Privacy Policy

Last updated: March 12, 2026

1. Information We Collect

When you use Yotr, we collect information you provide directly, such as your name and email address via Google OAuth. We also collect usage data including pages visited, features used, and time-off requests created.

2. How We Use Your Information

We use collected information to provide and improve Yotr, process time-off requests, manage team calendars, and communicate service updates.

3. Data Sharing

We do not sell your personal information. Data is shared only within your organization as needed for the PTO management workflow (e.g., managers see pending requests from their team members).

4. Data Security

We use HTTP-only session cookies, role-based data isolation, and multi-tenant separation to protect your data. Authentication is handled through Google OAuth — we never store passwords.

5. Data Retention

Your data is retained for as long as your organization maintains an active account. Deactivated user accounts are soft-deleted and can be restored by organization administrators.

6. Your Rights

You may request access to, correction of, or deletion of your personal data by contacting your organization administrator or reaching out to us at [email protected].

7. Contact Us

If you have questions about this privacy policy, contact us at [email protected].