Introduction
Dot Team (“Dot”, “we”) is a time-tracking application for the hospitality industry. This privacy policy explains what data we collect, why, and how we protect it.
Dot is published by Stephen Grieves, an independent developer based in France.
Data collected
Data provided by your employer
- Identity: first name, last name, professional email address
- Contract: contract type (permanent, fixed-term, casual), contractual hours, position
- PIN code: used for kiosk clock-in, stored encrypted server-side
Data generated through app usage
- Clock entries: clock-in/out times, shift durations, work location
- Adjustments: time corrections, leave, absences
- Reports: messages sent by employees regarding their shifts
Technical data
- Geolocation: GPS position recorded when clocking in from the mobile app, visible to your manager
- Device token: stored if push notifications are enabled
Purpose
We use your data exclusively to:
- Enable time tracking
- Calculate pay estimates
- Send reminders (missed clock-outs, shift edits)
- Provide your employer with a management dashboard
Legal basis
Processing is based on the performance of the employment contract (GDPR Article 6.1.b) and the legitimate interest of the employer in managing working time (GDPR Article 6.1.f).
Hosting and security
- Hosted by Supabase (EU servers — Frankfurt, Germany)
- Encrypted in transit (TLS/HTTPS)
- Row Level Security policies
- PIN codes verified server-side, never sent to clients
Data retention
Data is retained for the duration of employment and per legal obligations (5 years for time-tracking documents under French labour law).
Your rights
Under the GDPR, you may:
- Access — view your personal data
- Rectification — correct inaccurate data
- Deletion — request erasure (subject to legal retention)
- Portability — receive data in a structured format
- Objection — object to processing
Contact: support@dotteam.app
Changes
This policy may be updated. Users will be notified of significant changes via the application.