Hourble

Privacy Policy

How Hourble collects, uses, and protects your data.

Last updated: April 2026

1. Introduction

This Privacy Policy explains how Hourble ("we", "us", "our") collects, uses, and safeguards information when you use our timesheet compliance platform. By using Hourble, you agree to the practices described here.

2. Information we collect

We collect account information (name, email, agency details), timesheet data (hours, shift records, manager approvals), biometric verification metadata (we store proof of verification, not raw biometric templates), and standard technical data (IP address, browser, device).

3. How we use data

We use your data to operate the service, process payments, generate compliance audit trails, prevent fraud, communicate service updates, and meet our legal obligations. We do not sell personal data and do not use it for advertising.

4. Legal basis (UK GDPR)

We process personal data under: contract (to deliver the service you signed up for), legitimate interests (to secure the platform and prevent fraud), legal obligation (to retain records required by HMRC and UK law), and consent (where you have given it explicitly, e.g. marketing emails).

5. Data sharing

We share data only with vetted processors: Stripe (payment processing), our hosting and database providers (infrastructure), and email delivery providers. All processors are bound by data processing agreements. We may also disclose data when required by law.

6. Data retention

We retain timesheet and audit records for at least six years to satisfy HMRC and JSL evidentiary requirements. Account data is retained while your subscription is active and for a limited period afterwards. You may request earlier deletion subject to our legal obligations.

7. Security

We use industry-standard encryption in transit and at rest, role-based access controls, immutable audit logs, and regular security reviews. No system is perfectly secure, but we work to protect your data with appropriate technical and organisational measures.

8. Your rights

Under UK GDPR you have the right to access, correct, port, or delete your personal data, to restrict or object to certain processing, and to lodge a complaint with the ICO. To exercise any right, contact privacy@hourble.com.

9. Cookies

We use essential cookies to keep you signed in and to remember your preferences. We use limited analytics cookies to understand product usage in aggregate. You can control cookies through your browser settings.

10. Contact

Questions about this policy or your data? Email privacy@hourble.com and we will respond within 30 days.