!doctype html> OperatEzy | All-in-One Field Operations Platform
OperatEzy Logo

Data Management Policy

Last updated: March 2026

1. Introduction

OperatEzy ("we", "us", "our") is committed to protecting and respecting your privacy. This Data Management Policy explains how we collect, use, store, and protect personal data when you use our platform and services.

This policy is in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the Irish Data Protection Acts 1988–2018.

2. Data Controller

OperatEzy is the data controller responsible for your personal data. If you have any questions about this policy or our data practices, please contact us at: office@operatezy.com

3. Data We Collect

We may collect and process the following categories of personal data:

  • Identity Data: Full name, job title, employee ID, and profile photographs.
  • Contact Data: Email address, phone number, and business address.
  • Account Data: Username, password (encrypted), and account preferences.
  • Employment Data: Work schedules, attendance records, task assignments, and performance data.
  • Technical Data: IP address, browser type, device information, and usage logs.
  • Document Data: Compliance documents, digital signatures, certifications, and uploaded files.
  • Location Data: GPS data when using mobile check-in/check-out features (with consent).
  • Communication Data: Messages and notifications sent through the platform.

4. How We Use Your Data

We use your personal data for the following purposes:

  • To provide and maintain the OperatEzy platform and services.
  • To manage workforce scheduling, task assignment, and attendance tracking.
  • To store and manage compliance documents and digital signatures.
  • To send operational notifications and communications.
  • To generate reports and analytics for business management.
  • To improve and develop our platform and services.
  • To comply with legal obligations and regulatory requirements.
  • To protect the security and integrity of our platform.

5. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract Performance: Processing necessary for the performance of our contract with you or your employer.
  • Legitimate Interests: Processing necessary for our legitimate business interests, such as improving our services and ensuring platform security.
  • Consent: Where you have given explicit consent for specific processing activities (e.g., location tracking).
  • Legal Obligation: Processing necessary to comply with applicable laws and regulations.

6. Data Storage and Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest.
  • Regular security assessments and penetration testing.
  • Access controls and authentication mechanisms.
  • Regular backups and disaster recovery procedures.
  • Employee training on data protection and security practices.

Your data is stored on secure servers located within the European Economic Area (EEA). In the event that data is transferred outside the EEA, we ensure appropriate safeguards are in place in accordance with GDPR requirements.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. Specific retention periods include:

  • Account Data: Retained for the duration of the account and up to 12 months after account closure.
  • Employment Data: Retained for the duration of employment and up to 7 years thereafter for legal compliance.
  • Technical Data: Retained for up to 24 months for security and analytics purposes.
  • Compliance Documents: Retained as required by applicable laws and regulations.

8. Data Sharing

We do not sell your personal data to third parties. We may share your data with:

  • Your Employer: Data related to your work activities is shared with your employer as the primary account holder.
  • Service Providers: Trusted third-party providers who assist in operating our platform (e.g., hosting, analytics). These providers are bound by data processing agreements.
  • Legal Authorities: When required by law, regulation, or legal process.

9. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You have the right to request correction of inaccurate or incomplete data.
  • Right to Erasure: You have the right to request deletion of your personal data, subject to legal obligations.
  • Right to Restrict Processing: You have the right to request restriction of processing in certain circumstances.
  • Right to Data Portability: You have the right to receive your data in a structured, commonly used, and machine-readable format.
  • Right to Object: You have the right to object to processing based on legitimate interests.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time.

To exercise any of these rights, please contact us at office@operatezy.com. We will respond to your request within 30 days.

10. Cookies and Tracking

Our platform uses cookies and similar tracking technologies to enhance your experience. These include:

  • Essential Cookies: Required for the platform to function properly.
  • Analytics Cookies: Used to understand how users interact with our platform.
  • Preference Cookies: Used to remember your settings and preferences.

You can manage your cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the platform.

11. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority (the Data Protection Commission of Ireland) within 72 hours of becoming aware of the breach. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.

12. Changes to This Policy

We may update this Data Management Policy from time to time. We will notify you of any significant changes by posting the updated policy on our platform and, where appropriate, by email. We encourage you to review this policy periodically.

13. Complaints

If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the Data Protection Commission of Ireland:

Data Protection Commission
21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland
Website: www.dataprotection.ie

14. Contact Us

For any questions or concerns about this Data Management Policy or our data practices, please contact us at: office@operatezy.com