Privacy Policy

INTRODUCTION

Schedex CJSC. (or " we", or " Schedex”) values and respects the privacy of individuals. This Privacy Policy sets out how we comply with data protection laws, including Canada’s Personal Information Protection and Electronic Documents Act (the "Data Protection Legislation”).

IF YOU ARE AN INDIVIDUAL LOCATED IN THE EEA: If you are located in the European Economic Area (“EEA”), this entire Privacy Policy applies to you. However, please see the section titled Additional Information for Users in the EEA, which will inform you in detail about our legal bases for processing and your rights regarding the processing of your personal data.

This Privacy Policy outlines our policies and procedures for collecting, using, storing and disclosing personal information of individuals. In this Privacy Policy, " Personal Information” refers to information about identifiable individuals and information which can be used, on its own or in combination with other information, to identify an individual.

Schedex's service offering involves providing organizations and individuals within those organizations (our "Customers”) with access to and use of the Schedex Services, which allows our Customers and their staff members to administer work scheduling (the "Services”) through their devices (any computer used to access the Schedex Service, including without limitation a desktop, laptop, mobile phone, tablet, or other consumer electronic device (each a "Device”)).

This Privacy Policy explains what we do with Personal Information when:

  • your organization signs up to the Services and you access the Schedex Services using a business Account, or you register for an individual Account not linked to a company, or decide to continue to use an individual Account or individual Account features after no longer being associated with your organization, via our website (www.schedex.co/www.schedex.me), subdomain (*.schedex.co), Apple App Store, Google Play Store, through applications on devices, through APIs, or through third-parties, or partner marketplaces (together, the "Users");
  • you visit our website www.schedex.co/www.schedex.me (the "Website") while browsing the internet (together, the "Website Users") ; and
  • you interact with our customer service, product or sales team for any purpose.

Schedex may amend this Privacy Policy from time to time. Please visit this page if you want to stay up to date, as we will post any changes here. Schedex will also notify affected individuals of any material changes in the way we process data.

1. OUR COLLECTION AND USE OF PERSONAL INFORMATION

Customer Data

Our primary purpose for collecting and using Personal Information is to provide the Services to our Customers. When we collect, use, and disclose Personal Information on the instructions of our Customers, we are a service provider/data processor to that Customer, processing personal information on their behalf and we refer to this data as “Customer Data”. We may also use Customer Data on an aggregated and non-identifiable basis to improve and enhance our product and service offerings.

We rely on our Customers to comply with all applicable privacy laws when collecting, using, or disclosing Personal Information through the Services, including by obtaining appropriate consent (such as from their employees, other staff, or other third parties that are authorized users of that Customer’s account) prior to collecting, using, and disclosing personal information through the Services.

If you have any questions regarding the Personal Information we process on behalf of a Customer, please contact the Customer directly and/or review their applicable privacy policy. If you signed-up to receive marketing communications from one of our Customers and now wish to unsubscribe, please contact the Customer directly.

2. WHAT KIND OF PERSONAL INFORMATION DO WE COLLECT AND USE?

Customer Data

Personal Information we Collect to provide Services to our Customers

We collect and use Personal Information in the course of providing the Services to you and your organization. Depending on the relevant circumstances and requirements, we may collect some or all of the Personal Information listed below to help us with this:

  • First name;
  • Last name;
  • Phone numbers;
  • Email address;
  • Preferred language;
  • Time zone;
  • Business addresses;
  • Information about staff members, including their role, hourly wage, hours worked, sales data, tasks and assignments assigned and completed, shift availability, preferred working hours, time booked off, shifts, schedules and attendance;
  • Messages, announcements and related team communication sent by employers and staff members through the Services;
  • Log data from your Device, its software, and your activity using the Schedex Services including the Device’s Internet Protocol (“IP”) address, browser type, locale preferences, geo-location information, identification numbers associated with your Devices, and other interactions with the Schedex Services.

Customers’ staff members create employee profiles to allow their employer and fellow employees to interact with them on the Services. At the Customers’ discretion, at any time, your access to Customer Data or data you entered into your employee profile which relates to your employment may be granted or revoked. The Customer may retain any or all of this data in accordance with their privacy policy.

The organization with which your Account is connected will have access to your employment information, such as job title, company, schedule, schedule preferences, shifts, and attendance. If you switch jobs, this employment information will not be shared with any other organization without Staff members’ consent.

How we Use Personal Information to provide Services to our Customers

When we use your Personal information to allow you to access and use the Schedex Services, we do so on the instructions of your organization (our Customer) and on the behalf of your organization. Activities that we may carry out on this basis include:

  • Allowing you to access and use the Schedex Application, including to schedule shifts, book time off, and trade shifts;
  • Providing you with assistance (including technical assistance) in relation to your use of the Schedex Application;
  • Personalizing and optimizing your experience of the Schedex Services and providing you with software updates; and
  • Ensuring compliance with the terms of our agreement with your organization.

Your posts may remain even after you close your account.

Schedex Data

Account Creation: Users are required to provide Personal Information to create an Account and use the Service such as name, email address, and password. We use this information to create and administer user accounts, authenticate users, process payments, and manage access and control rights. We require that you do not disclose your password to anyone. We will never ask you for your password in any communication (such as letters, phone calls or email messages). If you become aware of any unauthorized access to or use of your account, you are required to notify us immediately.

Individual Users not linked to employer accounts: If you register for an Account that is not linked to any company or once you use your Account after having left your organization, we are the accountable entity or a "data controller" for your Profile Data. We will use your Profile Data and other personal information to:

  • Provide you the option of maintaining your existing or creating a new Account using your existing Profile Data, which allow you to build your resume and apply to new organizations using your existing Profile Data;
  • Provide other services such as resume-building and job searching features; and
  • Ensure compliance with our own obligations under applicable law and regulations.

Marketing: We collect contact information for the purpose of sending marketing communications, and described under Section 5 (Marketing) or administering contests, promotions or surveys.

Job Applications: If you apply for a job with us, we may collect certain personal information about you (such as information that would be contained in a resume, cover letter, or other employment-related materials). We use this information for the purpose of processing, evaluating and responding to your application.

Customer Service: When you contact us with a comment, question or complaint, you may be asked for information that identifies you, such as your name, email address, and a telephone number, along with additional information we need to help us promptly answer your question or respond to your comment. We may also collect information to verify your identity at the start of the call.

We may also use Schedex Data for the following purposes:

  • Ensuring compliance with our own obligations under applicable law and regulations;
  • Using your Personal information to help us to establish, exercise or defend legal claims; and
  • Analyzing usage information, log data, and user statistics with the aim of improving the Schedex Service for all Users.

3. HOW DO WE COLLECT YOUR PERSONAL INFORMATION?

We collect your Personal Information in four primary ways:

  • Personal Information that you provide to us when you register for an Account as an organization or as an individual, use the Services, or contact us;
  • Personal Information that we receive from your organization (our Customer) and other sources, to send you email when we receive your email address to invite you to the Services;
  • Data from 3rd party integrations or usages of our API which have been authorized by your organization;
  • Employment Information that is inputted by you or your organization (our Customer), or other information generated from your use of the Services; and/or
  • Personal Information collected automatically from your Device or through our Website.

4. WEBSITE INFORMATION

Visiting our Website: We collect a limited amount of Personal Information from our Website Users which we use to help us to improve your experience when using our website and to help us manage the services we provide. This includes log data such as your Device’s IP address, browser type, the web page visited before you came to our website, information you search for on our website, locale preferences, identification numbers associated with your Devices, your mobile carrier, date and time stamps associated with transactions, system configuration information and other interactions with the Website. If you contact us via the Website (including via any chat widget), we will collect any information that you provide to us, for example your name and contact details in order to respond to the inquiry. We use this information to help us understand our website activity and to monitor and improve our website and Service.

Cookies: Schedex uses cookies in providing the Website and Service. Schedex uses cookies and similar technologies like single-pixel gifs and web beacons. We use both session-based and persistent cookies. Schedex sets and accesses our own cookies on the domains operated by Schedex and its corporate affiliates (collectively, the “Sites”). In addition, we use third party cookies, like Google Analytics.

Tracer Tags & Web Beacons: Our Website may also use a technology called "tracer tags” or "Web Beacons”. This technology allows us to understand which pages you visit on the Website. These tracer tags are used to help us optimize and tailor the Website for you and other future visitors to the Website.

5. INFORMATION SHARING & DISCLOSURE

Where appropriate and in accordance with applicable laws and requirements, we may share your Personal Information in the following ways.

  • Service Providers: We may use certain trusted third-party companies and individuals to help us provide, analyze, and improve the Schedex Services (including but not limited to data storage, maintenance services, chat tools, database management, web analytics, advertising and marketing services, payment processing, and improving the features of the Schedex Service). These third parties may have access to your Personal Information only for purposes of performing these tasks on our behalf and are not authorized to use or disclose Personal Information or their own marketing or other purposes.
  • Business Transfers: If we are involved in a proposed or completed merger, acquisition, or sale of all or a portion of our assets, your Personal Information may be transferred as part of that transaction.
  • Aggregated and Anonymized Data: We may disclose aggregated, or otherwise non-identifiable information, such as usage statistics of the Schedex Services to third parties.
  • We may also disclose Personal Information for other purposes where we have obtained your consent to do so.

Note that organizations (our Customers) may share the Personal Information of their employees with third parties and other software services, such as payroll and accounting services.

We do not sell personal information.

6. HOW DO WE SAFEGUARD YOUR PERSONAL INFORMATION?

We are committed to taking all reasonable and appropriate steps to protect the Personal Information that we hold from misuse, loss, destruction or unauthorized access and disclosure. We do this by having in place a range of appropriate technical and organizational measures. These include measures to deal with any suspected data breach. If you enter payment details onto our payment pages, we encrypt the transmission of that information.

We restrict access to Personal Information on a need-to-know basis to employees and authorized service providers who require access to fulfill their job requirements.

7. HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION FOR?

We will not keep your Personal Information for longer than we are permitted to do so under our agreement with our Customers or as is necessary for the purposes for which we have collected it unless we believe that the law or other regulation requires us to preserve it (for example, because of a request by a tax authority or in connection with any anticipated litigation) or if we require it to enforce our agreements.

When we are no longer permitted under our agreement with your organization or it is otherwise no longer necessary to retain your Personal Information for the purpose(s) for which it was collected, we will delete or anonymize the Personal Information that we hold about you from our systems. While we will endeavor to permanently erase your Personal Information once it reaches the end of its retention period, some of your Personal Information may still exist within our systems for a limited period of time, for example, if it is waiting to be overwritten. For our purposes, this data has been put beyond use, meaning that, while it still exists in the electronic ether, our employees will not have any access to it or use it again.

Your organization (our Customer) may store your employment information or other Personal Information for longer periods in accordance with its own retention policies, including after your employment terminates.

8. HOW CAN YOU ACCESS OR AMEND THE PERSONAL INFORMATION THAT WE HOLD ABOUT YOU?

Subject to applicable law, you have the right to access, update and correct inaccuracies in your personal information in our custody or control. You may request access, updating and corrections of inaccuracies in your personal information in our custody or control by emailing or writing to us at the contact information set out below. We may request certain personal information for the purpose of verifying the identity of the individual seeking access to his or her personal information records.

If you wish to make a request in relation to Personal Information we maintain and process on behalf of our Customers (and in respect of which we are a service provider/data processor), please contact the Customer directly in the first instance to handle your request. If you contact us in respect of an Account that is linked to your employer (our Customer), we will refer your request to your organization. Otherwise, please contact us and we will handle your request.

9. HOW DO WE STORE AND TRANSFER YOUR PERSONAL INFORMATION INTERNATIONALLY?

In order for us to carry out the functions described in this Privacy Policy (for more details, please see section 4 ("How do we use your Personal Data?") your Personal Information may be processed by us (or our third-party service providers) outside of your jurisdiction of residence. Our primary, encrypted data storage is located in the United States of America, with encrypted backups in Canada (see below for a list of our service provider types and the jurisdictions in which they are located).

  • Infrastructure, hosting, and data storage: USA Virginia
  • SMS, Push, Email providers: USA

All data transferred in and out of the Schedex Services are encrypted securely end-to-end. We ensure that our service providers comply with applicable privacy and data protection laws and implement contractual clauses that ensure the protection of privacy rights, as applicable.

10. PRIVACY RIGHTS FOR CALIFORNIA RESIDENTS

If you are a California resident, you have certain privacy rights under the California Consumer Privacy Act (“CCPA”) regarding your personal information. These include:

  • The right to request Schedex to disclose what personal information is collected and how it is used;
  • The right to request to have your information deleted;
  • The right to request Schedex to disclose how it sells your personal information;
  • The right of non-discrimination if you make a request about your personal information; and
  • The right to opt out of having your personal information sold or opt in having your personal information sold if you are under 16 years old.

You can submit requests about your information to the following:

Mail: Schedex CJSC 0033 , Yerevan,

H. HAKOBYAN P. 3 1,4-RD HARK Yerevan

Yerevan, Armenia

Email: info@schedex.me

You may only make two requests over a 12-month period. Schedex will respond to your request within 45 days of receiving your request and will provide information from the 12-month period prior to your request.

There are some exceptions to these requests. For example, the information may be owned by your employer and Schedex can keep your personal information for certain business purposes, such as processing payments for merchandise you order or undertaking internal research for our technological developments.

Additionally, the CCPA provides for certain exemptions, such that requests under the CCPA cannot prevent Schedex’s ability to:

  • Comply with federal, state, or local laws;
  • Comply with certain requests by legal authorities;
  • Cooperate with enforcement agencies;
  • Exercise or defend legal claims;
  • Collect, use, retain, sell, or disclose consumer information that is de-identified or aggregate consumer information;
  • Collect or sell personal information if all aspects of such transactions occur wholly outside California; or
  • Preserve evidentiary privileges

In some instances, Schedex may refuse to respond to such a request based on an exemption, a legal requirement, or other business or legal policy. Schedex will inform you as to the basis for refusing any such request.

11. ADDITIONAL INFORMATION FOR USERS IN THE EEA AND THE U.K.

Rights and Choices

If the GDPR applies to you because you are in the EEA or the U.K., you have certain rights in relation to your personal data:

  • The right to be informed: our obligation to inform you that we process your personal data (and that’s what we’re doing in this Privacy Policy)
  • The right of access: your right to request a copy of the personal data we hold about you (also known as a ‘data subject access request’)
  • The right of rectification: your right to request that we correct personal data about you if it is incomplete or inaccurate (though we generally recommend first making any changes in your Account Settings)
  • The right to erasure (also known as the ‘right to be forgotten’): under certain circumstances, you may ask us to delete the personal data we have about you (unless it remains necessary for us to continue processing your personal data for a legitimate business need or to comply with a legal obligation as permitted under the GDPR, in which case we will inform you)
  • The right to restrict processing: your right, under certain circumstances, to ask us to suspend our processing of your personal data
  • The right to data portability: your right to ask us for a copy of your personal data in a common format (for example, a .csv file)
  • The right to object: your right to object to us processing your personal data (for example, if you object to us processing your data for direct marketing)
  • Rights in relation to automated decision-making and profiling: our obligation to be transparent about any profiling we do, or any automated decision-making. These rights are subject to certain rules around when you can exercise them.

How you may exercise these rights depends on how you use the Site and/or Services, as explained below. For End Users in the EEA or the U.K., please read below.

Customers, Site Visitors in the EEA or the U.K

If you are located in the EEA or the U.K. and you are a Customer or Site Visitor, and wish to exercise any of the rights set out above, you may contact us at info@schedex.me using the term “DSR” as your email subject line. You will not have to pay a fee to access your personal data (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request under those circumstances. If we cannot reasonably verify your identity, we will not be able to comply with your request(s). We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. Note that this is especially true when you engage a third party to assist you in exercising your rights. We will respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law. In addition, we will always balance your rights against those of other data subjects in connection with any requests, and in some cases, this may require us to redact our responses or deny a request.

Finally, you have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to address your concerns before you approach the supervisory authority, so please contact us directly first.

End Users in the EEA or the U.K.

Schedex has no direct relationship with End Users. Our Customers are solely responsible for ensuring compliance with all applicable laws and regulations with respect to their End Users, and this includes handling all data subject requests. We rely on our Customers to comply with the underlying legal requirements and respond directly to End Users when End Users wish to exercise the rights set forth above. However, if an End User sends a request to Schedex to access, correct, update, or delete his/her information, we will direct that End User to contact the Customer’s website(s) with which he/she interacted directly, and cooperate with our Customers as required by applicable law in order to ensure that our Customers satisfy their End Users’ requests.

12. DATA SOVEREIGNTY REQUIREMENTS

At Schedex, we take data protection and privacy seriously. That's why we make our best effort to comply with data sovereignty requirements. Our commitment to data protection and privacy means that we strive to adhere to the following principles:

  • Jurisdictional control: We make every effort to comply with relevant laws and regulations governing data protection and privacy, ensuring that our data processing activities are in line with the laws of the jurisdiction in which we operate.
  • Data protection: We have implemented appropriate technical and organizational measures to secure personal data, including encryption, access controls, and continuously strive to improve our data protection measures.
  • Transparency: We are transparent about our data processing activities, providing individuals with information about the types of data we collect, the purposes for which it is used, and who has access to it, and make our best effort to provide the most accurate information.
  • Data retention and deletion: We make our best effort to retain personal data for no longer than necessary and delete it when it is no longer required, in accordance with relevant laws and regulations.
  • Privacy: We respect the privacy of personal data, obtaining informed consent from individuals before collecting, using, or disclosing their personal data, and make our best effort to obtain the most informed consent.
  • Cross-border data transfers: We make our best effort to comply with the restrictions on cross-border data transfers under relevant laws and regulations, implementing appropriate safeguards and obtaining consent from individuals before transferring their personal data outside of our jurisdiction.

We are committed to providing a secure and private environment for your data and continuously review and update our data protection practices to make our best effort to comply with data sovereignty requirements.

13. WHO IS RESPONSIBLE FOR PROCESSING YOUR PERSONAL INFORMATION AND CONTACT INFORMATION

If you would like further information about how we handle your Personal Information and if you have any concerns regarding this Privacy Policy or the manner in which we or our service providers treat your personal information, or if you wish to exercise your legal rights or unsubscribe from our marketing communications, or you want to know more about our data security measures, please contact info@schedex.me. Please outline to us your concerns and our legal team or Schedex representative will be in touch to discuss the matter.

Last updated: Feb 12, 2023