1. Controller

Enrique Bartholme
Email: support@shifttap.app

2. Core principles

ShiftTap follows a clear privacy-first approach:

• All personal work data is stored locally on your device.
• No data is shared with third parties for advertising purposes.
• No user profiles are created for marketing.
• An account is not required for the core use of the app.
• You stay in control of data export and deletion.

3. What data is processed?

3.1 Data stored locally

The following data remains on your device:

• Tips, dates, times, notes, and work-related metadata
• Shifts, breaks, premiums, templates, and job contexts
• Expenses, categories, and descriptions
• Goals, time ranges, and progress values
• Settings such as language, currency, or notification preferences
• Optional health data if you explicitly grant HealthKit access

3.2 In-app purchases and RevenueCat

RevenueCat may be used to manage premium purchases. For subscription handling, technical information such as anonymous device identifiers and purchase status may be processed.

This data is not intended to create a personal advertising profile. You can find more information at revenuecat.com/privacy.

3.3 HealthKit (optional)

If you enable HealthKit, only the data you explicitly approved in iOS will be used, such as steps, active energy, or workout minutes. This use is optional and can be revoked at any time.

4. What is the data used for?

• To display your shifts, income, and personal statistics
• To provide features such as goal tracking and analysis
• To verify and manage premium access

5. Sharing data with third parties

Data is not shared for advertising purposes. Technical exceptions may apply for:

• RevenueCat: subscription management
• Apple: payment processing for in-app purchases
• Legal obligations: if disclosure is legally required

6. Your rights

Under applicable privacy rules, you may have rights such as:

• Access to processed data
• Correction of inaccurate information
• Deletion of data where applicable
• Data portability
• Objection to certain processing activities

For local app data, you can use the export and deletion features directly inside the app or remove the app from your device. For purchase-related data requests, contact support@shifttap.app.

7. Data security

• iOS sandboxing protects local app data
• Network communication is encrypted via HTTPS/TLS
• There is no cloud requirement for core usage

8. Children and minors

ShiftTap is not intended for children under 16. No data from children under 16 is knowingly collected.

9. Cookies and tracking

The app does not use advertising cookies or profile-based tracking. On the website, technically necessary access data from the hosting provider may appear in server logs.

10. Changes to this privacy policy

This privacy policy may be updated if features, legal requirements, or technical services change. The version published on this page is the governing version.

11. International data transfers

Because personal usage data is generally stored locally, there are no broad international transfers of that data. For technical purchase processing, services outside your country may be involved.

12. Contact

If you have questions about privacy or want to exercise your rights, contact support@shifttap.app.

Version history

1. March 2026: First published version for ShiftTap 2.0