Skip to main content

Privacy Considerations

Location Data Privacy

  • When location is required: Check-in uses location when your organization requires it. The app records where an employee clocked in (e.g. for attendance verification).
  • Who can see location: Managers and admins with access to time logs (or related views). Same role-based rules as other time log data.
  • Retroactive location: Cannot be added later. Only new check-ins record location. If an employee denied location, they must allow it and check in again.
  • Retention: Location data is subject to the data retention rules in the Privacy Policy (e.g. while the account is active; see Data retention below).

Data Retention Policies

The Privacy Policy describes retention in detail. In short:

  • Account data: Kept while the account is active.
  • After account deletion: Erased as described in the policy (e.g. immediately for account data; organizational data may be deleted if the account owner is the sole administrator).
  • Logs: Retained for a limited period (e.g. 3 months) for security and operations.
  • Billing and tax: Retained according to legal requirements (e.g. 5–10 years in Romania).

Export schedules (e.g. Print / Export from Shifts) if you need local copies for payroll or archives. Time logs are not exported to file; use filtered Time logs views plus schedule export. See Time Log Management, Shift Scheduling, Dashboard & Reporting, Best Practices – Data Management.

GDPR Compliance Considerations

Omeny processes personal data in line with GDPR and applicable data protection laws. Key points:

  • Legal bases: Processing relies on contractual necessity (providing the service), legal obligation (e.g. tax), legitimate interests (e.g. security, fraud prevention), and consent where applicable (e.g. marketing, non-essential cookies).
  • Your rights: Access, rectification, portability, erasure, restriction, object, and withdraw consent. You can exercise them via the dashboard (e.g. Profile → update or delete account) or by email (privacy@omeny.me). See the Privacy Policy for full details.
  • Breaches: In case of a data breach, affected users and authorities are notified as required by GDPR.
  • Contact: privacy@omeny.me for privacy questions or to exercise your rights. The Privacy Policy also states controller identity, DPO, and supervisory authority.

Next: User Permissions