Data security

TimeOff.Management application is hosted on DigitalOcean platform

Data is stored in a UK data centre. DigitalOcean conducted an extensive analysis of their operations to ensure compliance with GDPR before it went into effect. See their GDPR FAQs here: https://www.digitalocean.com/legal/gdpr-faq/

Payments are processed by PayPal and Stripe

All payment processing is done by PayPal and Stripe.

Paypal privacy policy.

Stripe privacy policy.

Data is transferred using HTTPS and encrypted at rest

When data is transferred it is encrypted using HTTPS.

Passwords are encrypted.

Passwords are encrypted with a 1‑way salt. Please create a strong password; consider using a password checker tool.

Report security issue

Please use our Contact Us form to raise any issue. We will do our best to reply ASAP.

GDPR gives you new protection rights and assures better access to your personal data.

• Right to rectification: Rectify your personal information at any time from your account settings or contact us directly.
• Right to be forgotten: Cancel your TimeOff.Management subscription and close your account at any time. Once you delete your account all data will be erased and cannot be reinstated.
• Right to portability: Data can be exported from the application at any time.
• Right to object: If you would like to object to how your data has been used please contact us via the Contact Us form.
• Right of access: You can contact us at any time to access and modify your personal data.

Sub‑contractors.

Under the GDPR, a sub‑processor is any business which may process your data as a side effect of using the TimeOff.Management service.