Privacy Policy
Last updated: June 22, 2026
This Privacy Policy explains what data Schedio collects, why we collect it, who we share it with and what you can do about it. Schedio is built for businesses based in the United States; if you operate in the European Union or the United Kingdom, please read the "International users" section before signing up.
1. Who is responsible for your data
Schedio is operated by Schedio LLC, a limited liability company organised in the State of New York, United States ("Schedio", "we" or "us"). Schedio is a multi-tenant service. For data about you as an account holder – your email address, name, role and language preference – Schedio LLC is the data controller. For data you upload inside your tenant – employees, shifts, handover notes, alerts, integration settings – your organisation is the controller and Schedio acts as a processor on your instructions. Your organisation decides what to upload; we provide the infrastructure to store and process it for you.
2. What we collect
From account holders: email address, name, role within the tenant, login provider (password, magic link, Google or Microsoft) and language preference. From paying customers: billing email, country and VAT number where applicable. Payment card data is handled entirely by Paddle, our merchant of record; Schedio receives a billing reference and event metadata, not card numbers. From tenant data uploaded by your team: employee names and contact details, shift schedules, handover notes, alerts, integration settings (for example, the name of the Slack workspace or the chat ID of a Telegram group). From everyone using the Service: technical logs – IP address, user agent and timestamps of requests – for security and abuse investigation, and an audit log of who did what inside a tenant.
3. Why we collect it
To deliver the Service you signed up for, to bill you, to send transactional and operational emails (sign-in links, daily digests, shift reminders, weekly summaries), to investigate suspected misuse or security incidents, and to comply with law. We do not use your data for advertising, behavioural profiling, or training machine-learning models.
4. Who we share data with
Schedio uses a small number of subprocessors to operate the Service: – Paddle (US / Ireland) – payments and merchant of record; – Resend (US) – transactional and operational email delivery; – Introserv (US region) – application and database hosting; – Backblaze (US) – encrypted off-site backups; – Sentry (US) – application error tracking, with personal data minimised where possible; – Google and Microsoft (US) – identity providers, used only if you choose to sign in with a Google or Microsoft account; – BetterStack (US) – uptime monitoring; – Umami – privacy-friendly, cookieless analytics on our marketing site (schedio.team). We also share data with third-party integrations your tenant chooses to enable – Slack, Telegram and WhatsApp / Meta – only when you connect them and only to deliver the messages you ask Schedio to send. Similarly, if you or your staff enable a personal calendar (iCal) feed or connect a chat bot, the relevant shift data is transmitted to the calendar or messaging provider you choose. We may disclose data when required by valid legal process. We do not sell or rent personal data, run third-party advertising trackers, or share data with "data partners".
5. Where data is stored
The application and database run on a server located in the United States (Virginia). Encrypted backups are stored off-site with a separate provider but remain within the United States. Sensitive content – handover notes, alerts, manager notes and integration secrets – is encrypted at the application layer using AES-256-GCM with envelope encryption and a unique key per tenant, so a stolen database file alone does not reveal that content.
6. How long we keep it
Account data is retained while your account is active. Cancelling your subscription does not by itself delete your data; when the workspace owner deletes the workspace, the data enters a 30-day reversible grace period and is then permanently hard-deleted. Handover notes and alerts are designed to be short-lived: they expire automatically and are hard-deleted within 30 days of creation. Billing records are retained as long as tax law requires (typically 7 years). The audit log is retained for at least 12 months for security and compliance purposes. Encrypted backups that include your data roll off automatically on their own schedule (up to about 14 days for the database), so a deletion is reflected in backups shortly after it completes.
7. Security
We apply controls aligned with the SOC 2 Trust Services Criteria and the New York SHIELD Act, including encryption in transit (TLS), application-layer encryption of sensitive content (handover notes, alerts, manager notes and integration secrets), strict per-tenant isolation, scoped audit logging, short-lived sessions, and a documented incident response process. The Security page on this site has more detail. If you believe an account has been compromised, email info@schedio.team.
8. Children
Schedio is a business-to-business product and is not directed at children. We do not knowingly collect personal data from anyone under 16. If you believe a child’s data has been uploaded to a tenant in error, email info@schedio.team and we will remove it.
9. International users (EU, UK and others outside the US)
Schedio is built and operated for businesses based in the United States, and our servers and subprocessors are located in the United States. If you access or sign up for the Service from outside the United States, you do so on your own initiative and are responsible for compliance with any local laws that apply to you; by signing up you consent to your data being transferred to and processed in the United States. We make a Data Processing Addendum (DPA) available to business customers on request. We do not currently offer EU Standard Contractual Clauses or full GDPR-equivalent data-subject workflows; if your operations require those – typical for EU or UK regulated industries – Schedio is not the right product for you yet.
10. Changes to this Policy
We may update this Policy. Material changes will be notified at least 30 days in advance by email to the account owner and on this page. Continued use of the Service after the effective date constitutes acceptance.
Your rights
You can ask Schedio to access, correct, export or delete personal data we hold about you, and to restrict how we use it. California residents have additional rights under the CCPA, including the right to know what categories of personal information we collect and the right to opt out of the sale of personal information – we do not sell personal information. New York residents are covered by the New York SHIELD Act, including the right to be notified of certain security breaches. To exercise any of these rights, email info@schedio.team from the address on the account; we will respond within 30 days (and may extend where the law allows).
Cookies and analytics
On app.schedio.team we set first-party cookies for authentication only (cs_at and cs_rt) – no advertising cookies and no third-party trackers. On schedio.team (the marketing site) we use Umami Analytics, a cookieless analytics tool that does not set identifiers, fingerprint visitors, or share data with third parties.