What data is processed

• Identity and account data such as name, work email, role, and password hash.
• Working-time records including check-in, check-out, corrections, and audit history.
• Leave and balance information including holiday requests, accruals, and adjustments.
• Work schedule configuration and approval routing.
• Operational absence notifications with category and optional non-medical note.

How the app is designed to minimise data

• Passwords are stored as hashes and are not shown back in plaintext.
• Absence flows are limited to operational categories and should not contain medical detail.
• Deleted employee accounts are anonymised while historic records are retained for payroll and compliance evidence.
• Removed time entries are soft-deleted and retained in audit history instead of being destroyed.

Retention and access

Danish working-time registration rules introduced in 2024 require employers to keep working-time records for five years. Personal data should then be retained only as long as necessary for legal, payroll, bookkeeping, dispute, and employment purposes.

Employees should be able to access their own data, request correction of inaccuracies, and request deletion or restriction where legal retention duties do not require continued storage.