Data protection at shyftplan

We protect your company data

Whether you use shyftplan via mobile app or via the web application, your data is always transmitted securely and, unlike notices or WhatsApp groups, the use of shyftplan is fully GDPR compliant.

AVV - Order data processing contract

• We have concluded a commissioned data processing agreement with all companies that process data for us. This ensures the best possible protection of your data.
• If necessary, we will support you with information, the correction or deletion of personal data - in accordance with the GDPR regulations.
• We will be happy to provide you with our DPA template for review. Just get in touch with us.

TOMs - Technical and organizational measures

• As an ISO 27001 and SOC 2 certified company, we regularly review and optimize our technical and organizational measures to ensure data security.
• All shyftplan GmbH employees undergo annual training on IT and information security.
• We use state-of-the-art measures for firewalls, user authentication and virus protection, for example.

Protection of personal data

Many shyftplan users use private devices for the mobile app. But regardless of whether you use a private or a company device, shyftplan does not access personal data such as your contacts. Only first and last names, a unique user ID (e.g. e-mail address) and the role (planner or employee) are required to use shyftplan. Further information is voluntary.

IT security

shyftplan is ISO 27001 and SOC 2 certified and therefore meets the highest standards of data security. All data communication is encrypted and your data is hosted in a secure data center in Germany.