GDPR Compliance | ShiftNest

Our Commitment to GDPR

ShiftNest is committed to protecting your personal data and ensuring compliance with the General Data Protection Regulation (GDPR). We process personal data in accordance with applicable data protection laws.

What is GDPR?

The GDPR is a comprehensive data protection law that gives individuals greater control over their personal data and imposes strict obligations on organizations that process personal data.

Your Rights Under GDPR

• Right of Access: You can request a copy of your personal data
• Right of Rectification: You can request correction of inaccurate data
• Right of Erasure: You can request deletion of your personal data
• Right to Restrict Processing: You can limit how we use your data
• Right to Data Portability: You can receive your data in a portable format
• Right to Object: You can object to certain types of processing
• Rights in Relation to Automated Decision Making: You have rights regarding automated decisions

Legal Basis for Processing

We process personal data based on legitimate interests, contractual necessity, consent, and legal obligations. We will always inform you of the legal basis for processing your data.

Types of Personal Data We Process

• Contact information (name, email, phone number)
• Account and profile information
• Usage data and analytics
• Communication preferences
• Payment and billing information

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area. We ensure appropriate safeguards are in place for such transfers.

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee our data protection practices. You can contact our DPO at dpo@shiftnest.co.uk

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us using the details provided below. We will respond to your request within one month.

Complaints

If you believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection authority.

Updates to This Policy

We may update this GDPR compliance policy from time to time. We will notify you of any material changes.

Contact Information

For any questions about our GDPR compliance or to exercise your rights, please contact us at privacy@shiftnest.co.uk