Introduction
InShifts ("we", "our", or "us") provides weekly shift planning software for restaurants, bars, and cafes through InShifts.com. This Privacy Policy describes how we handle personal information when you create an account, build schedules, publish staff links, or use the employee portal.
By using InShifts, you agree to this policy. If you manage a venue on behalf of an employer, you are responsible for informing your team about how their data is used in the product.
Information we collect
We collect information in three broad categories:
- Account data — name, email address, authentication identifiers, and workspace membership when you sign up or accept an invite.
- Workspace & schedule data — venue name and settings, employee roster details (names, roles, teams, optional compliance overrides), week drafts, published schedules, coverage rules, and staff-portal configuration you enter.
- Usage & technical data — browser type, device information, IP address, timestamps, and diagnostic logs needed to operate and secure the service.
Published staff links and employee portal URLs are tokenized. Anyone with a link can view only the schedule scope you configured — treat those links like shared credentials.
How we use data
We use collected information to:
- Provide, maintain, and improve shift planning features.
- Authenticate users, enforce workspace roles, and prevent abuse.
- Generate published schedules and employee-portal views you request.
- Respond to support requests and communicate product updates.
- Comply with legal obligations and protect the security of our users.
We do not sell personal information. We do not use employee roster data for advertising profiles.
Retention & deletion
We retain workspace and schedule data while your account or venue is active. You can edit or remove roster entries, unpublish links, and regenerate portal tokens from the product.
If you delete your account or request deletion, we remove or anonymize personal data within a reasonable period, except where retention is required for backups, billing records, or legal compliance.
Your rights
Depending on your location, you may have rights to access, correct, delete, or export personal data, and to object to or restrict certain processing. EU/UK users may lodge complaints with their supervisory authority. California residents may have additional rights under the CCPA/CPRA.
To exercise these rights, contact us at hi@inshifts.com. We may verify your identity before fulfilling a request.
Security
We use industry-standard measures including encrypted transport (HTTPS), authenticated access to manager areas, row-level security in the database, and tokenized public links with scoped visibility. No method of transmission or storage is 100% secure; please use strong passwords and limit who receives publish or portal URLs.
Contact
Questions about this policy? Email hi@inshifts.com.
We may update this policy from time to time. Material changes will be reflected on this page with an updated date.