Skip to main content

Privacy Policy

Introduction

Planday recognizes the importance of respecting and protecting your personal data (information), and to be able to continue to provide you with the level of service you have come to expect from us, we need to collect, process and share a certain amount of information about you.

In this document, we explain what information we’re likely to hold, how we collect it and how we will use or share it. It also explains your rights and how to contact us or your local supervisory authority in the event you have a complaint. Our commitment to you is that we will continue to treat your personal data fairly and legally and with the same discretion and respect as we have always applied.

This policy applies to all your information however captured, including via our App, through our website or via telephone conversations with our staff. This includes situations when you:

  • visit the Planday website (“Site“) or link to this Privacy Policy
  • visit our branded social media pages
  • use the workforce scheduling platform and associated services (the “App”) as an authorized user, for example, as an employee of one of our Planday customers who provided you with
  • access to our services
  • tick the “I agree” buttons when first registering or logging into the App
  • access the “Subscription Centre”,
  • visit our offices or contact our Operational teams via phone or email or otherwise receive communications from us
  • register for, attend and/or otherwise take part in our events, webinars or campaigns including participating in the Planday community

For the purposes of this document, “Planday” means Planday A/S (registered in Denmark with CVR 27666248 and VAT number DK-27666248), unless you are an Australian business customer (or an authorized user of an Australia business customer) or are located in Australia (an “Australian Data Subject”) in which case it means Planday Pty Limited (ABN 650 898 187). If you are an Australian Data Subject, the term “personal data” when used in this document means “personal information” as that term is defined in the Privacy Act 1988 (Cth) (the “Australian Privacy Act”).

When using the App, Planday is as a starting point the data processor of your personal data. The businesses to which we are providing the App and associated services warrant in our agreements with them that they have complied with and shall continue to comply with the relevant applicable data protection laws in relation to the data they control and pass to us and that they have the necessary legal
basis to use the data in relation to the services we provide to them.

With regard to the other situations mentioned above, Planday is the data controller. This means that we exercise judgment in determining how and why to process the information you share with us. We may share your information with the other members of our group of companies. If you are using the App as a private person (and not as an employee of our business customer), Planday is also the data controller for that processing of your personal data.

If you have questions about how we process your information that aren’t answered in this policy, we invite you to get in touch with us at support@planday.com or contact your local telephone support Contact.

What information we collect and how we use it

Here we summarize the information we collect, why and how we use it and who we share it with.

Planday is committed to protecting you and your employer’s privacy. We only collect and use personal data to provide you and your employer with the workforce scheduling platform and all associated services, and tailor the information we share with you to help make it relevant, useful and timely. We will only share your personal data with organizations involved in fulfilling our role as your workforce scheduling platform provider, such as:

  • our service partners, including our data processors, in order to operate the App and the Sites and deliver the services you have requested and/or with trusted partners to help us perform statistical analysis, marketing campaigns, PR campaigns, remarketing, send you email or postal mail, or provide customer support; and
  • any existing or future member of the Planday group of companies.

Please keep in mind that if you publicly disclose Personal Data and/or usage data through our App or our Sites, we are not responsible for the security of the personal data you publicly disclose (which may be collected and used by others).

The Sites may contain links to make it easier for you to visit other websites. These websites are managed by third parties and we encourage you to review the privacy statements of these websites so that you can understand how they collect, use and share your information. Planday is not responsible for the privacy statements or other content on websites it may link to.

Your information falls into one or more of the categories in the table below, which sets out the basis on which we may use your information to the extent required by local privacy laws. Also please note for countries where this is legally possible, hereunder but not limited to AU, that we may share your information with the other members of our group of companies incl. within the Xero Group, and that this information may be used for the purpose of direct marketing from companies within the Xero group.

We may also use and disclose your personal data as required or permitted by applicable law.

How we use cookies

Planday uses “cookies” to help you personalize your online experience. A cookie is a small text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.

The Planday App only uses Necessary cookies, which are detailed in the Planday App Cookies Policy.

Planday website uses all types of cookies, which are detailed on the Cookie banner on the website:

Social Media Features

Our Sites may use social media features, such as the LinkedIn sharing button, Facebook “like” button, the “Tweet” button and other sharing widgets (“Social Media Features”). Social Media Features may be hosted by the social media network or hosted directly on our website. A social media network may receive information that you have visited the Planday website if you click through to the social media platform from the Planday website, to the extent the Social Media Features are hosted by the respective social media networks. If you are logged in to your social media account, it is possible that the respective social media network can link your visit to our websites with your social media profile.

Your interactions with Social Media Features are governed by the privacy policies of the companies providing the relevant Social Media Features.

Does Planday collect or process sensitive data?

Planday does not process sensitive data (what is known as “special categories of personal data” under the GDPR, or “sensitive information” under the Australian Privacy Act), but the App does have custom text fields in which sensitive data can be added by either you and/or your employer. These fields are configured by you and/or your employer, and you and/or your employer accept full liability (and hold
Planday free from any liability under the relevant data protection laws) for any sensitive data entered into these fields. We recommend that you and/or employer do not add sensitive data to these fields. Any data entered into these fields will be processed in the same way as we process personal data.

Children

Our Site, associated services or App are not directed at children. We do not knowingly collect Personal Data from children under the age of 16. If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact us at support@planday.com and we will take steps to delete such Personal Data from our systems.

Marketing Preferences for E-Mails and SMS marketing

We incorporate your marketing preferences in your Subscription Centre, accessible via any marketing communications, which affect how we will process your information. By using the marketing preferences functionality in the Subscription Centre, you can specify whether you would like to receive direct marketing communications and limit the use of your information. You can alternatively contact us at support@planday.com to manage your preferences.

Anonymous Data

Anonymous Data is the type of data that does not enable us to identify you, either by using this data by itself or combining it with any other information, for example data derived from personal data that is aggregated and compiled in anonymous form, Analytics Information and information collected from cookies.

We may create Anonymous Data from the personal data we receive from you and/or your employer through any of the methods listed in this Policy, including usage data. We convert personal data into Anonymous Data by removing personal information, such as names, ID’s, etc. We may use this data to analyze requests and usage patterns for innovation and for improving our App, or to create lookalike audiences within social networks to enable us to advertise our services, or to create anonymized highlevel research reports on workplace trends in a given industry, geography, or to compare industries and/or geographies on key workforce metrics, or for any other marketing services, associated services, and Sites. We may share Anonymous Data with third parties.

Transferring your personal information to other countries

If you are located in Europe, the data that we collect from you is stored and hosted in the European Economic Area (“EEA”) but, occasionally, we may need to process your personal data outside the EEA, for example, where it is processed by staff operating outside the EEA who work for us or for one of our suppliers or by one of our sister companies. These transfers are subject to special rules under European
and UK data protection law because non-EEA countries may not have the same data protection laws. If we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your data to such third-party suppliers who have agreed to comply with the required data security standards, policies and procedures and have put adequate security measures in place.
  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission and the UK.
  • Where we use certain service providers, we will use standard data protection contract clauses which have been approved by the European Commission. These are designed to re-create data protections equivalent to those we enjoy in the EEA and in the UK.
  • Where possible, Planday offers you the options to opt out of these data transfers.

If you are an Australian Data Subject, the data that we collect from you may be disclosed outside of Australia to our sub-processors, service providers and other members of the Planday group of companies.

Please contact us at support@planday.com if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA (for European customers) or Australia (for Australian Data Subject). By ticking the “I agree” button when first registering or logging into the App and by submitting your personal data, you consent to this transfer, storing or processing of your personal
data with our sister companies and business partners located outside of the EEA (for European customers) or Australia (for Australian Data Subjects).

How long we hold on to your information

We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law. After this period, it will be deleted or in some cases anonymized.

Whilst you are an active user of the App we will hold on to your information for as long as needed to give you the best possible customer service. We may also keep a record of correspondence with you (for example, if you have asked us a support question or made a complaint) for as long as is necessary to protect us from a legal claim. As a starting point, personal data related to a specific agreement (including
data regarding the provision and use of the App, any data contained in day-to-day queries and communication with you and/or to your registration for events etc.) will be deleted 5 years after the end of the financial year in which the customer relationship ended. Any data contained in day-to-day queries and communication with you, and not related to a specific agreement, will as starting point be deleted no more than 12 months after the end of the last communication.

Where we have collected the personal information based on your consent and we have no other lawful basis to continue with that processing, if you subsequently withdraw your consent, then we will delete your personal information. Personal data collected for direct marketing communication (when we inform you about goods or services) based on your consent will as a starting point be deleted no more than 12
months after the last piece of communication was sent, or 12 months after your consent was withdrawn.

Personal data processed as part of the use of cookies which you may have allowed on our Sites will be deleted along with the cookie (depending on the specific lifetime of the cookie). Please refer to our Sites for an overview of the specific cookies, including their lifetime.

In certain circumstances we may retain your personal data for a longer period where such retention is necessary for compliance with a legal obligation to which we are subject, to resolve disputes and enforce our agreements.

Your rights

How to exercise your rights

To exercise your rights, please contact us at support@planday.com If you are an employee of a Planday customer, we recommend you contact your company’s system administrator for assistance.

Some registered users may update their user settings, profiles, organization settings and event registrations by logging into their accounts and editing their settings or profiles.

To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. At any time, you can amend your marketing preferences to reduce, remove or increase the amount we contact you with special offers. You can do this by contacting us at support@planday.com.

Right to complain

In the event that you wish to make a complaint about how we process your personal information, please contact us in the first instance at support@planday.com and we will endeavour to resolve your query as soon as possible. If you consider that our processing of your personal information infringes data protection laws, you have a legal right to complain to your national supervisory authority.

For UK:
ICO (registration no. is ZA259339)
https://ico.org.uk/make-a-complaint/

For Denmark:
Datatilsynet (registration no. is 35107207)
https://www.datatilsynet.dk/databeskyttelse/klage-til-datatilsynet

For Norway:
https://www.datatilsynet.no/en/about-us/contact-us/how-to-complain-to-the-norwegian-dpa/

For Germany:
https://datenschutz-hamburg.de/#

For Australia:
https://www.oaic.gov.au/privacy/privacy-complaints

Securing your information

Planday implements organizational, technical and physical measures to help safeguard against the accidental or unlawful destruction, loss, alteration and unauthorized disclosure of, or access to, the personal data we process or use. Planday is a certified holder of ISO27001 and CyberEssentials (UK Government-backed cyber protection scheme).

All information you provide to us is stored on secure servers within a private network and is encrypted when in transit between those servers and a third-party supplier. The key solutions we use are wellknown, global businesses that are GDPR compliant. We may use other smaller, local service providers from time to time and in these cases, will ensure that they are bound by obligations of confidentiality.

We have a security policy to ensure that we and our partners keep all data, not just personal data, secure and confidential. Despite this, nothing can be 100% secure and we will notify you and the relevant supervisory authority of a suspected data security breach where we are legally required to do so. You are solely responsible for protecting your password, limiting access to your devices and signing out of
websites after your sessions. If you have any questions about the security of our Site, associated services or App, please contact us at support@planday.com

About Changes to this Policy

This privacy policy was first published in May 2018; reviewed in February 2021 and last reviewed in July 2022.

We may change this privacy policy from time to time. Where these changes are substantial or have an impact to your rights, we will let you know. You should check this page occasionally to ensure that you are happy with any changes to this policy.