Privacy Policy

At EasyHours.eu, we are committed to protecting your privacy. This concise privacy policy explains what data we collect, why we collect it, and how we handle it, in compliance with the EU General Data Protection Regulation (GDPR).

Data Collection and Purpose

Data Storage and Security

We take data security seriously and implement measures to safeguard your information:

• Secure EU Servers: All personal data (including your profile and time-tracking records) is stored on secure servers located in Germany. Keeping data in the EU means it is protected under strict European data protection laws.
• Encryption: Sensitive data, such as your GPS location coordinates, is encrypted both in transit and at rest. This means your location and time logs are stored in an encoded format that cannot be read without proper authorization. We also use industry-standard HTTPS/SSL to secure data transfer between your device and our servers.
• Access Control: Only authorized personnel at EasyHours can access personal data, and only for the purposes described in this policy. We regularly review our security practices to prevent unauthorized access or disclosure.

Data Retention

We retain personal data only for as long as necessary to serve you and to comply with the law:

• Active Accounts: If you have an active subscription or account with EasyHours, we will retain your data (profile information, work logs, etc.) for the duration of your use of the service. This allows you to access your historical work hours and for employers to maintain required records.
• Cancelled or Inactive Accounts: If you cancel your EasyHours subscription or your account becomes otherwise inactive, we will keep your data for up to one year after the cancellation/inactivity date. We retain it for this period in case you reactivate your account or need to retrieve past records, and to meet any legal record-keeping obligations.
• Deletion After Retention Period: After one year of cancellation or inactivity, we will permanently delete or anonymize your personal data from our systems. Of course, you have the option to request immediate deletion of your data at any time (see User Rights below), in which case we will honor that request unless we are required by law to keep certain data for a longer period.

User Rights

As a user of EasyHours and a data subject under GDPR, you have full control over your personal data. You have the following rights, which you can exercise at any time:

• Right to Access: You can request a copy of the personal data we hold about you. This includes your profile information and any time-tracking records associated with your account. We will provide this information in a common electronic format.
• Right to Rectification: If any of your personal data is incorrect or outdated (for example, you need to update your name or email), you have the right to correct it. You can typically update basic information through your account settings, or you can contact us for assistance.
• Right to Erasure: You can request deletion of your personal data ("right to be forgotten"). This can be done by deleting your account or contacting us to specifically remove your data. Unless we are required to keep data for legal reasons, we will promptly delete your information and confirm once it's done.
• Right to Withdraw Consent: Because we rely on your consent to process your data (see Legal Basis below), you have the right to withdraw that consent at any time. For example, you can disable location tracking if you no longer wish to use the check-in feature (though this will limit the functionality of the service), or you can fully withdraw consent by closing your account. Withdrawal of consent does not affect the legality of data processing already carried out while your consent was in place.
• Other Rights: You also have the right to data portability (to obtain your data in a format you can transfer to another service) and the right to object to certain types of processing. EasyHours, however, does not engage in profiling or automated decision-making beyond the scope of providing the service. If you have any concerns or special requests regarding your data, please let us know.

To exercise any of your rights, you can contact us using the information in the Contact Information section. We will respond to all requests within the timeframe required by law (generally within one month).

Finally, if you believe your data protection rights have been violated, you have the right to lodge a complaint with your local Data Protection Authority or the lead supervisory authority for EasyHours. We encourage you to contact us first, and we will do our best to address your concern.

Legal Basis for Processing

We only collect and process your personal data when we have a valid legal basis under GDPR:

• User Consent: The primary legal basis for all data processing on EasyHours is your consent (GDPR Article 6(1)(a)). By creating an account and using the EasyHours service (including the mobile app for location-based clock-ins), you consent to the collection and use of your data as described in this policy. We seek your permission explicitly when you sign up (for collecting your name and email) and when you use location features (your device will prompt you to allow location access).
• Compliance with Law: In addition, tracking working hours may be necessary for compliance with labor laws (GDPR Article 6(1)(c), legal obligation). Employers in the EU have legal obligations to record employee working times. EasyHours helps fulfill this requirement. If we ever need to process or retain data to comply with a legal obligation (for example, a court order or tax law), we will do so under that legal basis. We will inform you if any such requirement arises.
• Legitimate Interests: We do not use your data for any purpose that would rely on "legitimate interests" without your consent. Our use of anonymized analytics data is based on our legitimate interest to improve our website, but this data does not identify you personally.

In summary, we process your data with your consent and, where applicable, to comply with EU laws on working hours. You are free to withdraw consent at any time, as noted above.

Third-Party Services

We do not sell or share your personal data with third parties for marketing purposes. However, we do rely on a few trusted third-party services (all of which are GDPR-compliant) to operate EasyHours effectively:

• Website Analytics: We use a third-party analytics service such as SimpleAnalytics or Plausible to collect basic information about website visits. These services are privacy-focused and do not collect personal data about you. They do not use cookies or track you across other sites. The data they provide is aggregated (for example, total number of visitors, popular pages, general device types) and helps us understand how our website is used without profiling individual users.
• Hosting and Cloud Services: Our application and database are hosted on secure servers in Germany (within the EU) provided by reputable hosting providers. These providers act as "data processors" on our behalf. They are bound by strict agreements to protect your data and only process it according to our instructions and the GDPR.
• Email Service: We may use an email service provider to send account-related emails (such as password resets or notifications). If so, we only share your name and email with that provider for the sole purpose of sending these emails. They are not allowed to use your information for anything else.
• Location Services: The EasyHours mobile app may use your device's built-in location services (GPS) for clocking in/out. This data is handled as described above and not shared with any mapping or advertising services. We do not stream your live location to any third party; the location points are sent directly to our secure servers.

All third-party partners are carefully vetted to ensure they meet GDPR standards. We maintain data processing agreements with these providers to ensure your data receives the same level of protection as it does with us. If we ever change or add new third-party processors that handle personal data, we will update this policy and notify users as required.

Data Transfers

All your data is stored and processed within the European Union. We do not transfer your personal data to countries outside the European Economic Area (EEA). In the event we ever need to transfer data internationally (for example, using a service based outside the EU), we will only do so with appropriate safeguards in place (such as EU Commission Standard Contractual Clauses) and will update this privacy policy accordingly. Currently, all data remains in the EU.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. If we make significant changes, we will notify you via email or through the app/website. The "last updated" date below indicates when the policy was last revised. We encourage you to review this policy periodically to stay informed about how we are protecting your data.

Last updated: March 9, 2025

Contact Information

EasyHours is the data controller responsible for your personal data when you use EasyHours.eu. If you have any questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact us:

You can also reach out to us for any privacy-related inquiries or to exercise your GDPR rights (access, deletion, etc.). We are here to help and will respond as quickly as possible, generally within 30 days.

If you have unresolved concerns, you also have the right to contact your local Data Protection Authority or the supervisory authority in Germany (where our EU servers are located) or in the country of our EU representative. We value your privacy and will do our utmost to address any issue to your satisfaction.

Thank you for trusting EasyHours.eu with your time-tracking needs. We are committed to keeping your data safe and your privacy respected.