Privacy Policy

We collect the e-mail addresses of those who communicate with us via e-mail, aggregate information on what pages consumers access or visit, and information volunteered by the consumer (such as survey information and/or site registrations). The information we collect is used to improve the content of our Web pages and the quality of our service, and is not shared with or sold to other organizations for commercial purposes, except to provide products or services you've requested, when we have your permission, or under the following circumstances:

  • It is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Terms of Service of the specific application, or as otherwise required by law.
  • We transfer information about you if VacationTracker is acquired by or merged with another company. In this event, VacationTracker will notify you before information about you is transferred and becomes subject to a different privacy policy.

INFORMATION GATHERING AND USAGE

  • When you register for any VacationTracker product we ask for information such as your name, company name, email address, billing address, credit card information.
  • VacationTracker uses collected information for the following general purposes: products and services provision, billing, identification and authentication, services improvement, contact, and research. VacationTracker does not share your personal information with third parties, unless explicitly approved by you.

THIRD-PARTY AUTHENTICATION AND API INTEGRATIONS

  • VacationTracker offers multiple third-party authentication options and integrations to enhance the user experience and functionality of our service:

Google Integration

  • VacationTracker offers the option to sign in using Google OAuth authentication ("Sign in with Google"). When you choose this option, we receive basic profile information from your Google account such as your name and email address to create or authenticate your VacationTracker account.
  • With your explicit consent, VacationTracker may request access to your Google Calendar via the Google Calendar API. This access is used solely for the purpose of synchronizing vacation events between VacationTracker and your Google Calendar.
  • When using the Google Calendar integration:
    • We only store the minimum necessary data required for the integration to function, including access tokens (stored securely and encrypted) and user identifiers.
    • We do not store, or process any existing Google Calendar event data unrelated to VacationTracker.
    • We only create new events and update existing events that were previously created by VacationTracker.
    • Calendar synchronization only occurs with calendars you explicitly select within the VacationTracker interface.
  • Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Slack Integration

  • VacationTracker offers the option to sign in using Slack OAuth authentication ("Sign in with Slack"). When you choose this option, we receive basic profile information from your Slack account to create or authenticate your VacationTracker account.
  • With your explicit consent, VacationTracker integrates with Slack to provide:
    • Request time off support and notification directly via Slack
    • User onboarding functionality including importing and updating user data
  • When using the Slack integration:
    • We only store the minimum necessary data required for the integration to function, including access tokens (stored securely and encrypted) and user identifiers.
    • We do not store any Slack-specific data on our servers beyond what is necessary for the integration to function.
    • The integration only processes data you explicitly authorize through the Slack OAuth process.
  • You can revoke VacationTracker's access to your third-party accounts (Google or Slack) at any time through your respective account settings or by contacting our support team.

DATA PROTECTION AND SECURITY

  • VacationTracker implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including encryption of sensitive data, secure authentication mechanisms, and regular security assessments.
  • For users in the European Economic Area (EEA), we process personal data in accordance with the General Data Protection Regulation (GDPR). This includes providing you with the ability to access, correct, delete, restrict processing, and port your personal data.

COOKIES

  • A cookie is a small amount of data, which often includes an anonymous unique identifier, that is sent to your browser from a web site's computers and stored on your computer's hard drive.
  • Cookies are required to use the VacationTracker services.
  • We use cookies to record current session information, but do not require permanent cookies.

DATA STORAGE

VacationTracker uses third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run our services. Although VacationTracker owns the code, databases, and all rights to the VacationTracker applications, you retain all rights to your data. We are strong believers that "your data" should be your data. For this reason we offer comprehensive data export functions within VacationTracker.

DISCLOSURE

  • VacationTracker may disclose personally identifiable information under special circumstances, such as to comply with subpoenas or when your actions violate the Terms of Service of any of our applications.

YOUR RIGHTS AND BUSINESS CONTEXT

VacationTracker is a business application that is typically purchased and administered by employers on behalf of their employees. In this context:

  • The primary contractual relationship exists between VacationTracker and the employer organization.
  • The employer, as the data controller, may authorize the processing of employee data for legitimate business purposes through administrative controls.
  • Employees may have certain rights regarding their personal data as outlined below, but these rights may be subject to legitimate business needs and employer policies.

For users in the European Economic Area and where applicable by law, and subject to employer policies and legitimate business interests:

  • You have the right to access your personal data
  • You have the right to correct inaccurate personal data
  • You have the right to request deletion of your personal data (where not overridden by legitimate business needs)
  • You have the right to restrict processing of your personal data (where not overridden by legitimate business needs)
  • You have the right to data portability (for data not essential to business operations)
  • You have the right to object to the processing of your personal data (subject to employer authorization and legitimate business interests)

These rights should be exercised through your employer's designated administrator when possible. For direct inquiries, please contact support@vacationtracker.com.

CHANGES

VacationTracker may periodically update this policy. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your VacationTracker service primary account holder account or by placing a prominent notice on our site. You retain the right to access, amend, correct or delete your personal information where it is inaccurate at any time. To do so, please contact support@vacationtracker.com.

QUESTIONS

Any questions about this Privacy Policy should be addressed to support@vacationtracker.com