Rezano

Privātuma politika

Pēdējoreiz atjaunināts: 2026-05-23

1. Controller

The data controller for personal data processed via Rezano is the entity described in Contact: support@rezano.lv.

2. Data we collect

Account data: name, email, organization name, role, encrypted password hash, timezone, phone (optional).

Work data: check-in/out timestamps, location coordinates (if GPS used), shift assignments, leave requests, work logs.

Technical data: IP address (for security), browser type (for support), cookies for session and preferences.

3. Purposes and legal basis (GDPR Art. 6)

Service provision (contract, 6.1.b): processing necessary to deliver the Service - authentication, time tracking, schedule management.

Legitimate interest (6.1.f): security, fraud prevention, service improvement (anonymized analytics).

Legal obligation (6.1.c): retention required by accounting or labor law.

Consent (6.1.a): optional marketing emails. You can withdraw anytime.

4. Data retention

Active accounts: data retained while the account is active. On account deletion: data deleted within 30 days, except records we must retain for legal compliance (accounting: 5 years per Latvian law).

Demo workspaces: deleted automatically 5 days after creation.

5. Third parties

Hosting: our servers are in EU data centers (Contabo / Hetzner / equivalent).

Email delivery: Google Workspace for transactional emails.

Payments (when launched): Stripe Inc. - processes payment data directly, we don't store card details.

Authentication (optional): Google OAuth for sign-in. We only receive email and name.

No data is sold to third parties. No advertising trackers.

6. Your rights (GDPR)

You have the right to:

  • Access your data (Art. 15)
  • Rectify inaccurate data (Art. 16)
  • Erasure - "right to be forgotten" (Art. 17)
  • Restriction of processing (Art. 18)
  • Data portability - export in machine-readable format (Art. 20)
  • Object to processing (Art. 21)
  • Lodge a complaint with the Latvian Data Protection Inspectorate (Datu valsts inspekcija)

Email support@rezano.lv to exercise any right. Response within 30 days.

7. Security

We use HTTPS for all traffic, encrypted password hashes (bcrypt), httpOnly cookies for session tokens, daily database backups. Access to production data is restricted to authorized personnel.

8. Cookies

We use only essential cookies. See Cookies policy for details.

9. Children

The Service is not directed at users under 16.

10. Changes

We may update this Policy. Material changes notified by email at least 14 days before taking effect.