Privacy Policy
Effective date: [EFFECTIVE_DATE]
This Policy explains how [LEGAL_ENTITY] ("we") collects, uses, and protects your information when you use CPK Rota (the "Service").
1. Information we collect
- Account data via Google Sign-In: when you sign in with Google we receive your basic profile per the
openid,email, andprofilescopes — your email address, name, and Google account identifier. We do not receive your Google password. - Schedule data: the shifts, rotas, and related notes you import or create.
- Technical data: device and log information needed to operate and secure the Service.
2. How we use it
To authenticate you, provide and personalise the Service (including shift reminders), maintain security, and comply with legal obligations. We do not sell your personal data.
3. Sharing
We share data with service providers who help us run the Service — including Google (authentication), our hosting and database providers — under contracts that require appropriate protection. We may disclose data where required by law.
4. Retention
We keep your data for as long as your account is active and as needed to provide the Service, then delete or anonymise it within a reasonable period unless the law requires otherwise.
5. Your rights
Subject to your jurisdiction, you may access, correct, export, or delete your data, and object to or restrict certain processing. To exercise these rights or delete your account and associated data, contact us at [CONTACT_EMAIL].
6. Security
We use technical and organisational measures (including encryption in transit and access controls) to protect your data. No method of transmission or storage is completely secure.
7. Children
The Service is not directed to children under the age required by your jurisdiction, and we do not knowingly collect their data.
8. Changes
We may update this Policy; material changes will be posted here with a new effective date.
9. Contact
[LEGAL_ENTITY], governed by the laws of [JURISDICTION]. Privacy questions: [CONTACT_EMAIL].