HomePrivacy & Policies

Privacy & Policies

Effective Date: 08/01/2025
Company: ToBeShore AB, Sweden
Product:  DayzOff, Leave Management System
Contact: support@tobeshore.freshdesk.com

1. Introduction

ToBeShore AB (“we”, “us”, “our”) respects your privacy and is committed to protecting personal data in accordance with applicable data protection laws, including the GDPR. This Privacy Policy describes how we collect, use, store, and protect your information when using our Leave Management System.

2. Data We Collect

We collect and process the following types of data:

  • Employee and administrator names

  • Employee & administrator job titles
  • Employee & administrator profile pictures

  • Email addresses

  • Leave records and approvals

  • Country-specific public holidays

  • Organization hierarchy

  • Organization related leave types
  • Organization specific email configurations
  • Organization specific notification templates
  • Organization specific rules (related to the leaves)

All customer data is securely isolated using a multi-tenant architecture.

3. Sensitive Information

Our system may process public holiday information, which in some countries may be associated with religious observances. However, we do not actively profile or infer sensitive personal characteristics.

4. Who Can Access the Data

  • Authorized Admins and Employees of your organization

  • ToBeShore AB team (only for support, maintenance, or improvement purposes)

5. Data Sharing

We do not sell any user or organizational data. However, limited data may be used internally with the following services:

  • Azure Bot for user interactions and automation

6. Data Retention

We store transactional data for 2 years. After that, it is securely archived into Azure Storage for historical reference and auditing.

7. Data Export & Deletion

  • Export: Users can export leave-related reports via the system.

  • Deletion: Data deletion is not supported through the system interface. Organizations wishing to request data removal must contact support.

8. Global Data Transfers

As a starting point all data is stored in Microsoft Datacenters in Sweden for the EU market. As we serve customers worldwide more regions will be added as we grow, and data may be processed and stored in regions outside the EU. In such cases, we ensure adequate protection mechanisms are in place according to GDPR standards. All data will be encrypted in transit and at rest.

9. Security Measures

We use Microsoft Azure’s robust security infrastructure.

  • Modern microservice architecture

  • DBs with strict access controls

  •  Microsoft Entra ID authentication

  • API Gateway to publish, secure, monitor and scale APIs

  • Web Application Firewall

10. Cookies and Tracking

Our public website may use cookies and analytics tools to improve performance and user experience. By using our website, you consent to the use of such cookies in accordance with this policy.

11. Changes to This Policy

We may occasionally update this Privacy Policy. When we do, we will notify users through the system dashboard or via email.

12. Contact Us

If you have any questions, concerns, or requests regarding your data, contact us at:

Email: support@tobeshore.freshdesk.com
Company: ToBeShore AB, Sweden

Get Started Today