← Back to home

Privacy Policy

Last updated: 22 February 2026

1. Who We Are

Leavely is a leave management platform that helps teams track time off, manage balances, and streamline approvals. When we refer to "Leavely", "we", "us", or "our", we mean the operator of this service.

2. Data We Collect

We collect the following information when you use Leavely:

  • Account information: name, email address, and hashed password when you register, or profile data provided by your OAuth provider (Google or Microsoft).
  • Organisation data: company name, team members, departments, and roles you create within your workspace.
  • Leave records: leave requests, approvals, balances, and calendar data.
  • Payment information: billing details processed securely by Stripe. We do not store your full card number.
  • Usage data: pages visited, features used, and technical information such as browser type and IP address.

3. How We Use Your Data

We use your data to:

  • Provide and operate the Leavely service
  • Process leave requests and maintain balances
  • Send transactional emails (e.g. leave approvals, password resets)
  • Process payments and manage subscriptions
  • Improve and secure the platform

4. Third-Party Services

We use the following third-party services to operate Leavely:

  • Neon — PostgreSQL database hosting
  • Resend — transactional email delivery
  • Stripe — payment processing
  • Cloudflare — hosting, CDN, and DDoS protection

Each provider processes data in accordance with their own privacy policies. We only share the minimum data necessary for each service to function.

5. Cookies

Leavely uses a single session cookie that is strictly necessary for authentication. This cookie keeps you signed in and does not track you across websites. We do not use advertising or analytics cookies.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account or request data removal, we will delete your personal data within 30 days, except where we are legally required to retain it.

7. Your Rights (GDPR)

If you are in the UK or EEA, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Request a portable copy of your data
  • Withdraw consent at any time

To exercise any of these rights, please contact us using the details below.

8. Data Security

We take appropriate technical and organisational measures to protect your data, including encryption in transit (TLS), hashed passwords, and access controls.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes by email or by posting a notice on the platform.

10. Contact Us

If you have questions about this privacy policy or your data, please contact us at privacy@leavely.com.