← Back to home

Privacy Policy

Last updated: 2 April 2026

1. Who We Are

Leavely is a leave management platform that helps teams track time off, manage balances, and streamline approvals. When we refer to "Leavely", "we", "us", or "our", we mean the operator of this service.

2. Data We Collect

We collect the following information when you use Leavely:

  • Account information: name, email address, and hashed password when you register, or profile data provided by your OAuth provider (Google or Microsoft).
  • Organisation data: company name, team members, departments, and roles you create within your workspace.
  • Leave records: leave requests, approvals, balances, and calendar data.
  • Payment information: billing details processed securely by Stripe. We do not store your full card number.
  • Usage data: pages visited, features used, and technical information such as browser type and IP address.

3. How We Use Your Data

We use your data to:

  • Provide and operate the Leavely service
  • Process leave requests and maintain balances
  • Send transactional emails (e.g. leave approvals, password resets)
  • Process payments and manage subscriptions
  • Improve and secure the platform

4. Third-Party Services

We use the following third-party services to operate Leavely:

  • Neon — PostgreSQL database hosting
  • Resend — transactional email delivery
  • Stripe — payment processing
  • Cloudflare — hosting, CDN, and DDoS protection
  • PostHog — product analytics (session recordings, feature usage). Data is processed in the EU. PostHog helps us understand how users interact with Leavely so we can improve the product.

Each provider processes data in accordance with their own privacy policies. We only share the minimum data necessary for each service to function.

5. Cookies

Leavely uses the following cookies:

  • Session cookie (strictly necessary) — keeps you signed in. Does not track you across websites.
  • Analytics cookies (PostHog) — help us understand how Leavely is used so we can improve the product. These cookies do not track you across other websites and are not used for advertising. You can opt out of analytics via your browser settings or by using a cookie-blocking extension.

We do not use advertising cookies or share data with ad networks.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account or request data removal, we will delete your personal data within 30 days, except where we are legally required to retain it.

7. Your Rights (GDPR)

If you are in the UK or EEA, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Request a portable copy of your data
  • Withdraw consent at any time

To exercise any of these rights, please contact us using the details below.

8. Data Security

We take appropriate technical and organisational measures to protect your data, including encryption in transit (TLS), hashed passwords, and access controls.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes by email or by posting a notice on the platform.

10. Contact Us

If you have questions about this privacy policy or your data, please contact us at hello@leavely.com.