GDPR compliantHosted in GermanyNo credit card requiredCancel anytime
EasyHours
Start free trial

easyhours.com

Privacy Policy

This Privacy Policy explains how we collect, use, disclose, and protect personal data in connection with EasyHours.

Last updated: 19 April 2026

EasyHours is operated by Martin Nielsen, Zollikerstrasse 23, 8008 Zürich, Switzerland ("EasyHours", "we", "us", or "our").

You can contact us at for privacy questions, support requests, or data rights requests.

This Privacy Policy explains how we collect, use, disclose, and protect personal data in connection with EasyHours.

1. Scope

EasyHours is a business time-tracking and workforce management service. It is intended for businesses and their authorised users, such as owners, admins, managers, employees, and kiosk users.

When a company or employer uses EasyHours to manage workforce data, time records, schedules, approvals, or location-based attendance features, that company is usually the party that decides why and how that workforce data is used. In those cases, EasyHours generally processes that data on the customer's behalf.

EasyHours also processes some data for its own purposes, including account administration, authentication, security, billing, support, fraud prevention, and service communications.

2. Personal Data We Collect

Depending on how the Service is used, we may collect the following categories of personal data:

a. Account and profile data

This may include name, email address, phone number, language, country, profile image, and account setup details.

b. Authentication and security data

This may include one-time passcodes, verification status, session data, refresh session data, install identifiers, IP address, user agent, device metadata, app version, and security or abuse-prevention records.

c. Company and organisation data

This may include company name, company logo, company country, company settings, role assignments, owner details, join codes or join keys, and subscription status.

This may include employee identifiers, department, start or end dates, role information, working hours settings, overtime-related settings, and other workforce administration data entered by the customer.

e. Time tracking and attendance data

This may include clock-in and clock-out records, break records, manual entries, notes, timesheet status, approval history, timestamps, timezone information, project or task references, and related audit history.

f. Location data

If location-based features are enabled, we may process check-in and check-out coordinates, location-related addresses, company location records, geofence settings, related location context, and geocoding data used to translate coordinates or addresses into usable map or location records.

g. Files and media

This may include avatars, company logos, time-entry attachments, file names, file sizes, storage keys, and related object-storage metadata.

h. Billing and transaction data

This may include billing contact information, plan and subscription details, seat counts, payment-related metadata, invoicing information, and tax-related information. Payment card data is typically processed by our payment provider rather than stored by us.

i. Notification and device data

This may include push tokens, reminder preferences, notification inbox data, delivery status, email preference data, admin alert events, and mobile-platform delivery identifiers used for Apple or Android push notifications.

j. Support and communications data

This may include messages you send to us, support requests, and other communications relating to the Service.

3. Sources of Personal Data

We may obtain personal data:

  • directly from you;
  • from the customer organisation that created or manages your EasyHours access;
  • from other authorised users within the same customer account;
  • from your browser, device, or operating system;
  • from payment, email, map, storage, hosting, and notification providers; and
  • from security and fraud-prevention checks carried out in connection with the Service.

4. How We Use Personal Data

We use personal data to:

  • provide, operate, maintain, and secure the Service;
  • create and manage accounts and company workspaces;
  • authenticate users and manage sessions;
  • process time tracking, timesheets, approvals, schedules, leave-related records, reports, and analytics;
  • support kiosk and shared-device workflows;
  • enable location and geofence features where configured;
  • process subscriptions, billing, taxes, and related administration;
  • send service messages, reminders, transactional emails, and support communications;
  • detect, prevent, and investigate fraud, abuse, misuse, and security incidents;
  • comply with legal obligations and enforce our terms; and
  • improve the reliability, performance, and usability of the Service.

Where data protection law requires a legal basis, we rely on one or more of the following, depending on the context:

  • performance of a contract or steps taken before entering into a contract;
  • legitimate interests, such as operating a secure and reliable service, preventing abuse, supporting customers, and improving the Service;
  • compliance with legal obligations; and
  • consent, where required, for example for certain device permissions or non-essential cookies or technologies.

6. Controller and Processor Roles

EasyHours does not act in a single role for all processing.

EasyHours as controller

EasyHours acts as a controller for data we use for our own business purposes, including:

  • account creation and administration;
  • login, authentication, and security;
  • billing, subscription management, and payment administration;
  • customer support and service communications;
  • fraud prevention, abuse prevention, and legal compliance; and
  • internal service improvement and operational administration.

EasyHours as processor

EasyHours generally acts as a processor when a customer uses the Service to store, manage, or analyse workforce data on behalf of that customer's organisation, including:

  • employee records;
  • time entries and timesheets;
  • schedules and approvals;
  • attachments uploaded by the customer or authorised users; and
  • location or geofence data processed as part of customer-configured attendance workflows.

If you are an employee or worker whose data is processed through EasyHours by your employer or organisation, your employer or organisation is usually the primary point of contact for questions about that workforce data.

7. Location and Workforce Monitoring

Location and geofence features are optional product features. If a customer enables them, and if the relevant user or device grants the necessary permissions, EasyHours may process location data in connection with attendance workflows.

Customers are responsible for using these features lawfully, including giving any required workplace notices, setting appropriate internal policies, and ensuring their use of monitoring, attendance, and location tools complies with applicable employment, labour, workplace, and privacy laws.

8. Sharing of Personal Data

We may share personal data with:

a. The relevant customer and its authorised users

If you use EasyHours through a company or employer account, your data may be visible to that customer and to the authorised users it designates, subject to its configuration and permissions.

b. Service providers and subprocessors

We may share data with providers that help us operate the Service, such as providers for:

  • hosting, database infrastructure, object storage, backup storage, disaster recovery, and related technical operations;
  • email delivery;
  • payments, subscriptions, invoicing, and billing administration;
  • analytics and product usage measurement;
  • maps and geocoding;
  • push notifications; and
  • security, logging, and support operations.

These providers may include, where applicable:

  • Hetzner, which we use for application hosting, database infrastructure, object storage, backup, and related infrastructure operations. Our primary application infrastructure, database, and object storage are hosted in Germany.
  • Backblaze, which we use for backup storage and disaster recovery-related backup copies. We currently use Backblaze's EU Central region for these backups.
  • Resend, which we use for transactional and support email delivery. This may involve processing email addresses, message contents, and related delivery metadata.
  • Stripe, which we use for payment processing, subscriptions, invoicing, and billing administration. Payment card details are generally processed directly by Stripe rather than stored by us.
  • PostHog, which we use for analytics and product usage measurement. Where configured by us, this may include website or product analytics data. We currently use PostHog's EU cloud region.
  • Google Maps Platform, which we use for maps and geocoding-related functions. This may involve processing addresses, coordinates, and related location lookup data.
  • Apple Push Notification service (APNs), which we use to deliver push notifications to Apple devices.
  • Firebase Cloud Messaging (FCM), which we use to deliver push notifications to Android devices.
  • other providers we may use from time to time for security, logging, and operational support.

c. Professional advisers and corporate transaction parties

We may share data with lawyers, accountants, auditors, insurers, or in connection with a merger, acquisition, financing, restructuring, or sale of all or part of our business.

We may disclose data where we reasonably believe disclosure is necessary to comply with law, regulation, legal process, lawful government request, or to protect rights, safety, or security.

9. International Transfers

EasyHours may process personal data in Switzerland and in other countries where we or our service providers operate.

Our primary hosting infrastructure, database, and object storage are hosted in Germany. We currently use Backblaze's EU Central region for backup storage. Some of our other service providers may process or access data from other jurisdictions depending on how their services are delivered and supported.

Where required by applicable law, we use appropriate safeguards for international transfers, such as contractual protections, data processing agreements, and standard contractual clauses or similar recognised transfer mechanisms.

10. Data Retention

We retain personal data for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Service, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and keep appropriate business records.

In general:

  • account and profile data are kept while the relevant account remains active and for a reasonable period afterwards;
  • security and authentication logs are kept for as long as reasonably necessary for security, fraud prevention, troubleshooting, and audit purposes;
  • workforce, time tracking, and attendance data are generally retained according to the customer's instructions and our contractual and legal obligations;
  • billing and tax records may be kept for longer periods where required by law or accounting standards; and
  • backup copies may remain in rolling backups for a limited period before being overwritten or deleted.

11. Cookies and Similar Technologies

EasyHours uses cookies and similar technologies for purposes such as:

  • authentication and session management;
  • security and fraud prevention;
  • kiosk session functionality;
  • language or interface preferences;
  • service reliability and technical operation; and
  • analytics where we have configured analytics features.

EasyHours currently uses PostHog for analytics-related measurement. Depending on how analytics is configured, this may involve cookies or similar technologies used to measure website or product usage.

If we use non-essential cookies or similar technologies where consent is required, we will request that consent through an appropriate consent mechanism and update this Privacy Policy as needed.

12. Security

We use reasonable technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.

However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

13. Your Rights

Depending on your location and the laws that apply, you may have rights in relation to your personal data, such as the right to:

  • access your data;
  • correct inaccurate data;
  • request deletion of data;
  • object to or restrict certain processing;
  • request portability of certain data; and
  • withdraw consent where processing is based on consent.

To exercise your rights, contact .

If EasyHours processes your data on behalf of your employer or another customer, you should usually contact that organisation first. We may assist our customer in responding to your request where required.

14. Complaints

If you have a concern about how we handle personal data, please contact us first at .

Depending on the law that applies, you may also have the right to lodge a complaint with the competent data protection authority, including the Swiss Federal Data Protection and Information Commissioner (FDPIC) or your local supervisory authority.

15. Children's Data

EasyHours is intended for business use and is not directed to children. We do not knowingly collect personal data directly from children through consumer-facing use of the Service.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

When we do, we will post the updated version in or through the Service and update the "Last updated" date above. Material changes may also be notified through the Service or by email where appropriate.

17. Contact

Martin Nielsen
Zollikerstrasse 23
8008 Zürich
Switzerland

Email: