top of page
Time2Staff

Privacy Policy

Processing of personal data in Time2Staff AS

Time2Staff privacy policy

 

Last Updated: 04/04/2025

This Privacy Policy provides information on how and why Time2Staff AS collects, uses, stores, and processes your personal data when using our services, either by downloading and using the mobile application or engaging with us in any other related ways, including sales, marketing, and events. This document also explains the purpose of processing your data and your rights under GDPR.

Data Controller The Data Controller for the processing of personal data is Time2Staff AS, a company established and registered in Norway with organization number 924 543 450, address: Lien 79, 5057 Bergen, Norway. For privacy-related inquiries, email: privacy@time2staff.com.

GDPR Compliance Time2Staff adheres to the General Data Protection Regulation (GDPR). We process personal data relating to customers (workplaces), jobseekers (staff), and individuals who contact Time2Staff. Below, we describe the types of personal data processed, the purpose of processing, legal basis, and data sources.

 

Personal Data We Collect

 

User Information

We collect and process personal information necessary for providing our services. The information we collect depends on how you interact with our platform and may include:

  • Identification Data: Names, email addresses, phone numbers, job titles, usernames, passwords, date of birth.

  • Professional Data: Work experience, skills, business names, business activity area, star ratings, profile photo.

  • Technical Data: IP address, device and browser information, system configurations, operating system details, geolocation data (if provided).

  • Sensitive Information: Geolocation (for check-in and check-out accuracy at workplaces), absence reason (if disclosed by the user).

 

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: When you explicitly provide consent for marketing communications and optional data processing.

  • Contractual Obligation: To provide services as agreed in our terms of use.

  • Legitimate Interest: To improve user experience, security, fraud prevention, and customer service.

  • Legal Obligation: To comply with regulatory requirements and labor laws.

  • Vital Interests: To protect individuals' vital interests where necessary.

 

How We Use Your Data

​

We process personal data for the following purposes:

  • Account management: Creating and maintaining user accounts.

  • Communication: Sending administrative, service-related, and marketing messages.

  • Security and fraud prevention: Protecting against unauthorized access and data breaches.

  • Improving our services: Using analytics and feedback to optimize our platform.

  • Work verification: Using geolocation data to verify shift check-ins and calculate hours worked.

  • Marketing: Sending promotional materials only with user consent. You may withdraw consent at any time in your app settings.

  • ​

Data Retention

​

We retain personal data only as long as necessary for the purpose it was collected. Key retention periods:

  • User accounts: Retained until a week after when deletion is requested.

  • Work history: Retained for legal compliance (e.g., tax and labor laws).

  • Sensitive information: Geolocation and absence reasons are retained only as long as required for service functionality.

 

Third-Party Data Sharing

 

We share data only with trusted third parties that comply with GDPR. These include:

  • Authentication providers: Facebook Login, Google Sign-In, Apple ID.

  • Cloud hosting: DigitalOcean (hosting services).

  • Communication platforms: Sendgrid (transactional emails), CloudTalk (SMS and call support), User.com (CRM).

  • Marketing platforms: Facebook Ads (social media advertising, if consented to), User.com (CRM, if consented to and not unsubscribed).

  • Payment processing: Bamboora (credit card payments), EasyFreelance AB (invoicing and payroll).

All third-party service providers are bound by GDPR-compliant agreements, ensuring data security and privacy.

 

International Data Transfers

 

If personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards, such as:

  • Standard Contractual Clauses approved by the European Commission.

  • Data encryption and pseudonymization.

  • Hosting data within GDPR-compliant regions whenever possible.

 

Your Rights Under GDPR

 

As a data subject, you have the right to:

  • Access: Request a copy of your personal data.

  • Rectification: Correct inaccurate data.

  • Erasure (Right to be Forgotten): Request deletion of personal data.

  • Restriction of Processing: Limit how your data is processed.

  • Data Portability: Request transfer of your data in a structured format.

  • Objection: Object to data processing for marketing purposes.

To exercise these rights, contact us at privacy@time2staff.com. We will respond within 30 days.

 

Data Security Measures

 

We implement technical and organizational security measures, including:

  • Encryption and anonymization.

  • Regular security audits and penetration testing.

  • Role-based access controls.

In case of a data breach, we will notify affected users and the Norwegian Data Protection Authority within 72 hours.

 

Deleting Your Data

 

To delete your Time2Staff account and associated data:

  • Use the in-app deletion feature by going to your profile.

  • Submit a request via privacy@time2staff.com.

  • Your data except for legally required information (e.g., tax compliance data) will be permanently deleted within 5 working days unless you have an approved job to show up to or are awaiting a payment from your previous completed jobs.

 

Complaints and Contact Information

 

If you have concerns about our data processing, contact:

  • Email: privacy@time2staff.com

  • Address: Lien 79, 5057 Bergen, Norway

  • You may also file a complaint with the Norwegian Data Protection Authority or your local data protection authority.

 

GDPR Compliance

 

Time2Staff adheres to the General Data Protection Regulation (GDPR). We process personal data relating to customers (workplaces), jobseekers (staff), and individuals who contact Time2Staff. Below, we describe the types of personal data processed, the purpose of processing, legal basis, and data sources.

 

Personal Data We Collect

 

User Information

 

We collect and process personal information necessary for providing our services. The information we collect depends on how you interact with our platform and may include:

  • Identification Data: Names, email addresses, phone numbers, job titles, usernames, passwords, date of birth.

  • Professional Data: Work experience, skills, business names, business activity area, star ratings, profile photo.

  • Technical Data: IP address, device and browser information, system configurations, operating system details, geolocation data (if provided).

  • Sensitive Information: Geolocation (for check-in and check-out at workplaces), absence reason (if disclosed by the user).

 

Legal Basis for Processing

 

We process your personal data based on the following legal grounds:

  • Consent: When you explicitly provide consent for marketing communications and optional data processing.

  • Contractual Obligation: To provide services as agreed in our terms of use.

  • Legitimate Interest: To improve user experience, security, fraud prevention, and customer service.

  • Legal Obligation: To comply with regulatory requirements and labor laws.

  • Vital Interests: To protect individuals' vital interests where necessary.

​

How We Use Your Data

 

We process personal data for the following purposes:

  • Account management: Creating and maintaining user accounts.

  • Communication: Sending administrative, service-related, and marketing messages.

  • Security and fraud prevention: Protecting against unauthorized access and data breaches.

  • Improving our services: Using analytics and feedback to optimize our platform.

  • Work verification: Using geolocation data to verify shift check-ins and calculate hours worked.

  • Marketing: Sending promotional materials only with user consent. You may withdraw consent at any time in your app settings.

 

Data Retention

 

We retain personal data only as long as necessary for the purpose it was collected. Key retention periods:

  • User accounts: Retained until deletion is requested.

  • Work history: Retained for legal compliance (e.g., tax and labor laws).

  • Sensitive information: Geolocation and absence reasons are retained only as long as required for service functionality.

 

Third-Party Data Sharing

 

We share data only with trusted third parties that comply with GDPR. These include:

  • Authentication providers: Facebook Login, Google Sign-In, Apple ID.

  • Cloud hosting: DigitalOcean (hosting services).

  • Communication platforms: Sendgrid (transactional emails), CloudTalk (SMS and call support).

  • Marketing platforms: Facebook Ads (social media advertising, if consented to).

  • Payment processing: Bamboora (credit card payments), EasyFreelance AB (invoicing and payroll).

All third-party service providers are bound by GDPR-compliant agreements, ensuring data security and privacy.

 

International Data Transfers

 

If personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards, such as:

  • Standard Contractual Clauses approved by the European Commission.

  • Data encryption and pseudonymization.

  • Hosting data within GDPR-compliant regions whenever possible.

 

Your Rights Under GDPR

 

As a data subject, you have the right to:

  • Access: Request a copy of your personal data.

  • Rectification: Correct inaccurate data.

  • Erasure (Right to be Forgotten): Request deletion of personal data.

  • Restriction of Processing: Limit how your data is processed.

  • Data Portability: Request transfer of your data in a structured format.

  • Objection: Object to data processing for marketing purposes.

To exercise these rights, contact us at privacy@time2staff.com. We will respond within 30 days.

 

Data Security Measures

 

We implement technical and organizational security measures, including:

  • Encryption and anonymization.

  • Regular security audits and penetration testing.

  • Role-based access controls.

In case of a data breach, we will notify affected users and the Norwegian Data Protection Authority within 72 hours.

 

Deleting Your Data

 

To delete your Time2Staff account and associated data:

  • Use the in-app deletion feature.

  • Submit a request via privacy@time2staff.com.

  • Your data will be permanently deleted within 5 working days, except for legally required information (e.g., tax compliance data).

 

Policy Updates

 

We reserve the right to update or modify this Privacy Policy at any time. The revised policy will be effective when posted on this page. We encourage you to review this Privacy Policy periodically for any changes.

 

Complaints and Contact Information

 

If you have concerns about our data processing, contact:

  • Email: privacy@time2staff.com

  • Address: Lien 79, 5057 Bergen, Norway

  • You may also file a complaint with the Norwegian Data Protection Authority or your local data protection authority.
     

time2staff logo
Everyone can get jobs on our platform quickly and for free. Our digital app provides everyone with the opportunity to show their abilities to different workplaces and get closer and closer to their future full-time job.
Everyone can hire our users for free to their full time positions.
Time2Staff
Useful links
Follow us
About Us
Contact Us
Sustainability
Workplace Portal
The Blog
Privacy Policy
Cookies
GDPR
  • TikTok
  • Linkedin Sosiale Ikon
  • Facebook Social Ikon
  • Instagram Social Ikon
Supported by
Certifications
Innovasjon Norge

© 2025 by Time2Staff  - Made with love in Scandinavia

Achilles StartBANK Stamp Silver.png
bottom of page