FindShifts logoFindShifts

Legal

Privacy Policy

Last updated May 18, 2026. This policy explains what we collect, why, and how to control it.

⚠️ Placeholder notice

This is a starter privacy policy template intended for a US-based gig marketplace. It is not a substitute for legal review by an attorney. Before launch, have this reviewed and adapted to your specific business operations, applicable jurisdictions, and any state-specific addenda (CCPA, CPRA, VCDPA, etc.).

1. Information we collect

We collect information you provide directly:

  • Account info: name, email, phone, password (hashed)
  • Worker profile info: skills, work history, ratings, location preferences
  • Employer profile info: business name, tax ID (encrypted), billing details
  • Payment info: handled by Stripe; we never store full card or bank numbers
  • Time-tracking data: GPS clock-in coordinates, photo verification

We collect information automatically:

  • Device and browser information (IP, OS, browser version)
  • Usage logs (pages visited, actions taken, timestamps)
  • Cookies (for authentication and analytics; see Cookies section)

2. How we use information

  • To operate the platform: matching workers to shifts, processing payments, sending notifications
  • To verify identity and prevent fraud
  • To improve the product (aggregated, anonymized analytics)
  • To communicate with you (transactional emails, support, occasional product updates)
  • To comply with legal obligations (1099 reporting, court orders, regulatory requests)

3. How we share information

We share information only when necessary:

  • With other platform users: employers see worker profiles; workers see employer business names and shift details
  • With service providers: Stripe (payments), Resend (email), Vercel (hosting), Neon (database), Sentry (error monitoring) — under data processing agreements
  • For legal compliance: when required by law or to protect the safety of users
  • In a business transfer: if FindShifts is acquired, your data may transfer to the acquirer under the same terms

We do not sell personal information. California residents have additional rights — see our Do Not Sell or Share My Personal Info page.

4. Your rights

Depending on your jurisdiction, you may have the right to:

  • Access the data we hold about you
  • Correct inaccurate data
  • Delete your account and associated data (subject to legal retention)
  • Opt out of marketing communications
  • Port your data to another service

To exercise these rights, email privacy@findshifts.work. We respond within 30 days.

5. Security

We protect data with encryption at rest and in transit, role-based access controls, and routine security review. Despite this, no system is impenetrable; we encourage strong passwords and report any suspected compromise to security@findshifts.work.

6. Children

FindShifts is not for children under 16. We do not knowingly collect data from anyone under 18. If you believe we have, contact us immediately for deletion.

7. Changes

We may update this policy as our practices evolve. Material changes will be announced via email and a banner notice on the site at least 14 days before they take effect.

Contact

FindShifts Privacy Team
privacy@findshifts.work