Privacy Policy
BEEZEE
Last updated: May 2026
Version: 1.0
This document constitutes the joint privacy notice issued by both joint controllers under Article 26(2) GDPR. Previous versions are available on request.
1. Who We Are and Our Role
BEEZEE is a workforce management platform developed and operated jointly by:
- Ivan Melchenko, Indywidualna działalność gospodarcza (sole trader), NIP: 5243010892, REGON: 529035345, ul. Gioacchino Rossiniego 9 lok. 38, 03-289 Warszawa, Poland; and
- Andrei Rabeshka, Indywidualna działalność gospodarcza (sole trader), NIP: 8522681635, REGON: 521826797, ul. Bartosza Głowackiego 27/23, 70-238 Szczecin, Poland
("we", "us", "our"). We provide mobile tools that help businesses manage employee shifts, tasks, breaks, and inventory.
Contact details:
- Email: biznest.platform@gmail.com (single point of contact for all data protection matters)
- Postal: Ivan Melchenko, ul. Gioacchino Rossiniego 9 lok. 38, 03-289 Warszawa, Poland / Andrei Rabeshka, ul. Bartosza Głowackiego 27/23, 70-238 Szczecin, Poland
1.1 Our role depends on whose data we process
- For employee data (shifts, breaks, tasks, photos, notifications, schedules, inventory requests of workers added to the platform by a Manager) — your employer (the Manager who created your account) is the data controller. We act as a data processor on the employer's behalf under Article 28 GDPR. The terms of that processing are set out in our Terms of Use (Section 5 — Data Processing Agreement). To exercise your rights regarding this data, contact your employer first; we will assist them in responding. Where your employer processes your data as the data controller, the legal bases applicable to that processing are determined by your employer and may include employment contract performance (Art. 6(1)(b)), legal obligation (Art. 6(1)(c)), or employment law provisions (Art. 9(2)(b) in conjunction with Art. 88 GDPR).
- For Manager (account holder) data and platform-level data (account registration, billing-related data, security logs, aggregated platform statistics) — Ivan Melchenko and Andrei Rabeshka act as joint controllers under Article 26 GDPR.
1.2 Joint-controller arrangement (Art. 26 GDPR — essence)
Ivan Melchenko and Andrei Rabeshka have agreed in writing on the allocation of their respective GDPR responsibilities. The essence of that arrangement is:
- Either controller may receive and process data subject requests; the contact point for all such requests is biznest.platform@gmail.com.
- Information obligations under Articles 13 and 14 GDPR are fulfilled jointly through this Privacy Policy.
- Both controllers are jointly and severally liable to data subjects regardless of the internal allocation, in accordance with Art. 26(3) GDPR.
The full arrangement is available on request.
1.3 Data Protection Officer
We have assessed Article 37 GDPR and concluded that we are not required to designate a Data Protection Officer. All data protection enquiries should be sent to the email above.
1.4 Children
The Service is intended for use in a professional employment context and is not directed at persons under 16. We do not knowingly collect or process personal data of persons under 16. If you believe we have inadvertently done so, please contact us so that we can delete the data.
2. What Data We Collect
We collect the following categories of personal data. Where we process this data on behalf of your employer, we do so only on the employer's documented instructions:
| Category | Data | Why We Need It |
|---|---|---|
| Account data | First name, last name, email address | To create and manage your account |
| Authentication data | Password (stored only as a cryptographic hash — we never store your actual password), access and refresh tokens | To verify your identity and keep you logged in |
| Work activity data | Shift start and end times, break start and end times, break duration, working time calculations, shift status | To record your working hours and support labour-law compliance |
| Task data | Task assignments, completion timestamps, task status, task notes, task comments | To manage and track work tasks |
| Photos | Task completion proof photos, task description photos, and inventory request photos (from your camera or photo library) | To provide visual documentation of completed work |
| Scheduled shifts | Planned work dates, start and end times, notes, draft/published status | To plan employee work schedules in advance |
| Inventory requests | Item name, description, notes, category, priority, attached photos | To allow employees to request supplies |
| Notifications | Notification messages (may include task names and colleague names) | To deliver real-time alerts about assignments and schedule changes |
| Device data | Push notification token, device platform (iOS or Android) | To send push notifications to your device |
| Preferences | Language setting (English, Polish, or Ukrainian) | To display the app in your preferred language |
| Audit data | Timestamps and user identifiers recording who created or last modified each record | To maintain accountability and security |
| Server/technical logs | IP address, request timestamps, HTTP headers | Security monitoring, abuse prevention, debugging |
Note: Aggregated statistics shown to Managers (e.g. shift summaries, task completion rates) are derived from the personal data listed above. The derivation step — computing aggregates from individual records — is itself a processing activity covered by this notice.
3. Why We Collect Your Data (Legal Basis)
Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:
Contract performance (Article 6(1)(b)) Most of the data we collect is necessary to provide the workforce management service you or your employer signed up for. This includes: account data, authentication data, work activity data, task data, scheduled shifts, inventory requests, and your language preference.
Legal obligation (Article 6(1)(c)) Shift and break records are also processed to comply with labour-law requirements for working-time record-keeping.
Legitimate interest (Article 6(1)(f)) We rely on legitimate interest for the following processing activities, pursuing the specific interests indicated:
- Audit trail — our interest in ensuring the security, integrity and accountability of the Service and in being able to detect and investigate misuse;
- Push notifications — our and your employer's interest in timely operational communication so the Service can function as intended;
- Task photos and task comments — your employer's interest in being able to verify completion of work and exchange operational feedback;
- Aggregated statistics — your employer's interest in operational management of their business;
- Security monitoring and abuse prevention — our interest in protecting the Service, our infrastructure and our users against fraud, abuse and unauthorised access;
- Server/technical logs — our interest in maintaining the security, availability and integrity of the infrastructure, and in detecting, diagnosing and preventing abuse and technical failures.
We have carried out a balancing test for each of these interests and concluded that they are not overridden by your interests, rights and freedoms. You may object to processing based on legitimate interest at any time — see Section 7.
Consent (Article 6(1)(a)) We do not currently rely on consent as a legal basis. If we ever ask for your consent for a specific processing activity, you will be able to withdraw it at any time, with effect for the future, without affecting the lawfulness of processing carried out before withdrawal (Article 7(3) GDPR).
Contract acceptance mechanism: When a new user first logs in to the Service, they are presented with a mandatory acceptance screen requiring them to confirm acceptance of the Terms of Use and this Privacy Policy via a checkbox before accessing any features. This constitutes contractual acceptance — the legal basis for the processing described in this Section is contract performance (Art. 6(1)(b)) or legitimate interest (Art. 6(1)(f)), not consent within the meaning of Art. 6(1)(a) GDPR.
Whether providing data is required
Providing the data listed in Section 2 is a contractual requirement necessary to use the Service. If you do not provide it, your employer will not be able to create an account for you on the platform and you will not be able to use the Service. Providing shift and break data is additionally a statutory requirement to the extent your employer is obliged to keep working-time records under Polish labour law.
No automated decision-making or profiling
We do not carry out automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you within the meaning of Article 22 GDPR. We do not engage in profiling of users. Statistics shown to your Manager are descriptive aggregates only.
Source of data
If you are an employee, your account data (name, email, role) is generally provided to us by your employer (the Manager). All other data is generated by your use of the Service. This satisfies our information obligation under Article 14 GDPR.
4. Recipients and Processors of Your Data
We engage the following categories of recipients. Where the recipient acts on our behalf under documented instructions, they are our processor within the meaning of Article 4(8) GDPR; otherwise they are an independent recipient.
| Recipient | Role | What They Receive | Why |
|---|---|---|---|
| Your employer (manager) | Independent controller | Your work activity data — shifts, breaks, tasks, task photos, inventory requests | Managers use this data to operate the business and manage employee work |
| Microsoft Azure | Processor (sub-processor) | All platform data (database records, uploaded files) | Provides the managed cloud database, object storage, compute and secrets-management services that host the Service |
| Apple (APNs) | Processor (sub-processor) | Device token, notification title and body text | To deliver push notifications on iOS devices |
| Google (FCM) | Processor (sub-processor) | Device token, notification title and body text | To deliver push notifications on Android devices |
Access to personal data within BEEZEE is limited to personnel who need it to provide or maintain the Service and is controlled by role-based access controls.
We do not sell your personal data to any third party. We do not use any third-party analytics, advertising, or crash-reporting services.
5. International Data Transfers
Our cloud infrastructure is deployed in an EU region. Your primary data (database records and uploaded files) is stored and processed within the European Union/European Economic Area.
Some sub-processor support, monitoring or maintenance personnel may be located outside the EEA. Any such access is limited, logged and protected by the contractual safeguards listed below (in particular Standard Contractual Clauses incorporated into the relevant data processing agreements). A copy of the safeguards in place is available on request from biznest.platform@gmail.com.
Push notifications require transferring a limited amount of data to the United States:
| Recipient | Safeguard |
|---|---|
| Apple (APNs) | Apple's Data Processing Agreement; EU–US Data Privacy Framework certification |
| Google (FCM) | Google Cloud Data Processing Amendment; EU–US Data Privacy Framework certification; Standard Contractual Clauses |
| Microsoft Azure | Microsoft Products and Services Data Protection Addendum (DPA); EU-approved Standard Contractual Clauses. Routine data processing takes place in an EU region; access from outside the EEA is limited to support and maintenance and is covered by the same safeguards. |
6. How Long We Keep Your Data
| Data | Retention Period | How It Is Deleted |
|---|---|---|
| Account data | Until you or your manager requests deletion | Manager removes the user account, or you contact us directly |
| Access tokens | 24 hours | Automatically expire |
| Refresh tokens | 7 days | Automatically expire; also invalidated immediately on logout |
| Shifts and breaks | For the duration of the contract with the employer (Manager) | Deleted at the end of the contract or upon the employer's request. Compliance with Polish labour law record-keeping obligations is the responsibility of the employer (Manager) as data controller. In particular, art. 94 pkt 9b of the Kodeks pracy requires employers to retain employment and working-time records for up to 10 years from the end of the employment relationship (for employees hired on or after 1 January 2019; earlier transitional rules may apply to other employment). |
| Tasks and task photos | Until the task is deleted by a manager, or 12 months after the photo was uploaded (whichever is earlier) | Manager deletes the task; or photos are automatically purged 12 months after upload |
| Task comments | Until the parent task is deleted | Deleted together with the task |
| Notifications | 12 months from delivery, or until deletion is requested (whichever is earlier) | Automatically purged after 12 months; can be deleted earlier on request |
| Scheduled shifts | 3 years from the planned shift date | Manager can delete individual scheduled shifts; otherwise purged after 3 years |
| Inventory requests | 3 years from creation | Manager can delete individual requests; otherwise purged after 3 years |
| Device push tokens | Until you log out or the token is rejected by Apple/Google | Automatically removed on logout; stale tokens are cleaned up when the notification service rejects them |
| Audit trail | Same as the parent record | Deleted when the parent record is deleted |
| Server/technical logs | 90 days from collection | Automatically purged after 90 days |
| Local device data | Until you log out or uninstall the app | All local data is cleared automatically on logout |
| Language preference | Lifetime of your account | Deleted when your account is removed |
We keep your data only for as long as it is needed for the purposes described in this policy or as required by applicable law. The retention periods above are maximum periods — data may be deleted earlier where a deletion request can lawfully be honoured.
Where data is included in platform backups, it will be removed from backups in the ordinary course of the backup retention cycle, which does not exceed 90 days. Upon account termination, data is retained for 90 days from the contract expiration date to allow for reactivation or data export. After 90 days without reactivation, data is permanently deleted from primary systems, consistent with Section 4.3 of our Terms of Use. Data held in existing backups at the time of deletion will be removed as those backups expire, within the same 90-day maximum.
7. Your Rights
Under GDPR, you have the following rights regarding your personal data:
Right of access (Article 15) You can view your own profile, shifts, tasks, and notifications through the app. You may also request a complete copy of all personal data we hold about you by contacting us.
Right to rectification (Article 16) If your personal data is incorrect or outdated, you may request correction by contacting your manager or by contacting us directly.
Right to erasure — "right to be forgotten" (Article 17) You can request deletion of your account and associated personal data by contacting us. Some data may be subject to legal retention obligations applicable to your employer under Polish labour law (Kodeks pracy, art. 94 pkt 9b in conjunction with art. 94⁵). In such cases, we will process deletion requests in accordance with the instructions of the employer acting as the data controller. We will inform you if any of your data cannot be deleted for this reason.
Right to restrict processing (Article 18) You can request that we limit how we use your data. Account deactivation effectively restricts processing by preventing further access.
Right to data portability (Article 20) You have the right to receive your personal data in a structured, commonly used, machine-readable format. Contact us to request a data export.
Right to object (Article 21) You have the right to object, on grounds relating to your particular situation, to processing based on legitimate interest (such as audit logs, notifications, photos and aggregated statistics). Following an objection, we will cease the processing unless we can demonstrate compelling legitimate grounds which override your interests, rights and freedoms, or unless the processing is necessary for the establishment, exercise or defence of legal claims.
Right to object to direct marketing (Article 21(2)) You have an unconditional right to object at any time to the processing of your personal data for direct marketing purposes, including any profiling carried out for direct marketing. This right is absolute — it cannot be balanced against our interests — and we will cease such processing immediately upon receipt of your objection. We do not currently carry out direct marketing, but this right applies immediately if we do so in the future.
Right to withdraw consent (Article 7(3)) Where processing is based on your consent, you may withdraw that consent at any time with effect for the future. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
Right to lodge a complaint If you believe your data protection rights have been violated, you have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO — Urząd Ochrony Danych Osobowych), ul. Stawki 2, 00-193 Warsaw, Poland, or with the supervisory authority in your country of residence.
How to exercise your rights: Contact us at biznest.platform@gmail.com. We will respond within one month of receiving your request. In the case of complex or numerous requests, this period may be extended by a further two months; if so, we will notify you within one month of receiving your request and explain the reason for the extension (Art. 12(3) GDPR). To protect your privacy, we may need to verify your identity before fulfilling a request.
8. Security Measures
We implement appropriate technical and organisational measures designed to ensure a level of security appropriate to the risk, in line with Article 32 GDPR. These include in particular:
Encryption
- Encryption of data in transit between the app and our servers using current industry-standard transport security;
- Encryption of data at rest in our managed database and object storage;
- Use of platform-level secure storage on your mobile device for sensitive local data.
Authentication and access control
- Passwords are never stored in plain text — only as cryptographic hashes using a salted, industry-standard password-hashing algorithm;
- Short-lived signed access tokens combined with rotating refresh tokens that are invalidated on use and on logout;
- Role-based access control: employees can only access their own data; managers can only access data for their own business;
- All data queries are automatically scoped per business so that one business cannot access another's data.
Operational security
- Secrets (credentials, signing keys, API keys) are stored in a dedicated managed secrets-management service, never in source code;
- Every record includes an audit trail of who created and last modified it;
- Stale device tokens are automatically cleaned up;
- Logging out clears local data, unregisters the push token and invalidates the server-side refresh token;
- We periodically review and test our security controls;
- We conduct periodic vulnerability assessments of our infrastructure.
Personal data breach notification
Where a personal data breach is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay in accordance with Article 34 GDPR. Where we act as a processor on behalf of your employer, we will notify the employer (controller) without undue delay after becoming aware of a breach so that they can comply with their notification obligations. Where required by GDPR Article 33, we will notify the relevant supervisory authority (UODO) within 72 hours of becoming aware of a breach.
9. Local Storage on Your Device
The BEEZEE mobile app stores limited data locally on your device using secure device storage (not browser cookies). The push notification SDKs (Apple APNs, Google FCM) assign a device-level push token used solely to deliver notifications; we do not use any advertising identifiers, analytics SDKs, or third-party tracking technologies. Local storage covers, in particular: authentication tokens (to keep you logged in), basic profile and session information, the language setting, a short-lived cache of recently viewed content, and an offline action queue. The offline action queue is cleared on logout along with all other local data.
All local data is cleared when you log out. You can disable push notifications at any time in your device's operating system settings.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons.
When we make significant changes, we will notify you through the app. We encourage you to review this policy periodically.
The date at the top of this policy indicates when it was last updated.
11. Language Versions
This Privacy Policy is provided in English, Polish, and Ukrainian. For customers located in Poland, the Polish version is the governing version and shall prevail in case of any inconsistencies between language versions. For all customers outside Poland, the English version is the governing version and shall prevail in case of any inconsistencies between language versions. For Customers who are consumers or quasi-consumers under Polish law, in the event of any inconsistency between language versions, the interpretation most favourable to the consumer shall apply, and nothing in this clause deprives such Customers of any protection afforded by mandatory provisions of Polish consumer protection law.