OffDuty — Privacy Policy

1. Introduction

9MB Project Limited ("Company", "we", "us") operates Roster Architect and OffDuty (collectively, the "Service"). This Privacy Policy describes how we collect, use, and protect your personal data in accordance with the Personal Data (Privacy) Ordinance (Cap. 486) of Hong Kong ("PDPO").

2. Information We Collect

We collect the following types of information:

• Account Information: Email address, display name, and authentication credentials provided during registration.
• Roster Data: Shift assignments, leave records, duty requests, and swap requests created within the Service.
• Device Information: Device type, operating system, push notification tokens, and calendar sync preferences (OffDuty app only).
• Usage Data: Pages visited, features used, and interaction patterns to improve the Service.

3. How We Use Your Information

• To provide, maintain, and improve the Service.
• To process roster generation, shift scheduling, and related requests.
• To send push notifications for swap requests, duty request periods, and service updates.
• To enforce our Terms of Service and protect against fraud or abuse.
• To comply with legal obligations.

4. Data Processor Obligations (PDPO)

For organizational rosters, 9MB Project Limited acts as a Data Processor. We do not sell staff personal data to third parties.

Where 9MB Project Limited processes personal data on behalf of an organization ("Data User") through the Roster Architect platform, we act as a Data Processor under the Personal Data (Privacy) Ordinance (Cap. 486) of Hong Kong.

As a Data Processor, we:

• Process personal data only on the documented instructions of the Data User (organization).
• Implement appropriate technical and organizational measures to protect personal data.
• Do not sub-process personal data without prior written authorization from the Data User.
• Assist the Data User in responding to data subject access requests.
• Delete or return personal data upon termination of the service agreement.

5. Device Permissions (OffDuty Mobile App)

The OffDuty mobile application requests the following device permissions only when you actively use the related feature. All access is on-device and we do not transmit, store, or share captured media or device-side data on our servers unless explicitly stated.

• Calendar:Requested if you choose to mirror your OffDuty schedule into your device's native Calendar. Events are written to the calendar you select; we do not read events from your existing calendars. You can disable calendar sync in OffDuty Settings at any time, after which we stop writing new events.
• Notifications:Requested so we can send push notifications for swap requests, duty request periods, group event invitations, and roster updates. Notifications are delivered via Apple Push Notification Service (iOS) or Firebase Cloud Messaging (Android). Push tokens are stored with your account so we can route messages to your device. You can disable notifications in OffDuty Settings or your device's system settings at any time.
• Photo Library / Files (Roster Architect web only): When an organization manager uses the optional staff-list import OCR feature in Roster Architect, the selected image is uploaded to our servers for text recognition and is then deleted within 30 days. This permission is not requested in the OffDuty staff mobile app.

6. Data Sharing and Disclosure

We do not sell your personal data. We may share data with:

• Your Organization: If you are paired with an organization via OffDuty, your organization manager can view your roster assignments and requests.
• Workgroup Members: Calendar data shared within workgroups is subject to the privacy settings you configure per group.
• Service Providers: Third-party infrastructure providers (hosting, authentication, payment processing) who process data on our behalf under appropriate agreements.
• Legal Requirements: When required by law, regulation, or legal process.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Upon account deletion or organizational offboarding, we will delete or anonymize your personal data within 90 days, unless retention is required by law.

8. Security

We implement industry-standard security measures including encryption in transit (TLS), encrypted storage, access controls, and regular security assessments. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

9. Your Rights

Under the PDPO, you have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate personal data.
• Request deletion of your account and associated data.
• Withdraw consent for push notifications or calendar sync at any time via the app settings.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via the Service or by email. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact

For questions about this Privacy Policy or to exercise your data rights, please contact 9MB Project Limited at support@9mbproject.com.