01 — Overview
Platform trust overview
02 — Subprocessors
Named subprocessors currently in use
These are the third-party services that help us operate ShiftCover365 today. We do not currently use any analytics, advertising or marketing processor.
Resend
- Purpose
- Transactional email delivery (account verification, password reset, welcome emails)
- Region
- United States
- Data
- Recipient email address, full name, message content
- Reviewed
- Feb 2026
Stripe
- Purpose
- Payment processing, saved payment-method tokens, branch billing
- Region
- United States (UK & EU regional processing)
- Data
- Stripe customer ID, payment-method ID, billing email
- Reviewed
- Feb 2026
Emergent
- Purpose
- Application hosting, infrastructure, object storage for profile photos
- Region
- Global cloud infrastructure
- Data
- Application traffic, profile photo binaries
- Reviewed
- Feb 2026
MongoDB
- Purpose
- Primary database storage for application records
- Region
- Managed cloud region
- Data
- User accounts, shifts, ratings, audit logs, accountability records
- Reviewed
- Feb 2026
03 — Security
Data security in practice
ShiftCover365 does not currently hold formal certifications (such as ISO 27001 or SOC 2). The controls below describe what is actually implemented today.
Password hashing
All passwords are stored as bcrypt hashes. Plain-text passwords are never logged or persisted.
JWT authentication
Sessions are signed JWTs (HS256, 24-hour expiry). Tokens live in browser local storage and are cleared on sign-out.
Role-based access control
Manager, worker and admin roles are enforced server-side on every protected endpoint.
Operational audit logging
Account creation, deletion, payment attempts and key shift state changes are recorded in tamper-evident system logs.
Encrypted payment handling
Card data is collected and stored exclusively by Stripe. ShiftCover365 only stores reference tokens, never card numbers.
04 — Transparency
Operational transparency
Soft-delete behaviour
When you delete your account, it is marked as deleted and sign-in is blocked. Operational records are retained where necessary for audit, dispute resolution, fraud prevention and legal obligations.
Operational retention
Shift records, ratings, accountability data, till checks, discrepancy reports and payment history are retained in full. Identifying personal data can be anonymised on a verified erasure request.
Support & admin access
A small number of authorised ShiftCover365 administrators may view operational data for support, fraud-prevention, dispute-resolution and platform-health purposes. All admin actions are logged.
05 — GDPR & Privacy
UK GDPR alignment
UK GDPR & DPA 2018
The platform is operated in line with the UK General Data Protection Regulation and the Data Protection Act 2018.
Lawful bases
Contract necessity, legitimate interests, legal obligation and consent — applied per processing activity.
Data subject requests
Access, correction, deletion, restriction, objection, portability and consent withdrawal. We respond within one month, in line with UK GDPR.
ICO complaint rights
You can complain to the UK Information Commissioner's Office at any time. We will cooperate fully with any formal inquiry.
06 — Status
System status
All systems operational
Live component health and incident history.
Security or procurement questions?
We respond to vendor reviews, DPIAs and supplier-security questionnaires from prospective branch partners.
