Roles under GDPR
Your company, Data Controller You decide what employee data to collect and for what purpose (managing leave). You are responsible for informing employees of their rights.
TimeLeaf, Data Processor We process data only on your instructions (to run the time-off management service). We sign a Data Processing Agreement (DPA) with all customers.
Data Processing Agreement
A DPA is included in our Terms of Service for all paid plans. If your legal team requires a separately signed DPA, contact [email protected]. You can also review our standard DPA at timeleaf.io/dpa.
What data we store
- Employee names and email addresses
- Leave requests (type, dates, status, notes)
- Leave balances and accrual history
- Clock-in/out records and timesheets
- Shift schedules and assignments
- Contract documents
- Overtime and time bank balances
- Manager relationships and department structure
- Login timestamps and IP addresses (for security audit logs)
Individual rights
TimeLeaf provides tools to help you fulfil employee rights requests:
| Right | How to fulfil it |
|---|---|
| Access | Export the employee's full profile and leave history from People -> [Employee] -> Export |
| Rectification | Edit any field on the employee's profile directly |
| Erasure | Deactivate and then delete the employee from People -> [Employee] -> Delete. All personal data is removed within 30 days. |
| Portability | Export their data as CSV from the profile page |
| Restriction | Deactivate the account to stop processing without deleting the data |
Data retention
By default, TimeLeaf retains all data for the lifetime of your subscription. You can configure automatic data purging under Settings -> Data Retention. For example, delete leave records older than 5 years.
When your subscription ends, all data is retained for 30 days then permanently deleted from all systems including backups. A full export is available at any time before deletion.