01Who We Are
SwiftShift ("SwiftShift," "we," "us," or "our") is operated by Glimps Hospitality LLC, a Michigan limited liability company. SwiftShift operates a two-sided mobile marketplace connecting restaurant businesses ("Restaurants") with on-demand hospitality workers ("Workers") for one-off shift engagements.
This Privacy Policy explains how we collect, use, share, and protect information when you use the SwiftShift mobile application and website (collectively, the "Platform"). It applies to all users — Restaurants, Workers, and visitors.
02Information We Collect
A. Information You Give Us
When you create an account or use the Platform, you may provide:
- Identity information: Full name, email address, phone number, date of birth, profile photo
- For Workers: Work experience, skills, job roles, identity verification documents (government-issued ID)
- For Restaurants: Business name, business address, type of establishment, contact person
- Payment information: Bank account details and payment card information — collected and stored by our payment processor, Stripe. We do not store full payment credentials on our servers.
- Profile content: Ratings, reviews, shift history, and any messages sent through the in-app chat
B. Information We Collect Automatically
When you use the Platform, we automatically collect:
- Device information: Device type, operating system, unique device identifiers, mobile network information
- Usage data: Pages viewed, features used, shifts browsed, time spent in app, tap and click patterns
- Location information: General geographic area (city/region level) used to show relevant shifts and workers. We do not continuously track your precise GPS location in the background.
- Push notification tokens: Used to deliver shift alerts and account notifications via Firebase Cloud Messaging
- Crash and performance data: Error logs and crash reports collected via Firebase Crashlytics to help us diagnose and fix issues
- Log data: IP address, access times, referring URLs, browser type (for web visitors)
C. Information from Third Parties
- Stripe: We receive confirmation of payment method verification status and transaction outcomes from Stripe. We do not receive your full card or bank account numbers.
- Identity verification: We may use third-party services to verify the identity of Workers during onboarding. These services may collect and process government-issued ID documents on our behalf.
- Firebase Authentication: We use Google Firebase to manage account creation, login, and session security.
03How We Use Your Information
We use the information we collect to:
| Purpose | Legal Basis |
|---|---|
| Create and manage your account | Contract performance |
| Match Workers with Shift listings | Contract performance |
| Process payments and payouts via Stripe | Contract performance |
| Send shift alerts, booking confirmations, and account notifications | Contract performance / Legitimate interest |
| Verify Worker identity during onboarding | Legal obligation / Legitimate interest |
| Enforce our cancellation and suspension policies | Legitimate interest |
| Detect fraud, abuse, and policy violations | Legitimate interest / Legal obligation |
| Improve Platform performance and fix bugs (via Crashlytics) | Legitimate interest |
| Respond to support requests | Legitimate interest |
| Comply with applicable law | Legal obligation |
| Send marketing communications (with your consent) | Consent |
04How We Share Your Information
Between Platform Users
When a Restaurant posts a Shift and a Worker applies, certain profile information is visible to the other party — including name, profile photo, ratings, and relevant work history. This is necessary for the marketplace to function. Payment amounts and bank details are never visible to the other party.
Service Providers
We share data with trusted third-party service providers who help us operate the Platform, under contractual obligations to protect your data:
| Provider | Purpose |
|---|---|
| Google Firebase | Authentication, database, push notifications, crash reporting — account data, usage data, device tokens |
| Stripe, Inc. | Payment processing and Worker payouts — name, bank account details, transaction data |
| Identity verification provider | Worker identity verification — government ID documents |
Legal and Safety
We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect the safety of any person, prevent fraud, or enforce our Terms of Service.
Business Transfers
If SwiftShift is acquired, merged, or its assets are transferred, your information may be transferred as part of that transaction. We will notify you before your data becomes subject to a materially different privacy policy.
05Data Retention
We retain your information for as long as your account is active or as needed to provide services. If you close your account:
- Profile information is deleted or anonymized within 90 days
- Transaction and payment records are retained for 7 years for tax and legal compliance
- Shift history may be retained in anonymized form for platform analytics
You may request deletion of your account and associated data at any time by contacting support@swiftshiftapp.com. Some data may be retained where we have a legal obligation to do so.
06Your Privacy Rights
All Users
You have the right to:
- Access the personal information we hold about you
- Correct inaccurate information in your account
- Request deletion of your account and personal data (subject to legal retention obligations)
- Opt out of marketing communications at any time via the unsubscribe link in any email or by contacting us
California Residents — Your CCPA Rights
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):
- Right to Know: You may request a copy of the personal information we have collected about you in the past 12 months, including the categories of information, sources, purposes, and third parties it was shared with.
- Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
- Right to Correct: You may request correction of inaccurate personal information.
- Right to Opt Out of Sale or Sharing: We do not sell or share personal information for cross-context behavioral advertising.
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
To exercise any California privacy right, contact us at support@swiftshiftapp.com with the subject line "California Privacy Request." We will respond within 45 days.
07Children's Privacy
The Platform is intended for users 18 years of age and older. We do not knowingly collect personal information from anyone under 18. If we become aware that a user is under 18, we will promptly close the account and delete associated data. If you believe a minor has created an account, please contact support@swiftshiftapp.com.
08Data Security
We implement industry-standard technical and organizational measures to protect your personal information, including:
- Encrypted data transmission (TLS/HTTPS)
- Firebase App Check to prevent unauthorized API access
- Firestore security rules restricting data access by user role
- Stripe's PCI-DSS compliant infrastructure for all payment data
No method of transmission over the internet is 100% secure. We cannot guarantee absolute security, but we take reasonable steps to protect your data and will notify you of any breach as required by applicable law.
09Third-Party Links and Services
The Platform may contain links to third-party websites or services (such as Stripe's payment portal). This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you use.
10Push Notifications
We send push notifications to your device for shift alerts, application updates, payment confirmations, and account notices. You can disable push notifications at any time in your device's system settings. Disabling notifications will not affect your ability to use the Platform but may cause you to miss time-sensitive shift updates.
11Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or in-app notification at least 30 days before the change takes effect. The "Last updated" date at the top of this policy reflects the most recent revision. Continued use of the Platform after the effective date constitutes acceptance of the updated policy.
12Contact Us
If you have questions, concerns, or requests related to this Privacy Policy, contact us at:
- For California privacy requests, use the subject line: "California Privacy Request"
- For data deletion requests, use the subject line: "Account Deletion Request"