Privacy Policy

Updated 08.03.2023

This Privacy Policy is provided by Rota Geek Limited, 71-75 Shelton Street, London, WC2H 9JQ. Company number 06783810. When you use Rotageek (collectively “Rotageek”, “we” and “us”), you’re trusting us with your personal data. We offer Services and our website,, (“Services”, “Sites”, or “Rotageek Services”) across our app, website and through customer support that enable organisations to predict and meet demand and manage and schedule their employees.

This Privacy Policy describes how Rotageek is committed to the security and the protection of your and your Users' data when engaging with Rotageek across our Sites or using our Services in compliance with legal requirements and best practices.

Our Services are not intended for children and we do not knowingly collect data relating to children.

It is important that you read this Privacy Policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override them.

We will continue to build and execute on our existing security practices to ensure we take all reasonable measures to secure and protect your data in accordance with all applicable laws, including the Data Protection Act (2018), the retained EU law version of the General Data Protection Regulation ((EU) 2016/679) (UK GDPR), EU Data Protection Directive 95/46/EC, the EU General Data Protection Regulation 2016/679, the EU ePrivacy Directive 2002/58/EC as amended by Directive 2009/136/EC, as amended or superseded from time to time, and any national implementing legislation (“Data Protection Laws”).


Rotageek Privacy Policy Overview

Rotageek obtains Personal Data about you from various sources to provide our Services and to manage our Site. “You” may be a visitor to our Sites

or a user of one or more our Services (“User” or “Organisation”) or an employee of a User or Organisation (“Employee”). If you are an Employee, Rotageek will generally not collect your Personal Data directly from you. Your agreement with the relevant Organisation should explain how the Organisation shares your personal data with Rotageek, and if you have questions about this sharing, then you should direct those questions to the Organisation.

This Privacy Policy is meant to help you understand what information we collect, why we collect it, how we process it and how you can update, manage, export and delete your information.

If at any time you are concerned or have questions about how we might be handling your data, please reach out to our Data Protection Officer at

Personal data that Rotageek collects:


  • When you create a Rotageek Account, your Organisation provide us with your personal information that includes your name, personal/business email, job title, business location including effective transfer date, payroll ID, pay rate and its effective date. The Organisation may provide us with your Date of Birth to ensure you are scheduled according to regulations of the country in which you are resident in. The Organisation may choose to collect additional information, such as your phone number, your employment start and end date, skills, contracted hours, annual leave allowance and its effective date.
  • When your account is created, you are provided with a Rotageek username and sent an email to set your Rotageek password. You can also choose to add or remove a phone number and email address.
  • When you fill in our online form to contact our sales team, we collect your full name, work email and anything else you tell us about your project, needs and timeline.

Our Sites use cookies and other technologies to function effectively. These technologies record information about your use of our Sites, including:

  • Browser and device data:
    We collect information about the browsers and devices that you use to access Rotageek services, such as IP address, device type, operating system name and version, device manufacturer and model, and language.

    We and our third-party partners, such as our advertising and analytics partners, use cookies and other tracking technologies (e.g., web beacons, device identifiers and pixels) to provide functionality and to recognise you across different Services and devices. For more information, please see our Cookies Policy, which includes information on how to control or opt in or out of these cookies and tracking technologies.
  • Usage data:
    We collect information about your usage of our Services. This includes time spent on the Sites, pages visited, links clicked, language preferences and the pages that led or referred you to our Sites.

    The information we collect includes Your name and email address when you visit and wish to contact us or download resources.
  • Your location information:
    We collect information about your location via GPS, which helps us offer features such as geofenced Check-In, when you are using our services.


Why Rotageek collects data

We use the information that we collect from all our Services for the following purposes:

  • Provide our products and Services:
    We use your information to deliver Rotageek Services to the Organisation with whom we have contracted to provide the scheduling Services and to facilitate the business relationships we have with our Users, such as scheduling staff, receiving notifications about scheduling, leave and swaps and processing timesheets for payroll.
  • Maintain and improve Rotageek:
    We use your information to ensure that our Services are working as intended, such as tracking downtime or troubleshooting issues with specific features. We also use your information to make continuous improvements to our Services - for example, understanding how you use a feature like the scheduler to make it faster for you to schedule shifts and notify your staff.
  • Develop new services:
    We use the information we collect in existing Rotageek Services to help us develop new ones. For example, understanding how people used Rotageek’s original version 1 of our autoscheduling tool, helped us in designing and launching the most recent version 3.
  • Measure performance:
    Rotageek is committed to delivering a resilient and efficient service. We use data for analytics and measurement to understand how Rotageek is used. For example, we analyse data about your use of certain features in order to develop improvements to that feature.
  • Communicate with you:
    We use information we collect, such as your email address, to interact with you directly. We may send you notifications about your schedule updates or shifts that become available via email, SMS or push notification as well as information about our latest updates. We also provide you with technical support, updates or administrative messages. We may also contact you from time to time if you visit our Sites or our application to update you with respect to updates relating to our business, Services or other relevant marketing material.

Sharing your information

We do not share your personal information with companies, organisations or individuals outside of Rotageek except in the following cases:

With Organisation administrators:

Your Organisation administrators will have access to your Rotageek account. They may communicate with you to:

  • Access and retain information stored in your account such as your email
  • View data and statistics regarding your account such as how many times you’ve logged in and approved schedules
  • Suspend or terminate your Rotageek account access
  • Receive your Rotageek account information in order to satisfy applicable law, regulation, legal process or enforceable governmental request.
  • Change your Rotageek account password
  • Restrict your ability to delete or edit your information or your privacy settings

For external processing:

We share Personal Data with a limited number of our service providers. We have service providers that provide services on our behalf, such as identity verification services, website hosting, data analysis, information technology and related infrastructure, customer support, email delivery and SMS delivery. These service providers may need to access Personal Data to perform their services. We authorise such service providers to use or disclose the Personal Data only as strictly necessary to perform services on our behalf or comply with legal requirements. We require such service providers to contractually commit to protect the security and confidentiality of Personal Data they process on our behalf in accordance with applicable Data Protection Legislation. Our service providers are predominantly located in the European Union and the United States of America. All of our third-party suppliers are fully vetted to ensure their security practices are meeting our standards. For a full list of our sub-processors, see here.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions

Where your data is transferred out of the UK for any processing activity, we have put in place with our sub-processors technical and organisational measures to protect your personal data to ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data; or
  • Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK.

For Marketing:

We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you, including by email and by displaying Rotageek ads on other companies' websites and applications, as well as on platforms like [Facebook and Google]. These communications are aimed at driving engagement and maximising what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you. We also communicate with you about new product offers, promotions and contests. You can manage your preferences at all times and opt out of any such communications.

For legal reasons:

We will share personal information outside of Rotageek if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:

  • Comply with applicable law
  • Enforce our contractual rights
  • Protect the rights, privacy, safety and property of Rotageek, you or others
  • Respond to requests from courts, law enforcement agencies, regulatory agencies and other public and government authorities, which may include authorities outside of your country of residence.

If Rotageek is involved in a merger, acquisition or sale of assets, we’ll continue to the ensure the confidentiality of your personal information and give affected users notice before personal information is transferred or becomes subject to a different privacy policy. 


Security and Retention


We make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of Personal Data. We maintain organisational, technical and administrative measures designed to protect Personal Data within our organisation against unauthorised access, destruction, loss, alteration or misuse.

Your Personal Data is only accessible to a limited number of Rotageek personnel who need access to the information to perform their duties. Anyone with this access is subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.

Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately at

If you are a Rotageek User, we retain your Personal Data as long as we are providing the Services to your Organisation or as long as required by the administrator of your account.

We retain Personal Data after we cease providing Services to you, even if you close your Rotageek account, to the extent necessary to comply with our legal and regulatory obligations, and for the purpose of fraud monitoring, detection and prevention.

If you have elected to receive marketing emails from us, we retain information about your marketing preferences unless you specifically ask us to delete such information. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.

Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.

We review our information collection, storage and processing practices, including physical security measures, regularly to prevent unauthorised access to our systems.

Your rights


You have a choice regarding our use and disclosure of your Personal Data.

If you no longer want to receive marketing-related emails from us, you may opt-out via the unsubscribe link included in such emails or email . We will comply with your request(s) as soon as reasonably practicable and within 1 month. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages that are required to provide you with our Services.

If you are a User and would like to review, correct, or update Personal Data that You have previously disclosed to us, You may do so by contacting your Manager in your Organisation. As a Data Processor of your data, we can only take instructions from our client’s Administration team.

If you receive marketing information from us and would like to review, correct or update your Personal Data, You may do so by contacting us.

Your Organisation undertake to notify the Employees of this Privacy Policy and of their rights under the Data Protection Law. We will provide you with reasonable assistance to enable you to comply and respond to a request, query or complaint from an Employee in relation to their Personal Data.

Depending on your location and subject to applicable law, you may have the following rights with regard to the Personal Data we control about you:

  • The right to request confirmation of whether Rotageek processes Personal Data relating to you, and if so, to request a copy of that Personal Data;
  • The right to request that Rotageek rectifies or updates your Personal Data that is inaccurate, incomplete or outdated;
  • The right to request that Rotageek erase your Personal Data in certain circumstances provided by law;
  • The right to request that Rotageek restrict the use of your Personal Data in certain circumstances, such as while Rotageek considers another request that you have submitted (including a request that Rotageek make an update to your Personal Data); and
  • The right to request that we export to another company, where technically feasible, your Personal Data that we hold in order to provide Services to you.

In some cases, we retain data for limited periods when it needs to be kept for legitimate business or legal purposes.

We try to ensure that our services protect information from accidental or malicious deletion. Because of this, there may be delays between when you delete something and when copies are deleted from our active and backup systems.

Process for exercising data protection rights:

In order to exercise your data protection rights, you may contact Rotageek as described in the Contact Us section below. We take each request seriously. We will comply with your request to the extent required by applicable law. We will not be able to respond to a request if we no longer hold your Personal Data. If you feel that you have not received a satisfactory response from us, you may consult with the data protection authority in your country.

For your protection, we may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file. If we no longer need to process Personal Data about you in order to provide our Services we will not maintain, acquire or process additional information in order to identify you for the purpose of responding to your request.

If you are a current or former Employee of an Organisation who uses or has used Rotageek Services, please direct your requests directly to the Organisation. For example, if you are employed or were previously employed by an Organisation using Rotageek as a scheduling provider, and you have a request that is related to the information that you provided, then you should address your request directly to the Organisation.

Updates to this policy:
We update this policy from time to time. We will always indicate the date when the latest changes were published. If changes are significant, we’ll provide a more prominent notice by email.

Links to other website:
We may at times provide links on our Website to third party websites, including without limitation those owned or managed by our partner networks, affiliates or advertisers. These websites have separate privacy policies, and we therefore cannot accept any responsibility for the content. As such, choosing to follow these links is a choice you make at your own risk, and we advise that you check these websites' individual privacy policies before submitting any personal data.

Contact Us:
If you have questions, you can contact Rotageek and our Data Protection Officers at You can contact your local data protection authority (in the UK, this is the Information Commissioner’s Officer) if you have concerns regarding your rights under local law.