SquidWeb Privacy Policy

Effective starting 19/03/2026

SquidWeb (“we”, “our”, “us”) is operated by SquidWeb Ltd, registered in Cyprus, with its registered address at St. Lazaros Street 34, 6020 Larnaca.

SquidWeb Ltd acts as the data controller for the processing of personal data described in this policy.

SquidWeb provides a workforce management and staffing platform used by companies, planners, and crew members to manage scheduling, payroll, and operational workflows.

This Privacy Policy applies to all SquidWeb services, including those accessible via squidweb.biz and associated domains.

We are committed to protecting your personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

1. Information we collect

We may collect and process the following categories of data:

Personal information

  • Name
  • Email address
  • Phone number
  • Company, role, and employment-related information

Operational data

  • Work schedules and assignments
  • Attendance and time tracking
  • Payroll and financial-related information
  • Uploaded documents (e.g. identification documents, certificates, contracts)

Technical data

  • Device and browser information
  • IP address
  • Log and usage data

2. Legal basis for processing (GDPR)

We process personal data based on:

  • Contractual necessity – to provide our services
  • Legal obligations – to comply with applicable laws
  • Legitimate interests – to improve our services and ensure security
  • Consent – where required (e.g. analytics or integrations)

3. How we use your information

We use personal data to:

  • Provide and operate the SquidWeb platform
  • Manage workforce scheduling and assignments
  • Process payroll and administrative workflows
  • Generate reports and documents
  • Communicate with users
  • Improve platform performance and user experience
  • Ensure system security and prevent fraud

4. Google API services usage

SquidWeb integrates with Google APIs to allow users to generate documents, create reports, and manage scheduling workflows directly within their Google environment.

We only request access to Google user data when it is strictly necessary and explicitly initiated by the user.

Scopes and purpose of use

  • Google Drive
    Used when a user chooses to export or store generated reports or documents into their Google Drive.
  • Google Docs and Google Sheets
    Used when a user generates reports, templates, or documents within SquidWeb and chooses to create them in their Google account.
  • Google Calendar
    Used when a user creates scheduling events or workforce-related calendar entries from within the platform.
  • Google Apps Script
    Used to automate document generation workflows and support template-based document creation initiated by the user.

Data access and use

  • Access to Google data is only performed in response to direct user actions (e.g. creating a report, exporting a document, or generating a calendar event)
  • We only access the minimum necessary data required to complete that action
  • We do not access, scan, or process unrelated files or content in the user’s Google account
  • Google user data is processed automatically by the system and is not accessed by humans, except where required for security or legal compliance

Data Retention (Google Data)

  • Data obtained through Google APIs is not stored longer than necessary to complete the requested operation
  • Where documents are created in the user’s Google account, SquidWeb does not retain copies unless required for the core functionality of the service

Data sharing and restrictions

  • We do not sell, share, or transfer Google user data to third parties
  • We do not use Google user data for advertising purposes
  • We do not use Google user data to train machine learning or AI models

SquidWeb’s use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

5. Cookies and analytics

We use limited cookies and similar technologies to ensure the proper functioning, security, and performance of our website and services.

These may include essential cookies required for core functionality, such as maintaining user sessions, ensuring security, and enabling basic site features.

We do not use cookies or tracking technologies for analytics, advertising, or profiling purposes.

No personal data is collected through cookies for marketing or statistical analysis.

If non-essential cookies or tracking technologies are introduced in the future, we will update this Privacy Policy and request user consent where required by applicable law.

6. Data sharing

We do not sell personal data.

We may share data with:

  • Hosting and infrastructure providers (e.g. cloud services such as AWS)
  • Analytics providers
  • Service providers necessary to operate the platform

All third parties are required to process data securely and in accordance with applicable laws.

7. Data retention

We retain personal data only as long as necessary to:

  • Provide our services
  • Fulfill contractual obligations
  • Comply with legal requirements

8. Data security

We implement appropriate technical and organizational measures, including:

  • Access control and authentication
  • Secure data storage
  • Encryption where applicable

9. Your rights

Under applicable data protection laws, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Request data portability
  • Object to or restrict processing
  • Withdraw consent at any time

You also have the right to lodge a complaint with a supervisory authority.

To exercise your rights, contact:

info@squidweb.biz

10. Role of SquidWeb

Depending on how the platform is used:

  • SquidWeb acts as a data controller for account management, platform usage, and direct communications
  • SquidWeb acts as a data processor when processing personal data on behalf of client companies (e.g. employee or crew data)

In such cases, SquidWeb processes data only in accordance with the instructions of the client.

11. Data deletion

Users can request deletion of their data by:

  • Sending an email to info@squidweb.biz
  • Including their account email and request details

We will process deletion requests within a reasonable timeframe in accordance with applicable laws.

12. International data transfers

Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards, such as the use of Standard Contractual Clauses (SCCs) approved by the European Commission.

13. Changes to this policy

We may update this Privacy Policy from time to time. Updates will be posted on this page.

14. Contact

info@squidweb.biz