Privacy Policy

Effective Date: 7th March 2026

1. Introduction

WorkedToday ("we", "our", or "us") respects your privacy and is committed to protecting the personal data you share with us. This Privacy Policy explains how we collect, use, and protect your information when you use the WorkedToday mobile applications and website.

2. Information We Collect

We collect the following types of information to provide and improve our services:

Account Information

  • Name (required)
  • Email address (required for login and identification)
  • User ID (automatically assigned by Firebase)
  • Phone number and address (if provided)
  • Sexual identity (if provided; optional future feature)

Analytics Data (Requires Explicit Consent)

  • App activity (e.g., screens viewed, session duration)
  • Device or other IDs (e.g., Firebase Installation ID, Advertising ID if used)
  • Default State: Disabled (opt-in required)
  • Legal Basis: Consent (GDPR Article 6(1)(a))
  • You can enable or disable analytics at any time in Settings > Privacy > Analytics

Crash Reporting & Diagnostics (Legitimate Interest)

  • Crash logs and error reports (e.g., stack traces, error messages)
  • Device information (e.g., device model, OS version, memory state)
  • App state at time of crash (e.g., active screen, user actions leading to crash)
  • Default State: Enabled (opt-out available)
  • Legal Basis: Legitimate Interest (GDPR Article 6(1)(f))
  • Justification: Network and information security is recognized under GDPR Recital 49 as a legitimate interest
  • You can disable crash reporting at any time in Settings > Privacy > Crash Reporting

User-Generated Content

  • Photos, files, or documents uploaded within the app (optional, future feature)

3. How We Use Your Data

We use your data to:

  • Provide core app functionality (e.g., logging jobs/shifts, tracking hours and earnings)
  • Authenticate and manage your account (login, password recovery, profile display)
  • Improve app stability and fix errors (via Firebase Crashlytics - enabled by default under legitimate interest)
  • Analyze app usage and improve features (via Firebase Analytics - only with your explicit consent)
  • Ensure app security and prevent abuse or fraud
  • Comply with legal obligations

We do not sell or rent your personal data to third parties.

Crash Reporting: Why It's Essential

Crash reporting is enabled by default based on our legitimate interest in maintaining a stable, secure application. This is essential for:

  • Service Quality: Identifying and fixing critical bugs that prevent the app from functioning
  • Security: Detecting and resolving security vulnerabilities before they can be exploited
  • User Experience: Ensuring the app works reliably across different devices and OS versions
  • Data Protection: Crash data is anonymized and does not include personal information like names or email addresses

Your Right to Object: You can disable crash reporting at any time in Settings > Privacy > Crash Reporting. However, this may limit our ability to diagnose and fix issues you experience.

4. Data Storage and Security

Data is securely stored using Google Firebase infrastructure. All data transmitted between your device and our servers is encrypted in transit using HTTPS/TLS. We regularly monitor our systems to prevent unauthorized access or misuse.

Data Retention

  • Account Data: Retained for the lifetime of your account or until you request deletion
  • Analytics Data: Retained for 14 months, then automatically deleted by Firebase Analytics
  • Crash Reports: Retained for 90 days, then automatically deleted by Firebase Crashlytics
  • Deleted Accounts: Personal data (name, email) is permanently deleted immediately. Anonymized work records (shift dates, hours, payments) may be retained for business and legal compliance. Requesters created solely by you with no other associated workers are also deleted.

5. Sharing of Data

We may share data only with:

  • Service Providers: Google Firebase (for authentication, analytics, and crash reporting) processes data solely on our behalf. Firebase complies with GDPR and is certified under the EU-U.S. Data Privacy Framework.
  • Authorities or Regulators: If legally required by law or court order.

We do not share data with advertisers or unrelated third parties. For detailed information about what data we collect through third-party services, visit our Data Collection Documentation.

6. Your Rights and Choices

Under GDPR and applicable data protection laws, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Update or correct your account details directly in the app
  • Deletion: Delete your account directly in the app (Account > Delete Account). Your personal information is permanently removed. Anonymized work records may be retained for employer business compliance. You can also request deletion by emailing support@workedtoday.com.
  • Data Portability: Receive your data in a structured, machine-readable format
  • Withdraw Consent: Disable analytics at any time (Settings > Privacy > Analytics)
  • Object to Processing: Disable crash reporting at any time (Settings > Privacy > Crash Reporting), exercising your right to object to processing based on legitimate interest
  • Lodge a Complaint: Contact your local data protection authority if you believe your rights have been violated

To exercise any of these rights, contact us at support@workedtoday.com or use the in-app settings for analytics and crash reporting controls.

7. Account & Data Deletion

How to delete your account

  • Open the app → Account → Delete Account
  • Enter your password to confirm
  • Your account and data are deleted immediately

What is deleted

  • Account information (name, email, user ID)
  • All job/shift records
  • Requester associations
  • Employment links
  • Firebase Auth account

What is retained

  • Anonymized deletion audit (no personal data — only hashed email and timestamps for legal compliance)
  • Anonymized work records may be retained if linked to an employer's business records

Alternative deletion method

  • Email support@workedtoday.com with your account email
  • We will process the request within 30 days

Timeline: Deletion is processed immediately upon confirmation. Anonymized audit records are retained per legal requirements.

8. Children's Privacy

WorkedToday is not intended for children under 13 years old. We do not knowingly collect personal data from children under 13. If you believe your child has provided data, please contact us immediately for deletion.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted here with a revised effective date. Continued use of the app after updates means you accept the revised policy.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or your personal data, please contact us:

Email: support@workedtoday.com

Website: https://workedtoday.com

Also see our Terms of Service.