Go2Clock Logo Go2Clock

Go2Clock Privacy Policy

Your privacy is important to us. This Privacy Policy outlines how Go2Clock collects, uses, discloses, and safeguards your information. It applies across our websites, applications, and services, including https://www.go2clock.com/.

1. Information We Collect

Log Data

We automatically collect standard log data from your browser when you access our site. This may include:
  • IP address
  • Browser type and version
  • Pages visited
  • Time and date of access
  • Time spent on pages

    • Device Data

    We may collect details about the device you use to access our site:
  • Device type and operating system
  • Unique identifiers and device settings
  • Geo-location data (subject to your device’s permission settings)

    • Personal Information

    We may collect personal data relevant to your use of our services, including information about employees that you have given us.
    The following types of data may be requested depending on which features you choose to use; however, much of it is optional and not required for basic functionality:
  • Full name
  • Email address
  • Date of birth (optional)
  • Contact number (optional)
  • Work & Home address (optional)
  • Payment or payroll details (optional depending on services used)
  • Tax ID or payroll numbers (optional depending on services used)
  • GPS coordinates (optional, required only for location tracking features)

    • Business Data

    Business data generated through normal platform usage may include:
  • Time clock data
  • Work schedules
  • Uploaded content and files
  • Analytics and usage metrics
  • Biometric templates and user profile photos (when synchronised via compatible time clock devices or transmitted via the API)
  • Payroll data provided via a third party API that you have given us access to

    • These identification data types are processed only when explicitly enabled by the client and are treated as special category data under the UK GDPR.
    All data is managed in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.


    2. Legal Basis for Processing

    We process personal data on the following legal bases:
  • Contractual necessity: To provide and maintain our services.
  • Legitimate interest: For internal operations, support, and improvements, unless overridden by user rights.
  • Consent: Where explicitly required (e.g., for optional features).
  • Legal obligation: To comply with applicable laws.

    • Our lawful bases for collecting or using personal information to provide services and goods are:

    Consent - we have permission from you after we gave you all the relevant information. All of your data protection rights may apply, except the right to object. To be clear, you do have the right to withdraw your consent at any time.

    Contract – we have to collect or use the information so we can enter into or carry out a contract with you. All of your data protection rights may apply except the right to object.

    You may withdraw consent at any time, though this may affect your ability to use certain features.


    3. Use of Information

    We collect and use personal and business data to:
  • Deliver core features of the Go2Clock platform
  • Manage accounts and user authentication
  • Process payments and billing
  • Provide customer support
  • Ensure system functionality and security
  • Comply with legal obligations


    • 4. Third-Party Disclosure

    We do not sell or disclose personal data to marketing companies. We may disclose data to trusted third-party providers to help deliver our services, including:
  • Cloud hosting and data storage
  • Payment processors
  • IT and cybersecurity providers
  • Professional advisors (under confidentiality obligations)

    • These providers are bound by data processing agreements and are compliant with relevant data protection regulations.
    Clients will be notified of any new subprocessors and may object on reasonable grounds.


    5. International Transfers

    For UK and EU clients, all data is stored and processed in the United Kingdom. For international clients, data may be stored in the United States or other jurisdictions with appropriate safeguards.

    All international transfers are protected by mechanisms such as:
  • Standard Contractual Clauses
  • Binding Corporate Rules
  • Other legally recognised safeguards

    • Once you or your users export data from Go2Clock (e.g., for payroll or CSV/print export), you are responsible for that data. We are not liable for its use or disclosure once it leaves our systems.


    6. Your Rights

    You have the right to:
  • Access your data
  • Rectify inaccuracies
  • Erase your data
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

    • We aim to respond to data subject requests within 72 hours. For assistance, contact: support@go2clock.com


    7. Cookies

    Go2Clock uses cookies to understand user behavior and enhance site experience. For more details, refer to our Cookie Policy.


    8. Business Transfers

    If Go2Clock is acquired or merged, your data may be transferred to the new entity. We will notify you of any such change and maintain this policy’s protections.

    You may not transfer any of your rights under this Privacy Policy to any other person or company. We may transfer our rights under this Privacy Policy where we reasonably believe your rights will not be affected.


    9. External Sites

    Our website may contain links to external websites not operated by Go2Clock. We are not responsible for their privacy practices.


    10. Policy Updates

    We may update this Privacy Policy to reflect changes in our practices or legal obligations. We will notify users via our website. Material changes may require renewed consent.


    11. Data Processor Role

    For the purpose of data protection law: You (the client) are the data controller. Go2Clock acts as the data processor, processing personal data solely on your documented instructions, unless otherwise required by law. Our personnel and subprocessors operate under strict confidentiality and access control protocols.


    12. Data Breaches

    In the event of a personal data breach, we will notify affected clients without undue delay, and in any case within 72 hours of becoming aware of the incident. We will provide necessary assistance to evaluate, report, and resolve the breach.


    13. Return & Deletion of Data

    You can delete your own data at anytime from our cloud service by using the Super Admin account you signed up with.

    Upon termination of the contract along with your written request, we will return any data not previously deleted, or securely delete all personal data processed on your behalf within 30 days or less, Unless a longer retention period is required or permitted by law, we will only hold your Data on our systems for the period necessary to fulfil the purposes outlined in this Privacy Policy.

    Even if we delete your Data, it may persist on backup or archival media for legal, tax or regulatory purposes. On contract termination any cloud data you have not previously deleted yourself will automatically be deleted within 90 days or less.

    Any data that is automatically deleted is permanent and cannot be restored at a later date.

    You may also request written certification of deletion.


    14. Account Termination & Data Deletion

    You may terminate your account at any time by emailing us requesting termination and data deletion.
    Your designated Admin users can export or delete data via the database maintenance section.
    After 30 days of inactivity following subscription expiry, we reserve the right to permanently delete all stored data.
    If you request assistance with data management, our support team may access data under your direction.
    You acknowledge that data recovery carries risks of potential loss.


    15. Contact

    Go2Clock Data Protection Office
    Email: support@go2clock.com
    Effective Date: 24 June 2025