Services to collect usage data (see Section 6 on Cookies), but they are restricted from using your data for purposes outside our instructions.
○ Customer Support Tools: We may use third-party platforms to manage support tickets, chat communications, or user surveys. If you engage with us via those channels, the information might pass through such platforms.
● Integration Partners and Third-Party Features: SocialSchedules integrates with certain third-party services to provide specialized functionality. If you choose to utilize these features, we will share data with the relevant third parties as needed for operation:
○ Payroll Processing (CheckHQ): If you enable the SocialSchedules Payroll add-on, we will transmit required personal data to our payroll partner, Check Technologies, Inc. (“CheckHQ”), to process payroll and related tax filings. This includes company information, employee details, hours worked, wage rates, tax withholdings, bank account information for direct deposit, and other payroll-related data. CheckHQ will process this information to calculate pay and taxes, deposit funds, and file any required forms. CheckHQ is authorized to use this data only for providing payroll services, in compliance with our contract and privacy laws. (Your and your employer’s acceptance of the Payroll service includes agreeing to CheckHQ’s terms and privacy policy.)
○ Delivery Services (InhouseDelivery Partners): If you use our InhouseDelivery feature to request deliveries through third-party courier networks (e.g. DoorDash, Uber, Routemasters, or others), we share necessary information with the selected courier partner to fulfill the delivery. This typically includes the order details, pickup and delivery addresses, and recipient contact info so that the courier can complete the delivery. The courier (and the delivery network) will use that information only for executing the delivery and will handle it according to their own terms and privacy policy. We also may share confirmation and status updates back and forth (e.g. to update the tracking page and to inform the merchant of delivery completion). If a Merchant uses their own drivers (self-delivery), information is not shared with third-party couriers, though the Platform will still process the data to facilitate internal dispatching.
○ Third-Party Integrations and White-Label Partners: If you access SocialSchedules through a white-labeled version embedded in a third party’s system (for example, through a Point-of-Sale vendor’s platform), or if you connect SocialSchedules with another business system via our API/integration, the relevant information will be shared between us and the third party to enable the integration. For instance, if a POS integration is enabled, schedule or employee information might flow between SocialSchedules and the POS system. Such data sharing will be pursuant to the integration’s purpose and any agreements in place. We encourage you to review the third party’s privacy policy as well, since once data is in their system, their practices apply.
● Within a Business (Organization Accounts): If your access to the Platform is tied to an organization (such as your employer or a client company), certain data will be visible or shared within that context. For example, if you are an Employee/Worker, information like your name, contact details, schedule, hours worked, and in-platform activities are visible to the administrators and managers of your company’s SocialSchedules account. Your co-workers may see some of your information as needed for collaboration (e.g. coworkers see each other’s names and maybe profiles in a team schedule, or an available shift might show the employee who released it). Likewise, if you are an end-customer of a Merchant (receiving a delivery), the Merchant will have access to your order and contact details (since you provided them to the Merchant), and any delivery updates (including confirmation of delivery) will be shared with the Merchant. We facilitate these intra-organization or intra-transaction disclosures as part of providing our Services. Note: Your organization’s administrators can typically generate reports or export data related to your use of the Platform (for example, an employer can export timesheet data for their employees). SocialSchedules is not responsible for how an organization uses data that they obtained via our Platform when it’s in their possession, so any concerns about internal data practices may be addressed to them as well.
● Advertising and Analytics Partners: We may allow certain third-party advertising, marketing, or analytics companies to collect information about users through our Platform via cookies or similar technologies (see Section 6: Cookies). These partners might receive identifiers, device information, and browsing/activity data so that we can measure usage and provide relevant promotions. For example, we might use Google Analytics to understand site traffic, or allow an advertising network to recognize a cookie on your browser so it can show you an ad for SocialSchedules on another site. Any “sharing” of data with third-party advertising networks for cross-context behavioral advertising is done to promote our Services or our clients’ offerings, and we do not exchange your data for money. Under California law, some of this data sharing may be considered a “sale” or “share” of personal information (even if no money is exchanged) – California residents have the right to opt out, as explained in Section 9. These third-party partners are responsible for their own privacy practices. However, we contractually prohibit our service providers from using personal data we share with them for their own unrelated purposes, and where feasible we utilize tools that offer privacy controls (for instance, we honor the Global Privacy Control signal as an opt-out of sale/sharing – see Section 6 and Section 9).
● Legal and Compliance Disclosures: We may disclose personal information to third parties when we reasonably believe such disclosure is required by law or legal process, or where necessary to exercise, establish, or defend our legal rights. This includes:
○ Compliance with Laws: Responding to lawful requests by public authorities (such as subpoenas, court orders, or government requests) for purposes of law enforcement or regulatory requirements. If, for example, a government agency or regulatory body demands records related to wage/hour compliance or delivery logs, we may be obligated to provide relevant data.
○ Protection of Rights and Safety: Disclosing information if we believe it’s necessary to prevent physical harm or financial loss, or in connection with investigating suspected illegal activity, fraud, or a security vulnerability. For instance, if we detect fraudulent or malicious activity affecting user accounts, we might share data with law enforcement or specialist consultants to address the threat.
○ Enforcing Our Agreements: Using or disclosing data as needed to enforce our Terms of Service, this Privacy Policy, or other contracts – such as to investigate potential violations, or to collect debts owed, or to resolve disputes.
● Business Transfers: In the event SocialSchedules engages in a business transaction such as a merger, acquisition, reorganization, or sale of some or all of our assets, personal information may be transferred as part of that deal. For example, if another company acquires SocialSchedules or its business unit, your information would likely be among the assets transferred to that company so that the service can continue to be provided to you. In such cases, we will ensure the successor entity is bound to protect personal data in line with this Policy (we will also provide notice, and any choices you have, as required by law). Similarly, if we go through bankruptcy or restructuring, information could be considered an asset and sold or transferred to third parties, subject to applicable legal restrictions.
● With Your Consent or At Your Direction: Apart from the scenarios above, we will share your personal information with third parties if and when you explicitly consent or direct us to do so. For instance, if you request that we share your feedback testimonial on our public website, or you opt in to a feature that involves sending your data to a new third-party service, we will do so with your permission. You have the right to revoke such consent at any time (e.g., asking us to remove a public testimonial featuring your name).
No Unauthorized Sale of Personal Data: As stated, we do not sell your personal information for monetary consideration to data brokers or third parties. We may share data with service providers and partners as outlined above, but always for the purposes of operating our Platform or as otherwise described in this Policy. If in the future we ever contemplated selling personal data, we would update this Policy and provide any required notices and opt-in/opt-out choices.
Cookies are small text files placed on your device that enable various features and data collection on websites. Similar technologies include web beacons (pixel tags), local storage, SDKs in apps, or device identifiers. We use these technologies on our Platform to ensure it functions correctly, to help improve your user experience, and to support our analytics and advertising efforts as described:
● Essential Cookies: These are necessary for our website and app to operate. For example, we use session cookies to keep you logged in as you navigate between pages, so you don’t have to re-login repeatedly. They also help with security (e.g., to prevent cross-site request forgery or remember your authentication token). You cannot opt out of essential cookies, as the service will not work properly without them.
● Preference Cookies: We may use cookies to remember your preferences and settings, such as your language selection or other customizations, so that you have a tailored experience.
● Analytics Cookies: These cookies (including from third-party providers) collect information about how users interact with our Platform. For instance, we use these to learn which pages are most frequently visited, how long users spend on certain features, and which pathways through our app are common. This information helps us improve site/app performance and design. The data collected is typically aggregated and not intended to identify you personally. We use tools like Google Analytics (which may set its own cookies) to assist with this. Google Analytics may collect information such as your IP address, device info, and usage data; though IP anonymization is enabled where applicable. You can opt out of Google Analytics by using a browser plugin or via our cookie consent options.
● Advertising and Marketing Cookies: SocialSchedules itself has limited advertising on our own site, but we do allow certain third parties to set cookies for marketing purposes. For example, if we run an ad campaign, we might use a cookie to measure how many users who clicked an ad later signed up for our service. Additionally, on delivery tracking pages that we provide to Merchants’ customers, we may use cookies or similar tracking to collect data on the customer’s interaction (e.g. whether they viewed a promotional banner or clicked a link). This data can be used to retarget those customers with advertisements for the Merchant’s business or related services, or to identify future marketing opportunities, in accordance with this Policy. We require our business clients to obtain any necessary consent from their customers for such advertising uses. If a customer opts out or the merchant instructs us not to use promotional tracking, we will disable such marketing cookies for those deliveries as required by law. Separately, on our main website, we might use advertising cookies from networks like Google Ads or Facebook to show ads about SocialSchedules on other sites you visit. These cookies remember that you visited our site or performed a certain action and enable the ad network to serve you related ads.
● Third-Party and Social Media Plugins: The Platform might integrate third-party features that involve code from other companies (e.g. a “Live Chat” support widget, or social media share buttons). These third parties may set cookies or use similar tracking to function. For example, if we have a Facebook “Like” button on our blog, Facebook may drop a cookie to recognize you. Such third-party cookies are governed by the third party’s own privacy policy. We do not control these cookies, but you can often block them in your browser settings.
Your Choices for Cookies: When you first visit our site, you may be presented with a cookie notice or preferences tool that allows you to accept or reject certain categories of cookies (except strictly necessary ones). You can adjust your preferences at any time via that tool (if available) or by modifying your browser settings. Most web browsers allow you to refuse new cookies, delete existing cookies, or be notified before accepting cookies. Please note that if you disable or delete certain cookies, some features of our Services might not function properly (for example, you might not be able to log in or use some interactive features). For our mobile app, your device’s operating system may offer options to opt out of certain device identifiers or reset them.
Do Not Track & Global Privacy Control: “Do Not Track” (DNT) is a browser setting that signals to websites that you do not want to be tracked. Currently, our Platform does not respond to the older DNT signals in a standardized way, in part because there is not yet a consensus on how to interpret them. However, California law requires recognition of certain global opt-out signals for sale/sharing of data. We therefore honor the Global Privacy Control (GPC) signal, which is a browser or extension setting that notifies websites of a consumer’s privacy preferences. If our sites detect a GPC signal from your browser, we will treat it as a valid request to opt out of the sale/sharing of your personal information under the CCPA/CPRA. This means we will disable third-party advertising/tracking cookies on our site for that browser and not share your data for cross-context ads. Keep in mind, GPC signals are browser-specific, so you should enable it on all browsers/devices where you want it honored.
For more information about cookies and how to manage them, you can visit sites like AllAboutCookies.org. For choices regarding targeted online advertising, you can also use industry opt-out pages such as the NAI or DAA opt-out websites (these allow you to opt out of many participating ad networks’ cookies). Note that opting out through those mechanisms uses cookies too – so if you clear your cookies, you may need to opt out again.
We retain personal information for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law. In general, SocialSchedules will retain your personal information for up to five (5) years following your last use of the Platform or Services. We determine “last use” as the last date you (or your employer/company) were active on the Platform. This retention policy applies broadly to all types of individuals whose data we have (including Business Customers, Workers, and end-customers of deliveries).
During this retention period, your data remains subject to the terms of this Privacy Policy. Importantly, you have the right to request deletion of your personal data at any time, and we will honor such requests as required by law (see Section 9 on Your Rights). For example, a verified deletion request from a California resident will be respected under the CCPA/CPRA, and likewise a data erasure request from an EU individual will be handled per GDPR. If we receive a valid deletion request or if the 5-year retention period has elapsed (whichever comes first), we will either delete your personal information or anonymize it so that it can no longer be associated with you.
There are some exceptions where we may keep information longer than the standard period:
● Legal Obligations and Disputes: We might need to retain certain records to comply with laws (e.g., tax, accounting, employment, or delivery-related laws). For instance, payroll records and payment transactions may need to be stored for statutory periods (often several years) under financial regulations. If we are handling a dispute or an investigation (for example, regarding an accident on a delivery or an employment claim), we will retain relevant information until it is resolved, even if that extends beyond the normal retention window.
● Backup and Archival Copies: It’s possible that residual copies of your personal data might persist in our backup systems for a short period after deletion, until those backups cycle out. We maintain backups for integrity and disaster recovery purposes, but we have processes to eventually purge or overwrite data in backups as well.
● Aggregated/Anonymized Data: We may also retain data that has been rendered permanently de-identified or aggregated (no longer personally identifiable) for research, statistical analysis, or business planning. For example, we might keep anonymized metrics on scheduling trends or delivery times. This is not considered personal information and may be kept indefinitely without further notice to you.
When we no longer have a legitimate need or legal obligation to retain your personal information, we will securely dispose of it. This may involve erasing electronic records or securely shredding and disposing of physical documents. We maintain data retention and deletion procedures designed to ensure we handle your information appropriately through its lifecycle. If you have specific questions about our data retention practices for different types of data, you can contact us (see Section 11).
SocialSchedules takes the security of your personal information very seriously. We implement a variety of technical and organizational security measures to help protect your data from unauthorized access, disclosure, alteration, or destruction. These measures include, but are not limited to:
● Encryption: All sensitive data is protected using encryption both in transit and at rest. Sensitive data is transmitted over secure protocols. For example, our Platform is accessible only via HTTPS, which encrypts data in transit between your device and our servers. Certain sensitive fields (such as passwords, which are stored in hashed form) and any payment information we handle are encrypted at rest.
● Access Controls: We limit access to personal information to employees, contractors, and service providers who need that access to perform their job duties or services. All such personnel are subject to confidentiality obligations. We use role-based access controls in our systems to ensure, for instance, that a support agent can only access user data when necessary to assist with a request.
● Authentication and Account Security: User accounts are protected by passwords; we encourage users to choose strong passwords and keep them confidential. Where available, we support features like two-factor authentication (2FA) for added security. We also monitor for suspicious login attempts and may challenge or lock accounts if unauthorized access is suspected.
● Network and Application Security: Our infrastructure is secured behind firewalls and monitored for intrusions. We regularly update our software and systems to address security vulnerabilities. Security testing, such as penetration testing and code reviews, is conducted to bolster our application’s defenses. To protect against malicious activity, we monitor API traffic using web application firewalls (WAFs), which inspect, and filter requests based on security rules and threat intelligence. We also implement rate limiting on API endpoints to prevent excessive or abusive usage patterns, helping to mitigate the risk of denial-of-service (DoS) attacks, brute-force attempts, and other forms of automated exploitation.
● Employee Training: Our staff are trained on data security and privacy practices. We have internal policies in place to guide how employees must handle user data. Only authorized personnel are allowed to handle personal data, and any misuse is subject to disciplinary action.
Despite these precautions, it’s important to note that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security. For example, email communications are not always encrypted end-to-end, so please refrain from sending sensitive information to us via unencrypted channels. You can help protect your information by using unique and strong passwords, safeguarding your account credentials, and logging out of the Platform when you’re finished, especially on shared devices.
In the event of a data breach that affects your personal information, we will notify you and/or the appropriate regulatory authorities as required by law. We have a breach response plan in place to investigate, mitigate, and remediate security incidents.
By using our Platform, you acknowledge that you understand these security measures and the residual risks. If you have reason to believe that your interaction with us is no longer secure (for example, if you suspect that your account has been compromised or you receive suspicious communications purporting to be from us), please contact us immediately so we can assist (see Section 11, “Contact Us”).
If you are a California resident, you have specific privacy rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). These rights aim to give you more control over your personal information. In this section, we explain those rights and how you can exercise them, and we provide the disclosures required by California law. This section of the Policy applies solely to residents of California and is intended to comply with the CCPA/CPRA. If you are not a California resident, these rights may not apply to you (see Section 9 for other regions). However, we believe in transparency and many of these practices apply generally.
Categories of Personal Information Collected: In the past 12 months, we have collected the following categories of personal information about California consumers, as defined by the CCPA:
● Identifiers: e.g. real name, alias or username, postal address, email address, phone number, account login credentials, Internet Protocol (IP) address, and other similar identifiers.
● Personal Records Information: (Overlap with “Customer Records” category under Cal. Civ. Code §1798.80) – e.g. contact details, billing address, payment information (excluding credit card number which goes directly to payment processors), and demographic information you provide.
● Commercial Information: e.g. records of products or services purchased or considered, such as a business’s subscription to our service, and records of deliveries or transactions facilitated through our Platform.
● Professional or Employment-Related Information: e.g. job titles, employer (company) name, work location, and work schedules; for employees using the Platform, employment details like hours worked, pay rate, and related HR information; for job applicants (if any apply through our platform), resume/CV data.
● Internet or Other Electronic Network Activity Information: e.g. browsing or search history and usage data within our Platform, device and browser metadata, and interactions with our website, app, or advertisements (as captured via cookies and similar technologies). This includes logs of when users access the service and what actions they take.
● Geolocation Data: e.g. approximate geolocation derived from IP address, or more precise location if you enable location services for clock-ins or delivery tracking (which is tied to a device or delivery address, not continuous GPS tracking of individuals outside those uses).
● Sensory Information: We generally do not record audio, electronic, visual, thermal, or similar sensory information of consumers. We do not use video or voice recordings except if you participate in a recorded support call or voluntarily upload an image.
● Sensitive Personal Information: (as defined by CPRA) – We collect some data that falls under this category, including account login with password (credentials), and if you use Payroll: Social Security numbers or other government IDs, and financial account details (for direct deposit). We also might collect precise geolocation (within a radius of ~1,850 feet) during certain features (like clock-in), which is considered sensitive. We do not collect sensitive info like contents of mail or messages (aside from business communications on our Platform), genetic data, biometric identifiers, or information about race, ethnicity, religion, union membership, sexual orientation, etc. unless an employer or user has input such data into our system (which we do not require).
Categories of Sources: We collect personal information from the following sources: (1) directly from you (or your device) when you or your organization provide it – for example, through account registration, form submissions, or automatic collection via your interactions; (2) from our Business Customers (employers/merchants who input data about their employees or customers into the Platform); (3) from third-party partners – for example, if you integrate or link another service which sends us data, or if a third-party provides us verification or payment information; and (4) through cookies and tracking tools, as described in Section 6, which collect data from your browser or device.
Business or Commercial Purposes for Collection: We collect and use personal information for the business and commercial purposes described in Section 3 (How We Use Your Information). In summary, these purposes include providing and improving our Services (e.g., facilitating scheduling, deliveries, and payroll), communicating with users, processing transactions, personalizing content, ensuring security, and complying with legal obligations. We do not use personal information for purposes materially different from those disclosed. If we ever do, we will update you and obtain consent if required.
Categories of Third Parties Disclosed to: In the last 12 months, we have disclosed personal information to third parties in the categories described in Section 4 (How We Share Your Information). These include service providers (cloud hosting, payment processors, etc.), integration partners (like our payroll and delivery partners), business partners for analytics/advertising, your employers or relevant counter-parties in transactions, and others as required by law. We disclose various categories of data to these parties as needed (for example, identifiers and employment info to our payroll processor; order info and addresses to delivery couriers; online identifiers and usage data to analytics providers). All such disclosures are for business purposes – e.g., to help run our service, to complete transactions you’ve requested, or for compliance and protection. We do not disclose your personal info to unrelated third parties for their independent marketing purposes.
Sale/Sharing of Personal Information: SocialSchedules does not sell personal information for money, and we have not sold consumers’ personal information in the preceding 12 months. We also do not knowingly sell or share the personal information of consumers under 16 years of age without affirmative authorization. However, we want to be fully transparent under the CPRA’s broad definitions. We do engage in certain data sharing with third parties for analytics and advertising that may be deemed a “sale” or “sharing” of personal information under California law (even though we receive no monetary payment in return). Specifically, we may share identifiers and internet/activity information (such as cookie IDs, device identifiers, and browsing activity on our site) with third-party advertising networks or analytics providers that could use it to infer your preferences or show you targeted ads. For example, as described, we allow tracking on delivery pages to retarget customers with ads for the Merchant’s services. Under CPRA, this kind of cross-context behavioral advertising is considered “sharing” of personal info. The categories of personal info that have been shared in this manner in the last 12 months include: online identifiers (like cookie/device IDs) and internet/electronic activity (site usage data). We do not share sensitive personal information (such as SSN, bank details, etc.) for such purposes, nor do we sell any personal info in the traditional sense.
Your Rights Under CCPA/CPRA: As a California resident, you have the following rights regarding your personal information, subject to certain exceptions and limitations:
● Right to Know: You have the right to request that we disclose what personal information we have collected, used, and disclosed about you over the past 12 months. This includes the specific pieces of information we have about you, as well as additional details like the categories of personal info, categories of sources, purposes for collecting it, categories of third parties we shared it with, and the categories of information (if any) that we sold or shared for cross-context advertising. We provide much of this information in this Privacy Policy itself (see above), but you can also request a report of your personal data. Do note, we are only required to provide two such disclosure reports in a 12-month period per consumer.
● Right to Delete: You have the right to request that we delete personal information we have collected from you, subject to certain exceptions. Once we receive and confirm a verifiable deletion request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. For example, we may retain information needed to complete a transaction you requested, to detect security incidents, to comply with a legal obligation, or other reasons permitted by law. In Section 6 (Data Retention) we noted that you can request deletion at any time and we will honor it as required.
● Right to Correct: Starting January 1, 2023, you have the right to request that we correct any inaccurate personal information we maintain about you. If you become aware that certain data in your account is incorrect, you can contact us with a correction request. After verifying your identity and validating the correction, we will correct our records as required. In many cases, you can also correct and update some of your own information directly by logging into your account settings (for instance, updating your contact information).
● Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale of your personal information, or the sharing of your personal information for cross-context behavioral advertising purposes. As explained, while we do not sell data for money, we do share some data with third parties that may be considered a “sale” / “share” under California law. You can direct us at any time to not sell or share your personal information. This is often referred to as the “Do Not Sell or Share My Personal Information” right. See the “Opt-Out Instructions” below on how to exercise this right (e.g., using the “Do Not Sell or Share” link or contacting us). Once we process your opt-out, we will cease selling/sharing your data. If you opt out via browser signal (GPC) or our link, it will be honored for that browser/device; you should opt out on each browser or device you use our Services on for full coverage. Note: If you are a Worker using our Platform as part of your employment, and the data in question is only being shared with our service providers (and not used for third-party marketing), that data may not fall under this opt-out since it’s not sold/shared beyond providing the services. Nonetheless, we will apply opt-outs broadly to any applicable data.
● Right to Limit Use of Sensitive Personal Information: You have the right to instruct us to limit the use and disclosure of sensitive personal information (SPI) to only what is necessary to perform the services or provide the goods (or other exempt purposes under CPRA). Under CPRA, SPI includes things like government IDs, account credentials, precise geolocation, etc. Our processors and engaged third-party service providers only uses sensitive info for essential purposes: for example, Check HQ may use SSNs and/or payment details (bank information) solely for payroll processing (as required to pay wages and comply with tax law), and we might use a precise location for a delivery or clock-in (again, as necessary for the service). We do not use or disclose sensitive data to infer characteristics about you or for non-essential secondary purposes. Therefore, our use of SPI is already limited to what is allowable – any use beyond that would only occur with your consent. If you still wish to formally exercise this right, you may contact us and we will further ensure any sensitive data is not used beyond the strictly necessary scope. For instance, if we were using precise location for anything other than providing the service, you could request us to stop; currently, we have no such secondary use.
● Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. This means we will not deny you our Services, charge you a different price, provide a different level of quality, or otherwise retaliate just because you exercised your privacy rights. For example, if you opt out of the sale/sharing of your data or request deletion of some information, we will not terminate your service or degrade your experience except as permitted by law. However, please note that if the exercise of your rights renders us unable to provide you certain features (e.g. if you ask us to delete all your data, we cannot continue to provide your account), we may inform you of that outcome. In some cases, providing a service may inherently require certain data – if you ask us to delete or stop using that data, we might not be able to continue providing that service (e.g. asking us to delete your account credentials will mean we cannot let you log in anymore). Rest assured, we will not impose penalties or unlawful financial incentives linked to your rights. If we ever offer any financial incentives (like discounts or rewards) in exchange for personal information, we will present those terms clearly and you can opt in or out of them.
How to Exercise Your California Rights: If you are a California resident and wish to exercise any of the rights described above, you may contact us or submit a request through the following methods:
● Do Not Sell or Share Request (Opt-Out): To opt out of the sale or sharing of your personal info, you can click the “Do Not Sell or Share My Personal Information” link on our website (typically found in the footer of our homepage). This will take you to an opt-out mechanism (such as a form or toggle) where you can record your preference. Alternatively, you may email us at privacy@socialschedules.com with the subject line “Do Not Sell or Share Request” or words to that effect. You can also utilize a Global Privacy Control signal as mentioned in Section 6 – we honor that as a valid opt-out for that browser. Once you opt out, we will stop any selling/sharing of your data. If you have multiple accounts or use multiple browsers, please submit separate requests as needed to ensure we cover all bases.
● Access / Data Portability Request: To request a copy of your personal data or the categories of info we have on you, please email privacy@socialschedules.com with the subject “CCPA Request to Know” or use any online form we provide for data requests. Specify whether you want the categories of info or the specific pieces (or both). We will provide the information in a readily usable format, which may be electronic. We may also provide it through a secure self-service portal if available.
● Deletion Request: To request deletion of your personal information, you can email privacy@socialschedules.com with the subject “CCPA Request to Delete” and provide sufficient information for us to locate your account or data (e.g., the email associated with your account, your name, etc.). You may also submit this request through our website’s privacy request form if one is available. Please note, we will delete what we can but will inform you of any specific legal reasons we might need to retain certain data (if applicable). For example, if you are an employee of a Business Customer, we might need to retain payroll records for legal compliance, but we can delete your account login and other non-essential data.
● Correction Request: To correct inaccurate personal information, please email privacy@socialschedules.com with the details of the correction needed (e.g., “My last name is misspelled, it should be ___” or “my address has changed to ___”). We may need to verify the accuracy of the new information you provide. Where possible, we will correct the information in our systems and confirm with you.
● Limit Use of Sensitive Info: If you wish to exercise the right to limit use of your sensitive personal info, you may email us at privacy@socialschedules.com stating that request. Since we only use sensitive info for necessary purposes, limiting use might simply mean we ensure we continue to restrict it to those purposes. If you have specific concerns (e.g., you don’t even want your precise location captured for clock-ins), you might achieve that by disabling location access on your device, but you can also discuss with us and your employer for alternatives.
Verification of Requests: For any request (know, delete, correct, etc.), the law requires us to verify your identity to protect your privacy – we need to make sure it’s really you (or your authorized agent) making the request. When you submit a request, be prepared to provide identifying information. If you have an account, we will generally verify by matching information you provide with information we have on file (for example, sending the reply to your registered email or asking you to confirm specific details). We may ask for two or three pieces of personal information to verify you (which could include your name, email, last transaction, or other details we have). For sensitive requests (like accessing specific pieces of data), we may employ a higher standard of verification (such as a signed declaration under penalty of perjury that you are the consumer whose data is being requested).
If we cannot verify your identity from the information provided, we may ask for additional information. We will only use such additional information for verification purposes.
Authorized Agents: You may designate an authorized agent to make requests on your behalf. If you do so, we will require the agent to provide proof that you gave them signed permission to submit the request. We may also require you to verify your own identity directly with us or confirm that you provided the agent permission. These measures are to prevent fraud. If you are an authorized agent submitting a request, please explicitly state this in your communication and be prepared to provide documentation (such as a power of attorney or a letter of authorization plus your own ID).
Response Timing: We aim to respond to verifiable consumer requests within 45 days of receipt. If we need more time (up to an additional 45 days, for a total of 90 days), we will inform you of the reason and extension in writing. If you have an account with us, we will deliver our written response to that account (e.g., via secure message or email on file). If you do not have an account, we will deliver our response via email or postal mail, depending on what contact info you provided. Any disclosures we provide will cover the 12-month period preceding the request, or further back if you request and if required by law (CPRA allows going beyond 12 months in some cases). For data access requests, we will either provide the information or explain if we cannot (due to an exemption). For deletion requests, we will confirm once we have deleted the requested info (and let you know if anything was retained due to an exemption). For opt-outs, we will comply and ensure no data is sold/shared going forward (and we will notify any third parties as required to also cease).
We do not charge a fee to process or respond to your CCPA request unless it is excessive, repetitive, or manifestly unfounded. If we determine a fee is warranted, we will explain why and provide a cost estimate before proceeding.
For more information about your rights under California law, you can also visit the California Attorney General’s CCPA site or refer to Section 1798.100 et seq. of the California Civil Code. We have tried to cover all required disclosures here, but we’re happy to answer any additional questions you have about how we handle personal data.
If you are located in the European Economic Area (EEA), the United Kingdom, Switzerland, or other regions with data protection laws (collectively, “European” countries for this section), you are entitled to additional rights and information under the General Data Protection Regulation (GDPR) or equivalent laws. We also extend similar considerations to users in other jurisdictions where applicable. This section outlines key information for international users, including our legal bases for processing and your data subject rights.
Legal Basis for Processing: The GDPR requires us to inform you of the lawful bases on which we process your personal data. We process personal data only when we have a valid legal basis, which may include:
● Contractual Necessity: We process data to provide our Services in accordance with our contract (Terms of Service) with you or your organization. For example, when you create an account or your employer uses our Platform, we process your login information, schedule data, etc. as needed to perform our contractual obligations. If you are a delivery recipient, we process your address to fulfill the delivery contract. Not providing this information may mean we cannot provide the requested service.
● Legitimate Interests: We process data as needed for our legitimate business interests, provided those are not overridden by your data-protection rights. Our legitimate interests include: securing and improving our Platform, understanding how the Services are used, marketing our services to business customers, preventing fraud, and conducting business analytics. We carefully consider any impact on you and your rights before relying on legitimate interests. For instance, we have a legitimate interest in using cookies for analytics to improve our product, but we balance this by offering opt-outs for marketing cookies.
● Legal Obligation: In some cases, we must process data to comply with a legal obligation. For example, retaining employment and payroll records to satisfy labor laws, responding to lawful requests from authorities, or maintaining transaction records for financial regulations. If the law requires it, this forms our basis for that processing.
● Consent: Where we ask for and obtain your consent, we will process data based on that consent. For example, if we ever seek your consent to send you promotional communications (separate from necessary service emails), or to collect precise location for optional features, we will rely on consent. You have the right to withdraw your consent at any time (for example, you can unsubscribe from marketing emails via the provided link or adjust app permissions to withdraw location access). Note that withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.
● Public Interest or Vital Interests: These bases are rarely applicable to our typical activities. We do not generally process personal data in the exercise of official public tasks. In an unlikely scenario where vital interests are at stake (e.g., an immediate risk to someone’s life), we might process data to protect those interests.
If you have questions about the specific legal basis for a particular processing activity, feel free to contact us (see Section 11). Usually, multiple bases might apply – for instance, we might process an employee’s data both under contract (to provide the service to the employer) and under legitimate interest (to improve and secure our network). We will identify and document our bases internally as needed.
Your Rights under GDPR: As an individual in the EEA/UK (or similarly protected jurisdiction), you have the following data subject rights regarding your personal data:
● Right to Be Informed: You have the right to be given clear information about our data processing activities, which is the purpose of this Privacy Policy (and any other notices we provide). We aim to be transparent about what data we collect and how we use it.
● Right of Access: You have the right to request a copy of the personal data we hold about you, and to obtain information about how we process it. This is similar to the “Right to Know” described for California, but under GDPR it can include receiving a copy of all data we have on you. Upon request, we will provide you with a summary of your personal data in our systems, typically within one month (or as required by law).
● Right to Rectification: If any of your personal data is inaccurate or incomplete, you have the right to ask us to correct it. We encourage you to keep your profile information up-to-date. If you cannot change it yourself via the Platform, please contact us and we will rectify any inaccuracies.
● Right to Erasure (Right to be Forgotten): You have the right to request that we delete your personal data under certain conditions. For example, if the data is no longer necessary for the purpose it was collected, or if you withdraw consent and no other legal basis applies. We will honor valid erasure requests and remove your data, provided we don’t have a compelling reason to retain it (e.g., a legal obligation). Note that in many cases, if you request deletion of your data, it will likely mean closing your account and ceasing services, which we will confirm with you. Our process aligns with what’s described in Section 8 for California deletion requests, though GDPR does not have the same exemptions as CCPA (but has its own, like needing to keep data for legal claims, etc.).
● Right to Restrict Processing: You have the right to request the restriction of processing of your personal data in certain scenarios. For instance, if you contest the accuracy of your data, you can ask us to pause processing (aside from storage) until it’s verified. Or if you object to processing (see below) and we’re considering that objection. When processing is restricted, we will mark the data as such and only process it with your consent or for specific important reasons (e.g. legal claims, protecting others’ rights, etc.).
● Right to Data Portability: You have the right to obtain your personal data in a structured, commonly used, and machine-readable format, and to have that data transmitted to another controller where technically feasible. This typically applies to data you provided to us, and that we process by automated means based on contract or consent. For example, you could ask for an export of your profile and schedule data to transfer to another service. We will provide it in a CSV or similar format upon request. If you want it transferred directly to another service, we will do so if possible (or provide you the file to hand to them).
● Right to Object: You have the right to object to our processing of your personal data where the basis is our legitimate interests (or those of a third party), or where we are performing a task in the public interest. If you object, we must stop that processing unless we have compelling legitimate grounds that override your rights, or the processing is for legal claims. You also have an absolute right to object to your data being used for direct marketing at any time. In practice: if we send you marketing emails, you can object (unsubscribe) and we’ll stop. If we rely on legitimate interest for any analysis or personalization, you can object and we will evaluate your request. For example, you can object to certain analytics tracking – while we consider our need to improve services, we would likely honor an objection by disabling that tracking for your account if feasible, or by suggesting you opt out via existing tools. If you object to processing that is integral to the service (like objecting to any processing of your work data by the platform), we’ll discuss options with you – it might require account deletion if we cannot otherwise accommodate, since the service by nature requires some processing.
● Right Not to be Subject to Automated Decision-Making: You have rights related to automated decision-making, including profiling, which produces legal or similarly significant effects on you. SocialSchedules does not make any solely automated decisions that have legal or significant effects on individuals without human involvement. For instance, we don’t do automated hiring decisions or credit decisions. Some features (like scheduling suggestions or timesheet flagging) may use algorithms, but final decisions (like approving a timesheet or scheduling a shift) involve human managers. If we ever implement automated decision-making that significantly impacts you, we will ensure it complies with GDPR and that you have the right to request human review.
To exercise any of these GDPR rights, please reach out to us using the contact details in Section 11. We may need to verify your identity similar to the verification process described for California (the standards under GDPR are generally identity and entitlement checks). We will respond to your request within one month, or inform you of an extension if needed (GDPR allows an additional two months for complex requests). There is no fee for exercising your rights, except if requests are manifestly unfounded or excessive (in which case we may charge a reasonable fee or refuse, as permitted by law). We will explain our decision in such cases.
International Data Transfers: SocialSchedules is headquartered in the United States, and the personal information we collect is primarily processed in the U.S. If you are using our Services from outside the U.S., be aware that your personal data will likely be transferred to and stored on servers in the United States (and possibly other countries where we or our service providers maintain facilities). These countries may not have the same level of data protection laws as your home jurisdiction. However, we take steps to ensure that appropriate safeguards are in place to protect your information in line with this Policy and applicable law.
For transfers from the EEA/UK/Switzerland to the U.S. (or other non-EEA jurisdictions), we rely on legal transfer mechanisms such as the European Commission’s Standard Contractual Clauses (SCCs), which are contractual commitments between companies transferring personal data that bind them to protect the data per EU standards. We have SCCs in place where required (for example, between us and our service providers, or between our European affiliates and U.S. operations). In some cases, we may rely on the derogations under Article 49 GDPR, such as transfers that are necessary to perform a contract with you (e.g., if you are an EU user using our U.S.-based service, the transfer is necessary for the service) or your explicit consent (though we generally avoid needing consent for routine transfers). We continually monitor developments around international data transfers. If new compliance frameworks become available (for example, the EU-U.S. Data Privacy Framework if/when fully adopted), we will consider participating or using those as appropriate.
You can request more information about our transfer safeguards (or copies of the SCCs) by contacting us. We will gladly provide an overview, keeping any sensitive contractual terms confidential as needed.
Data Protection Officer & EU Representative: We have appointed a data privacy team to oversee compliance with this Policy. While we may not be legally required to have a formal Data Protection Officer under GDPR (depending on scale and nature of processing), we treat privacy governance seriously. If we are required to appoint an EU or UK representative, we will update this Policy or our website to provide their contact details. For now, EU/UK users may contact us directly with any questions or concerns (see Section 11).
Right to Lodge a Complaint: If you are in the EEA, UK, or Switzerland and believe we have infringed your data protection rights, you have the right to lodge a complaint with your local supervisory authority (data protection regulator). For example, in the UK this would be the Information Commissioner’s Office (ICO), and in Ireland it’s the Data Protection Commission (DPC). We encourage you to contact us first, so we have the opportunity to address your concerns directly, but you are not obliged to do so.
We are committed to resolving any privacy issues in a fair and transparent manner. International data privacy is a dynamic area, and we strive to stay up-to-date with evolving regulations (such as new laws in other countries and U.S. states). Rest assured, no matter where you are located, SocialSchedules will handle your information with care and respect, consistent with the principles laid out in this document.
We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will post the updated Policy on our website and update the “Last Updated” date at the top. Any changes will become effective on the date indicated in the posted Policy, unless stated otherwise.
If we make material changes – for example, if we start collecting additional categories of personal data or using data for new purposes not previously disclosed – we will take additional steps to inform you. This might include, for instance, posting a prominent notice on our website or within the app, or notifying users via email or in-app notification. We may also seek your consent to certain changes if required by applicable law.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. It’s your responsibility to be aware of any changes by checking the Policy. However, we will not treat your personal information in a manner materially inconsistent with the promises made at the time of collection without your consent. If you continue to use the Platform after an updated Privacy Policy becomes effective, it signifies your acceptance of the updated terms (to the extent permitted by law). For significant changes, we will give advance notice if required.
If you have any questions about the changes or would like a previous version of this Policy, you can contact us using the information below. We maintain archives of past privacy policies and can provide those as needed to regulators or users for transparency.
Thank you for reading our Privacy Policy. If you have any questions, concerns, or requests regarding this Policy or our data practices, please do not hesitate to contact us:
● Email: For privacy-related inquiries or to exercise any of your privacy rights, you can email us at privacy@socialschedules.com. This is the dedicated channel for all data protection matters. We will respond as promptly as possible. If you prefer, you may also reach our legal team at legal@socialschedules.com for privacy or contract-related issues.
●
Postal Mail: You can
send written correspondence to our mailing address:
SocialSchedules Inc.
6965 El Camino Real, Suite 105-550
Carlsbad, CA 92009, USA
Please Address it to “Attn: Privacy Team” or “Legal Department – Privacy”
to ensure it is routed correctly. If you are submitting a formal legal notice,
please additionally direct it to “Attn: Legal Department” as per any
requirements.
● Website Contact: For general inquiries, you may also reach out through our website’s contact form or live chat (if available). If your inquiry is privacy-specific, please mention that so it can be forwarded to the privacy team. Our website is socialschedules.com, where further contact information and support resources may be found.
● Within the App: If our mobile or web app offers in-app support or help chat, you can use that to contact us for assistance. We may direct you to the privacy team if needed for complex questions.
We will do our best to respond to your questions or requests in a timely and helpful manner. If you are contacting us to exercise a specific privacy right (such as those described in Sections 8 or 9), please make sure to state clearly what you are requesting, and provide sufficient information for us to verify your identity (as described above). Security of your data is important in this process – if we have doubts about a request, we may follow up for verification.
Your trust is important to us. We hope this Privacy Policy provides you with a clear understanding of how SocialSchedules handles personal information and upholds privacy. We are committed to safeguarding your data and being transparent about our practices. If anything remains unclear, we welcome your feedback so we can improve our communications. Thank you for using SocialSchedules and for placing your confidence in us to manage your information responsibly.