Privacy Policy

NeoShift is a shift handover SaaS product operated by NeoShift Ltd. We provide warehouse, logistics, facilities, and security teams with tools to log shift handovers, track tasks, and ensure continuity between shifts.

For any data-related questions, contact us at support@neoshift.com.

We collect the following data when you use NeoShift:

• Account data — your email address, used for authentication and account recovery
• Team data — your team name, invite codes, and team membership records
• Handover content — issues, actions taken, tasks, shift names, and notes you record during shift handovers
• Subscription data — your billing plan and Stripe customer ID (we do not store card numbers; Stripe handles payment processing)
• Usage metadata — timestamps of handover submissions, task updates, and acknowledgements

We do not collect your name unless you provide it when signing off a handover. We do not collect any location data, device identifiers, or behavioural analytics.

• To provide the shift handover service you have signed up for
• To authenticate your account and maintain your session securely
• To process subscription payments via Stripe
• To allow you and your team to access historical handover records
• To enforce plan limits (team size, history retention) according to your subscription

Our legal basis for processing is contract performance (Article 6(1)(b) UK GDPR) — we process your data to deliver the service you have subscribed to.

All data is stored in Supabase, a managed database service with servers located in the European Union (EU West region). Supabase is SOC 2 compliant and encrypts data at rest and in transit.

Payment processing is handled by Stripe, which is PCI DSS compliant. NeoShift does not store card numbers or payment credentials.

We do not sell, rent, or share your data with third parties for marketing purposes.

• Active accounts — data is retained for as long as your account remains active
• After cancellation — we retain your data for 30 days to allow you to export it or reactivate, then delete it
• Handover history — subject to your plan limits (90 days on Team plan, unlimited on Operations and Command)

As a UK resident, you have the following rights regarding your personal data:

• Right of access — request a copy of the data we hold about you
• Right to rectification — ask us to correct inaccurate data
• Right to erasure — request deletion of your personal data
• Right to restriction — ask us to limit processing of your data
• Right to data portability — receive your data in a machine-readable format
• Right to object — object to processing based on legitimate interests

To exercise any of these rights, email us at support@neoshift.com with the subject line "Data Request". We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

To request deletion of your account and all associated data, email support@neoshift.com with the subject line "Delete My Account". We will confirm deletion within 7 business days. Note that deletion is permanent and cannot be undone.

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or via a notice in the application. Continued use of NeoShift after changes constitutes acceptance of the updated policy.