Privacy Policy

1. Information We Collect

We collect information you provide directly, information generated by your use of the platform, and information from third-party services you connect to your account.

1.1 Identity and Contact Information

Full legal name, email address, phone number, job title, and profile photograph. Employers also provide business name, address, and tax identification numbers when setting up an organization account.

1.2 Tax and Payroll Information

Social Security Number (SSN) or Individual Taxpayer Identification Number (ITIN), date of birth, filing status, allowances, and any other information required to complete W-4, I-9, or 1099 tax forms. This data is collected solely to fulfill our payroll processing obligations under applicable law.

1.3 Banking and Payment Information

Bank account and routing numbers provided for direct deposit payroll. We use Plaid to securely link and verify bank accounts; raw banking credentials are never stored on our servers. Payment card information for subscription billing is processed by Stripe and is never stored by TableNBox.

1.4 Location Data (GPS)

When you clock in or out using the TableNBox mobile app, we collect your device's GPS coordinates to verify that the punch occurred within an authorized work location (geofencing). Location data is collected only at the moment of a clock event; we do not continuously track your location. You can disable location permissions in your device settings, though certain time-clock features will be unavailable.

1.5 Photos and Camera

The app may request camera access to capture a photo at clock-in or clock-out for identity verification (punch verification photos), to upload a profile picture, or to photograph and store employment documents such as identification cards. Photos are uploaded to secure cloud storage (AWS S3) and are only accessible to authorized managers and administrators within your organization.

1.6 Usage and Device Data

Log data, IP address, browser type, operating system, device identifiers, and in-app activity (pages viewed, features used, timestamps). This information is used to operate and improve the platform and to diagnose technical issues.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Workforce scheduling — building and publishing shift schedules, processing shift-swap requests, and managing employee availability.
• Time tracking — recording clock-in and clock-out events, verifying location and identity, calculating hours worked, and generating timesheets.
• Payroll processing — calculating wages, generating pay stubs, submitting ACH direct deposits, producing tax documents (W-2, 1099), and maintaining records required by law.
• Team communication — delivering in-app messages, announcements, and push notifications related to your employment or shifts.
• Compliance and legal obligations — meeting labor law record-keeping requirements, responding to lawful government requests, and enforcing our Terms of Service.
• Platform improvement — analyzing usage patterns to fix bugs, improve performance, and develop new features.

3. Third-Party Services

We share data with the following service providers solely as necessary to operate the platform. These providers are contractually required to protect your data and may not use it for their own purposes.

4. Data Retention

We retain personal information for as long as necessary to provide the service and fulfill legal obligations:

• Payroll and tax records — retained for a minimum of seven (7) years as required by IRS and applicable state regulations.
• Time and attendance records — retained for a minimum of three (3) years in compliance with the Fair Labor Standards Act (FLSA).
• Employment documents (I-9) — retained for three (3) years after the date of hire or one (1) year after termination, whichever is later.
• Punch verification photos — retained for ninety (90) days, then automatically deleted unless a longer retention period is configured by the employer.
• Account and profile data — retained until account deletion is requested, subject to the legal minimums above.

When data is deleted, it is permanently removed from our primary databases within 30 days. Backup copies may persist for up to 90 additional days before being purged from backup storage.

5. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access — request a copy of the personal information we hold about you.
• Correction — request that we correct inaccurate or incomplete information. Many fields (name, contact info, bank account) can be updated directly in the app.
• Deletion — request deletion of your personal information. Note that we may be required to retain certain data under applicable law (see Section 4).
• Portability — request an export of your data in a commonly used, machine-readable format.
• Opt-out of non-essential communications — unsubscribe from marketing emails at any time via the unsubscribe link in any such email. Transactional and employment-related notifications cannot be opted out of while your account is active.

To exercise any of these rights, contact us at support@tablenbox.com. We will respond within 30 days. We may need to verify your identity before fulfilling a request.

6. Data Security

We implement industry-standard safeguards to protect your information, including TLS encryption for all data in transit, AES-256 encryption for sensitive fields (SSN, bank account numbers) at rest, role-based access controls so only authorized personnel can access sensitive data, and regular security reviews.

No method of transmission or storage is 100% secure. If you believe your account has been compromised, contact us immediately at support@tablenbox.com.

7. Children's Privacy

TableNBox is a professional employment platform intended for use by individuals who are at least 13 years of age (or the minimum working age in their jurisdiction). We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected such information, we will delete it promptly. If you believe a child under 13 has provided us with personal information, please contact us at support@tablenbox.com.

8. Cookies and Tracking

Our web dashboard uses essential cookies to maintain your login session and remember your preferences. We do not use third-party advertising cookies or cross-site tracking technologies. You can configure your browser to block or delete cookies, though some features of the dashboard may not function correctly without them.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email (to the address associated with your account) and by posting a prominent notice in the app at least 14 days before the changes take effect. Continued use of the platform after the effective date constitutes acceptance of the updated policy.

10. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out: