Privacy Policy

Effective Date: 4 April 2026
Last Updated: 4 April 2026

Staffly respects your privacy and is committed to protecting personal data. This Privacy Policy explains how Staffly collects, uses, stores, shares, and protects personal information when you use the Staffly mobile application, website, and related services.

This Privacy Policy is intended to satisfy the privacy policy requirements for both the Apple App Store and Google Play Store, and applies to all users of the Staffly mobile app and website.

1. Who We Are

Staffly is a workforce management and HR software platform that helps businesses manage scheduling, attendance, leave, employee records, internal tasks, and related workforce operations.

Company Name: Staffly
Website: https://staffly.ie
Email: privacy@staffly.ie

If you do not yet use privacy@staffly.ie, replace this with the correct email before publishing.

2. Scope of This Policy

This Privacy Policy applies to:

• the Staffly mobile application
• the Staffly website
• related support, communications, and services
• any other services that link to this Privacy Policy

It does not apply to third-party websites or services that may be linked from Staffly.

3. Information We Collect

Depending on how Staffly is used, we may collect and process the following categories of information:

a) Information provided directly by users or customers

This may include:

• full name
• email address
• phone number
• employer or company name
• job title
• login credentials
• information submitted through forms
• messages sent to support or contact forms

b) Workforce and employment-related information

Where Staffly is used by an employer or organisation, we may process workforce-related information made available by that employer or entered into the platform, including:

• employee names
• work email addresses and contact details
• department and role
• shift schedules and rotas
• clock-in and clock-out records
• attendance and lateness information
• leave requests and absence records
• task assignments
• incident reports or internal notes
• payroll-related export information where enabled by the customer

In many cases, this information is provided to Staffly by the employer using the platform.

c) Device and technical information

When users access the Staffly app or website, we may automatically collect certain technical information, such as:

• IP address
• device type
• operating system
• browser type
• app version
• log data
• crash reports
• diagnostic data
• usage information

d) Location data

Where enabled for attendance, geofencing, or clock-in verification, Staffly may process approximate or precise location data, subject to device permissions and customer configuration.

Location data is only collected where relevant to the features being used.

e) Camera, photos, files, and uploaded content

If the app includes features such as profile images, selfie verification, incident reporting, or document upload, Staffly may process:

• camera images
• uploaded photos
• documents
• attachments or files submitted through the app

f) Notifications

If enabled, Staffly may send push notifications or service notifications relating to scheduling, attendance, tasks, leave, or account activity.

g) Cookies and similar technologies

Our website may use cookies and similar technologies to support website functionality, analytics, security, and performance.

4. How We Use Personal Data

We use personal data to:

• provide and operate the Staffly app and website
• create and manage user accounts
• support workforce management features
• manage scheduling, attendance, leave, and tasks
• provide customer support
• maintain service security and prevent misuse
• troubleshoot technical issues
• improve app performance and user experience
• communicate important service updates
• comply with legal and regulatory obligations
• maintain internal records and audits where necessary

We do not sell personal data.

Google Play’s policy specifically requires developers to explain the types of personal and sensitive user data an app accesses, collects, uses, and shares, and with whom it is shared.

5. Legal Bases for Processing

Where the GDPR applies, Staffly processes personal data on one or more of the following legal bases:

• performance of a contract
• compliance with a legal obligation
• legitimate interests, including service delivery, service improvement, and platform security
• consent, where consent is required

Where Staffly processes employee data on behalf of an employer, that employer will generally act as the data controller and Staffly will generally act as the data processor for that information.

6. How We Share Information

We may share personal data only where necessary for the operation of the service or where required by law. This may include sharing with:

• cloud hosting and infrastructure providers
• authentication and login service providers
• analytics, crash reporting, or diagnostics providers
• communications and support providers
• payroll or integration providers where enabled by the customer
• legal, regulatory, or law enforcement authorities where required
• a successor entity in connection with a merger, acquisition, restructuring, or sale of assets

We require service providers to process personal data only on our instructions and with appropriate safeguards.

We do not sell personal and sensitive user data.

Google Play explicitly prohibits selling personal and sensitive user data and requires secure handling of that data.

7. International Transfers

Personal data may be processed in countries outside the country where the user is located. Where international transfers take place, Staffly will take appropriate steps to ensure that personal data is protected in accordance with applicable data protection laws.

8. Data Retention

We retain personal data only for as long as necessary to:

• provide the Staffly service
• comply with legal, tax, employment, and regulatory obligations
• resolve disputes
• enforce our agreements
• maintain appropriate audit, backup, and security records

Retention periods may vary depending on the data type, customer configuration, and legal requirements.

Google Play requires a privacy policy to describe the developer’s data retention and deletion policy.

9. Data Security

Staffly uses reasonable technical and organisational measures to protect personal data against unauthorised access, misuse, loss, destruction, or alteration.

These measures may include:

• encrypted transmission of data over HTTPS
• access controls and permissions
• secure hosting environments
• monitoring and logging
• role-based access restrictions where applicable

No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Google Play requires personal and sensitive user data to be handled securely, including transmission using modern cryptography such as HTTPS.

10. User Rights

Depending on the applicable law, users may have the right to:

• request access to their personal data
• request correction of inaccurate personal data
• request deletion of personal data
• object to or restrict certain processing
• request portability of their data
• withdraw consent where processing is based on consent
• lodge a complaint with a relevant supervisory authority

Where Staffly is provided through an employer, employees may need to direct certain privacy requests to their employer as the data controller.

Requests can be sent to: privacy@staffly.ie

11. App Permissions

Depending on the features used, the Staffly mobile app may request permission to access:

• location
• camera
• photo library or file storage
• notifications

These permissions are used only for legitimate app functionality such as attendance verification, geofencing, incident reporting, profile images, file uploads, and service notifications. Users can manage permissions through their device settings, but disabling permissions may affect some functionality.

Google Play requires developers to limit access to personal and sensitive user data to app functionality reasonably expected by the user, and in some cases to provide prominent in-app disclosure and consent.

12. Analytics and Diagnostics

Staffly may use analytics, logging, and diagnostic tools to:

• understand feature usage
• investigate crashes and bugs
• improve performance
• maintain service stability
• protect the platform from abuse

This may include processing technical identifiers, event data, device information, or crash logs.

13. Children’s Privacy

Staffly is not directed to children and is not intended for use by children as a consumer service. Staffly is a workforce and HR platform intended for use by businesses and authorised users in a work context.

We do not knowingly collect personal data from children in violation of applicable law.

14. Account Deletion and Data Deletion Requests

If the Staffly app allows users to create an account directly, users may request deletion of their account and associated personal data, subject to any data we must retain for legal, security, fraud prevention, or regulatory reasons.

Account deletion or privacy requests may be submitted by contacting: privacy@staffly.ie

Google Play requires apps that allow account creation to also provide a way for users to request account deletion both in-app and outside the app, such as via a website link.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our services, legal obligations, or privacy practices. Any updates will be posted on this page and the “Last Updated” date will be revised.

16. Contact Us

If you have questions or requests regarding this Privacy Policy or our handling of personal data, please contact:

Staffly
Email: privacy@staffly.ie
Website: https://staffly.ie/contact/

Ensuring Data Security and Regulatory Compliance