Privacy Policy (United States)
This is our privacy policy for the United States, which sets out how we handle personal information of users of the ShiftCare App in the U.S. We are committed to complying with applicable U.S. privacy laws – including the California Consumer Privacy Act (CCPA) and similar state laws – to protect your personal information. The ShiftCare App is provided by us to users pursuant to a commercial arrangement between us and the company that has given you access to the ShiftCare App (the “Company”).
How do you agree to this policy?
By accessing the ShiftCare App, you consent to the collection and use of the information you provide in the manner described in this policy. This includes any data handling practices required to comply with U.S. state privacy laws.
Meanings of terms used
“We”, “us” or “our” refer to ShiftCare Inc. (the U.S. affiliate of ShiftCare Pty. Ltd.) and its related entities.
“You” or “your” refer to the user of the ShiftCare App.
“ShiftCare App” means our software application and related services that you can access and use once you complete the registration process.
“Site” means our website (for example, shiftcare.com).
“Personal Information” means any information that identifies or relates to an identifiable individual (for example, your name or contact details). This includes information defined as “personal information” or “personal data” under applicable U.S. privacy laws. If the information we collect identifies you or can be reasonably linked to you, it is considered Personal Information under this policy.
What Personal Information do we collect and hold?
We collect Personal Information about users of the ShiftCare App. The most common types of information we collect include:
Name – for example, first and last name.
Contact information – such as email address and telephone number.
Profile information – for example, a photograph or avatar you choose to upload.
Usage information – any additional information relating to you that you provide directly through the ShiftCare App or that is collected indirectly when you use the ShiftCare App (such as preferences or feedback).
Payment and technical information – certain payment-related details (to facilitate transactions) and technical information (such as device identifiers, IP address or cookies data) as described below. Some of this may be considered sensitive personal information under certain laws (for example, health-related information or precise location), but we only collect and use such data where necessary to provide our services to you.
When do we collect information?
We collect Personal Information in several ways, including:
Directly from you: information you provide during registration, and when you enter information or interact with the ShiftCare App (for example, updating your profile or submitting support requests). If you choose not to provide required Personal Information, you may not be able to complete registration or use the ShiftCare App.
From your interactions with others: if the ShiftCare App allows you to engage with other users (for example, messaging or sharing data within the App), we may collect information from those interactions.
From third parties: we collect information from third-party service providers that we integrate with, such as payment processors (for transaction confirmations or references) and analytics providers (to understand how you use our Site or App). Analytics information is generally collected in aggregate form, but if it can identify you (for example, via an IP address or unique ID), we treat it as Personal Information.
Through cookies and similar technologies: we use cookies and other tracking technologies on our Site and within the ShiftCare App to understand how you navigate and use the service, remember your preferences, and gather usage data to improve your experience. You can manage your cookie preferences via our cookie settings and your browser controls.
How do we use Personal Information?
We will use your Personal Information for purposes necessary to provide and improve our services. In particular, we use your information to:
Operate and provide our services: to allow you to access and use the ShiftCare App’s features, verify your identity when you log in, facilitate and process transactions (such as scheduling or payments), respond to support requests, and help resolve disputes or issues.
Personalize your experience: to customize our services and interface (including any in-app suggestions) so they are more relevant to you, such as remembering your settings or recommending relevant features.
Communicate with you: to update you with operational news and information about our Site and the ShiftCare App (for example, disruptions, updates, security alerts, or changes to our terms), to provide information you request, and—with your consent or as permitted by law—to send you marketing communications about products or services that may interest you. You can opt out of marketing at any time using unsubscribe links or by contacting us.
Improve and analyse our services: to carry out technical analysis and analytics to understand how the ShiftCare App is used and how we can make it better, to monitor activity in order to detect fraudulent or abusive behavior, to ensure compliance with our Terms and Conditions, and to improve functionality and user experience.
Support and surveys: to manage our relationship with you by responding to comments or queries submitted through the Site or App, and by soliciting your feedback (for example, via surveys or product reviews) to understand user satisfaction and areas for improvement.
Legal and administrative purposes: to manage our legal, regulatory, and operational obligations, including maintaining records for financial reporting, enforcing our terms of service, ensuring the security of our systems, and complying with applicable laws and lawful requests by public authorities.
We will not use your Personal Information for purposes that are incompatible with those described above without notifying you and obtaining your consent if required by law.
AI Features and Personal Data
ShiftCare offers AI-powered features as part of our Service ("AI Features"), including automated note classification, Smart Notes, and Smart Match. When these features are enabled, personal data within your account may be processed to deliver them.
Full details of how we handle personal data in connection with AI Features — including data flows, sub-processors, encryption standards, retention periods, and regional transfer arrangements — are set out in our AI & Data Usage Policy, which forms part of this Privacy Policy.
You can view and manage your organisation’s AI settings, including the ability to disable AI Features or opt out of model training, on our AI Data Controls & Transparency page.
Key principles that apply to all AI processing:
Your data is never used to train AI models without your explicit consent.
AI processing is limited to the features you have enabled.
All AI-generated content is clearly labelled and distinguishable from source records.
We engage only trusted sub-processors who are contractually restricted from using your data for any purpose beyond delivering our services.
AI-generated summaries and flags are retained for 90 days, then automatically deleted.
For UK customers, data processed by AI Features may be transferred to Australia and is protected by an International Data Transfer Agreement (IDTA) or UK Standard Contractual Clauses (SCC) Addendum. For Canadian customers, data may be processed in the United States or Australia, with cross-border processing disclosed and protected by appropriate contractual safeguards. Full details are in our AI & Data Usage Policy.
How do we protect information?
We take reasonable steps to protect your information from loss, misuse, unauthorised access, disclosure, or destruction. We implement a variety of technical, physical, and organisational safeguards, including firewalls, encryption, password-protected access controls, and secure servers.
We restrict access to Personal Information to authorised staff and contractors who need to use it in order to operate our services, and they are contractually obligated to keep your information confidential.
If you make a request to access your information, we will ask you to verify your identity before granting access. This helps ensure your data is not disclosed to someone pretending to be you.
We also maintain policies and procedures to deal with suspected data breaches. If you suspect any misuse, loss, or unauthorised access to your information, please contact us immediately so we can investigate and take appropriate action.
When do we give information to third parties?
We do not sell your Personal Information to third parties, and we do not share your Personal Information with third parties for their own independent marketing or advertising purposes without your consent. However, we disclose or make available the information we collect from you to third parties in certain circumstances, including:
Service providers and business partners who assist us in providing the ShiftCare App and our services (for example, payment processors, cloud hosting providers, analytics services, email delivery and communications tools). These third parties are contractually bound to protect your Personal Information and to use it only for the purposes we specify.
When legally required – if we are required to do so by law or valid legal process (for example, in response to a subpoena, court order, or regulatory request), or if we believe in good faith that such disclosure is necessary to investigate or protect against harmful activities, prevent fraud, or enforce our rights.
With your consent – where you have directed us to share information, for example by integrating the ShiftCare App with a third-party service, or by requesting that we share your information with a particular partner or program.
Business transfers – if we are involved in a merger, acquisition, reorganisation, or sale of assets, your Personal Information may be disclosed to the parties involved and transferred to the successor entity, subject to privacy commitments consistent with this policy.
Other than the cases above, we share information primarily to make the ShiftCare App available to you and to operate our services in compliance with applicable U.S. privacy laws.
Storing your information
All ShiftCare customer data for U.S. users is hosted on servers located in the United States. By accessing the ShiftCare App, you agree and authorise us to store your Personal Information in the United States in accordance with this policy. We primarily use U.S.-based data centres and cloud services to store and process data, which helps us ensure fast and reliable service for our U.S. customers.
If we ever need to transfer or store your information in another country (for example, to share with our Australian parent company or to use a service provider in another region), we will do so in compliance with applicable data protection laws, using appropriate safeguards where required (such as standard contractual clauses or other lawful transfer mechanisms).
We retain your Personal Information only for as long as necessary to fulfil the purposes outlined in this policy or as required by law. Once we no longer need your Personal Information for our operations or legal requirements, we will delete it or anonymise it in a secure manner.
How can you access and update your Personal Information?
You can access and update some of the Personal Information we collect about you by logging in to your account on the ShiftCare App (for example, to review and update your profile or contact details). It’s important that the information we hold about you is accurate and up to date, so please correct any inaccuracies you notice.
You also have the right to request access to other Personal Information we hold about you that may not be directly available through the app, and to request corrections of any errors in that information. To make an access or correction request, you can email us at privacy@shiftcare.com. We will need to verify your identity before fulfilling such requests.
Your privacy rights in the U.S.
U.S. state privacy laws (including the CCPA and similar laws) provide individuals with certain rights in relation to their Personal Information. Where applicable, we strive to honour these rights for all users. These rights may include:
Right to know: you can request to know what categories of Personal Information we have collected about you and, in some cases, to receive a copy of specific pieces of information.
Right to delete: you can request that we delete the Personal Information we have collected from you, subject to certain exceptions (for example, where we are required to retain information for legal obligations or internal business purposes permitted by law).
Right to correct: if you believe the Personal Information we hold about you is inaccurate or incomplete, you can request that we correct or update it.
Right to opt out of “sale” or sharing: we do not sell Personal Information. If we ever engage in activities that are considered a “sale” or “sharing” of Personal Information under applicable law (such as using data for targeted advertising), you have the right to opt out of such practices. Where required, we will provide mechanisms for you to exercise this right (for example, an online “Do Not Sell or Share My Personal Information” link, or honouring browser signals like the Global Privacy Control).
Right to non-discrimination: we will not discriminate against you for exercising any of your privacy rights. This means we will not deny you services, charge you different prices, or provide a different level of quality solely because you exercised your rights, except as permitted by law (for example, in connection with permissible financial incentive programs).
To exercise any of these rights, please contact us at privacy@shiftcare.com or call us at +1 888 546 4180 (toll-free). We may need additional information to verify your identity and ensure the security of your request. Once verified, we will respond within the timeframes required by law (for example, generally within 45 days for California residents, with the possibility of a reasonable extension).
Will this policy be updated?
We may change this policy from time to time to ensure it stays up to date with legal requirements and with how we manage privacy. When we amend the policy, the changes will be effective as soon as we post the updated version. If the changes are material, we will take reasonable steps to notify you—for example, by posting a notice in the ShiftCare App, updating the “last updated” date, or contacting you via email or in-app notification.
By continuing to use the ShiftCare App after any changes are made, you will be deemed to have agreed to the updated policy. If we make a change that requires your consent by law (for example, using your Personal Information for a new purpose that requires consent), we will seek your consent before implementing that change.
Published: October 2025
How to contact us
Your privacy is important to us. If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your Personal Information, or if you wish to make a complaint, you can contact us in the following ways:
Email: privacy@shiftcare.com
Mail: ShiftCare Inc. – Privacy Officer, 17 State Street, New York, NY 10004, USA
Phone: +1 888 546 4180 (toll-free)
We will treat your enquiries and complaints confidentially. Our representative (or Privacy Officer) will aim to contact you within a reasonable time after receiving your query or complaint to discuss your concerns and outline options for resolving them. If we cannot resolve your complaint to your satisfaction, you may have the right to escalate the matter to a regulator (for example, to the California Attorney General’s office, the California Privacy Protection Agency, your state’s Attorney General, or the U.S. Federal Trade Commission).