Privacy
Privacy Policy
Last updated · 12 July 2026
This Privacy Policy explains how Roster (“Roster”, “the platform”, “we”, “us”), operated by [Company Legal Name], collects, uses, discloses, and safeguards personal data when you use our workforce-scheduling service — including rosters, availability, leave, timesheets, pay information, and related features.
It applies to employers who subscribe to Roster, to the managers and administrators who operate it on their behalf, and to the employees whose working data is managed within it. Please read it alongside our Terms & Conditions.
Template — review before relying on this
This document is a comprehensive template tailored to Roster’s features. It is not legal advice. Before publishing, have it reviewed by a qualified data-protection lawyer for your jurisdiction and replace every bracketed placeholder (such as [Company Legal Name], [Registered Address], and [privacy@your-domain]) with your organisation’s details.
01Introduction & who we are
Roster is a multi-tenant scheduling platform that helps businesses build shift rosters, manage employee availability and leave, record timesheets and attendance, and calculate estimated pay. Delivering the service necessarily involves processing personal data about the people being scheduled.
The platform is provided by [Company Legal Name], a company registered at [Registered Address]. Where this policy uses “we” or “us”, it refers to that entity. For questions about this policy or how your data is handled, contact us using the details in section 16.
Throughout this policy the following terms are used:
- Personal data.
- any information relating to an identified or identifiable natural person.
- Processing.
- any operation performed on personal data — collecting, storing, using, sharing, or deleting it.
- Controller.
- the party that determines the purposes and means of processing personal data.
- Processor.
- a party that processes personal data on behalf of, and under the instructions of, a controller.
- Business account.
- the isolated tenant workspace belonging to one subscribing employer; data in one business account is never visible to another.
02Our role: controller vs processor
Our data-protection responsibilities differ depending on the data in question, and it is important to understand which applies:
Where we act as a processor
For the employee and scheduling data that an employer uploads or generates inside their business account — names, contact details, contracts, pay rates, availability, leave, shifts, timesheets, and attendance — the subscribing employer is the controller. They decide why and how that data is processed. We act as their processor, handling it only to provide the service and on their documented instructions. If you are an employee with questions about this data, please contact your employer, who is responsible for it.
Where we act as a controller
For a limited set of data we determine the purposes of ourselves — for example account-administrator registration details, billing and subscription records, product-usage and diagnostic logs, and security telemetry — we act as the controller. This policy governs that processing directly.
03Personal data we collect
Depending on how you use Roster, we may process the following categories of data:
Identity & contact data
- Full name and preferred name
- Email address and phone number
- Date of birth
- Account credentials (passwords are stored only as salted hashes; we never see them in plain text)
- Profile avatar or initials
Employment & scheduling data
- Job title, hire date, and employment status
- Contract details (contract type, contracted hours, FTE ratio, period)
- Pay rates and estimated gross-pay calculations
- Assigned locations, roles, permissions, and skills (including certification and expiry dates)
- Availability and unavailability blocks, including recurring patterns
- Leave requests, balances, and accruals
- Published and draft shift assignments
- Timesheets, recorded start/end times, breaks, and attendance status
Technical & usage data
- IP address, browser type, device, and operating system
- Pages viewed, features used, and timestamps
- Authentication events and session information
- Audit-log entries recording changes made within a business account (who changed what, and when)
- Diagnostic and error logs
We do not intentionally collect special-category data (such as health information) beyond what an employer chooses to record — for example, sick-leave categories. Employers are responsible for ensuring they have a lawful basis for any such data they enter.
04How we collect your data
- Directly from you — when you register, complete your profile, set your availability, request leave, or submit a timesheet.
- From your employer — administrators and managers create employee records, contracts, pay rates, and assignments on your behalf.
- Automatically — as you use the platform we record technical and usage data, authentication events, and audit-log entries.
- From service providers — for example our authentication and hosting infrastructure providers, strictly to operate the service.
05Why we process it & legal bases
Where the UK GDPR / EU GDPR applies, we (or the controlling employer) rely on one or more of the following legal bases:
- Performance of a contract — to provide the scheduling service to the employer and to administer your employment relationship (rostering, leave, timesheets, pay estimates).
- Legitimate interests — to secure, maintain, and improve the platform, prevent fraud and abuse, keep audit trails, and provide support — balanced against your rights and freedoms.
- Legal obligation — to comply with employment, tax, working-time, and record-keeping laws.
- Consent — where we ask for it specifically (for example certain optional communications); you may withdraw consent at any time.
We use personal data only for the purposes for which it was collected, including operating rosters and shift assignments, matching availability and skills to open shifts, processing leave and timesheets, calculating estimated pay, sending service-related notifications, securing accounts, and meeting legal duties.
06Automated processing & scheduling suggestions
Roster includes a suggestion engine that ranks employees for open shifts using factors such as availability, assigned skills, location, contracted hours, and compliance rules. This is a decision-support tool: it surfaces and orders candidates, but a human manager always makes the final assignment. It does not produce legal or similarly significant effects through solely automated means within the meaning of Article 22 of the GDPR. If your employer configures the platform differently, they are responsible for any additional automated decision-making and for informing you of it.
08International data transfers
Where personal data is transferred outside the UK or European Economic Area, we put appropriate safeguards in place — such as adequacy decisions or Standard Contractual Clauses (and the UK International Data Transfer Addendum where applicable) — so that your data continues to be protected to an equivalent standard. Details of the safeguards used are available on request.
09How long we keep your data
We retain personal data only as long as necessary for the purposes described in this policy, to provide the service to your employer, and to meet legal, tax, and accounting obligations. Retention periods depend on the data type and the controlling employer’s instructions — for example, scheduling and timesheet records are typically retained for the statutory period required for employment and payroll records.
When a business account is closed, we delete or anonymise its personal data within a reasonable period after the export window described in our Terms, except where we are required to retain it by law. Backups are purged on a rolling schedule.
10How we protect your data
We apply technical and organisational measures appropriate to the risk, including:
- Strict per-tenant isolation enforced at the database layer (row-level security), so one business account can never read another's data
- Role- and permission-based access control, so users see only the modules and records they are authorised for
- Encryption of data in transit (TLS) and at rest
- Salted, hashed password storage and secure session handling
- Comprehensive audit logging of changes within business accounts
- Least-privilege access for our staff and infrastructure, with elevated keys confined to secured server-side functions
- Regular patching, monitoring, and backups
No system can be guaranteed perfectly secure, but we work continually to protect your data and to respond quickly to any risk.
11Your privacy rights
Subject to applicable law, you may have the right to: access the personal data we hold about you; have inaccurate data corrected; request erasure; restrict or object to certain processing; receive your data in a portable format; and withdraw consent where processing is based on it.
Because employers control most employee data, requests about that data are usually fulfilled through your employer — please contact them first. For data where we are the controller, or if you cannot reach your employer, contact us at [privacy@your-domain] and we will respond within the timeframe required by law (generally one month). We will not charge a fee unless a request is manifestly unfounded or excessive.
If you are in the UK, you also have the right to lodge a complaint with the Information Commissioner’s Office (ICO). If you are in the EEA, you may complain to your local supervisory authority.
13Children's privacy
Roster is a workplace tool intended for use by employers and their workers. It is not directed at children, and we do not knowingly collect data from anyone below the minimum working age in the relevant jurisdiction. Employers are responsible for ensuring that any young workers they record are lawfully employed and that appropriate consents are in place.
14Personal data breaches
We maintain procedures to detect, investigate, and respond to personal data breaches. Where we are the controller and a breach is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of it, and affected individuals without undue delay where required. Where we act as a processor, we will notify the controlling employer without undue delay so they can meet their own obligations.
15Changes to this policy
We may update this policy from time to time to reflect changes in the platform, the law, or our practices. When we make material changes we will update the “Last updated” date above and, where appropriate, notify you through the platform or by email. Your continued use of Roster after an update means you accept the revised policy.
16How to contact us & complain
For any questions, requests, or complaints about this policy or your personal data, contact us at:
- Data controller: [Company Legal Name]
- Address: [Registered Address]
- Email: [privacy@your-domain]
- Data protection contact: [DPO / privacy contact name, if appointed]
If you are dissatisfied with our response, you may contact the Information Commissioner’s Office (ICO) at ico.org.uk or your local data-protection authority.