Privacy policy

Effective date: 17 April 2026.

Teamleave ("Teamleave", "we", "us", "our") provides workforce leave planning and approval tools. This Privacy Policy explains what information we collect, how we use it, when we share it, and the rights and choices available to you.

Scope. This Privacy Policy applies to our website, product applications, and related services (collectively, the "Services"). Where an organisation provides your account, that organisation may act as data controller for workspace data and Teamleave acts as a processor under its instructions.

Information we collect. We collect information you provide directly, including account data (such as name, email address, password/passkey credentials), workspace profile details (such as organisation name and branding), team and scheduling records (such as leave requests, working-day patterns, approvals, and public-holiday assignments), and communications you send to support.

Information collected automatically. We collect limited technical and usage information necessary to operate and secure the Services, such as device/browser metadata, IP-derived network information, authentication and security events, page/app interaction logs, and error diagnostics.

How we use information. We use personal data to provide and maintain the Services, authenticate users, process leave planning and approvals, enforce permissions, prevent fraud and abuse, troubleshoot and improve reliability, communicate service-related notices, comply with legal obligations, and respond to support requests.

Legal bases (where applicable). Depending on your jurisdiction, we process personal data on one or more of the following grounds: performance of a contract, legitimate interests (for security, fraud prevention, and product improvement), legal obligation, and consent where required by law.

How we share information. We do not sell personal information. We share data only with trusted service providers acting on our behalf (for example hosting, infrastructure, email delivery, and payment processing), with your organisation administrators as part of normal workspace operation, when required by law or legal process, or in connection with a merger, acquisition, or asset transfer subject to appropriate safeguards.

International transfers. Your information may be processed in countries other than your own. Where required, we use appropriate transfer safeguards, such as contractual protections and equivalent legal mechanisms.

Data retention. We retain personal data only for as long as necessary to provide the Services, satisfy contractual and legal obligations, resolve disputes, enforce agreements, and maintain required security/audit records. Retention periods may vary by data type and legal requirements.

Security. We use reasonable technical and organisational measures to protect personal data, including access controls, encryption in transit, and monitoring. No method of storage or transmission is completely secure, and we cannot guarantee absolute security.

Your rights and choices. Subject to local law, you may have rights to access, correct, delete, restrict, or object to certain processing, and to data portability. You may also request account closure through your workspace administrator or by contacting us. We will verify and respond to rights requests as required by applicable law.

Children's privacy. The Services are not directed to children, and we do not knowingly collect personal data from children where prohibited by law. If you believe a child has provided personal data, contact us so we can investigate and take appropriate action.

Third-party services. The Services may integrate with third-party providers (for example payment processors or external websites). Their privacy practices are governed by their own policies, and we encourage you to review those policies directly.

Changes to this policy. We may update this Privacy Policy periodically. We will post the revised version with an updated effective date and, where required, provide additional notice. Continued use of the Services after an update means the updated policy applies.