Teamiy
Login
Free Trail
Teamiy by TechVerdi
Teamiy

Privacy Policy Teamiy

1) Who we are and how this policy applies

This Privacy Policy describes how Teamiy (“Teamiy,” “we,” “us,” or “our”), a legally owned and operated SaaS product of TechVerdi SA (registered in Switzerland), collects, uses, discloses, and safeguards Personal Data when:

  • You visit our websites, help center, or marketing pages (the “Sites”),
  • You use Teamiy’s HR management platform, mobile apps, and related services (the “Services”),
  • You interact with us as a prospect, customer, supplier, or applicant.

When we provide the Services to a business customer (your employer), Teamiy acts as a data processor/service provider, and the customer is the data controller/business that determines the purposes and means of processing. For Site visitors, billing contacts, sales/marketing, and our own operations, Teamiy acts as a data controller.

If you are an employee using Teamiy through your employer, please direct questions and requests (access, deletion, corrections) to your employer, the data controller, who will work with us to fulfill them.

2) Key definitions

Personal Data/Personal Information

Information that identifies or is reasonably linkable to an individual.

Controller / Business

The organization that determines the purposes and means of processing personal data.

Processor / Service Provider

An organization that processes personal data on behalf of a controller/business.

Sensitive Personal Data

May include government IDs, financial information, precise location, health or biometric data, union membership, or information about children, depending on law.

3) What we collect

The Personal Data we process depends on your role and how you interact with Teamiy.

A) Site visitors and business contacts (Controller context)

  • Identifiers & contact data (name, email, phone, company, role).
  • Usage, device, and log data (browser type, IP address, pages viewed, timestamps, referrer/UTM, app telemetry).
  • Marketing preferences and cookie identifiers.
  • Support and feedback records.
  • Job applicant data (CV/resume, cover letter, interview notes).

B) End users of the Services (Processor context, on behalf of customers)

  • Profile and employment data (name, email, employee ID, job title, department, manager, location).

  • Time & attendance, scheduling, leave/holiday, shift data.

  • Payroll-related fields (handled only if enabled by the customer), e.g., pay group, bank details (tokenized with payment partners), deductions, tax status.

  • Documents and HR records (contracts, certificates, evaluations, training records).

  • Communications and activity in-app (messages, comments, requests, approvals, audit trails).

  • Optional/sensitive fields if configured by the customer and permitted by law (e.g., medical certificates, emergency contact, EEO/DEI data where lawful and consented).

  • Mobile and device data (app version, device OS, coarse location if a feature like geofenced clock-in is enabled).

We obtain Personal Data directly from you, from your employer, from integrations (e.g., SSO, payroll, ATS, LMS), and from public sources or vendors (e.g., fraud/abuse prevention, enrichment) where permitted.

4) Why we use data (purposes) & legal bases (GDPR)

As a controller (Sites, business operations):

  • Provide, secure, and improve Sites and Services (Legitimate interests; sometimes Contract).

  • Respond to inquiries, provide demos, and customer support (Contract; Legitimate interests).

  • Send transactional messages (Contract; Legal obligation).

  • Marketing and newsletters with opt-out/consent as required (Consent; Legitimate interests).

  • Recruit and hire (Legitimate interests; Contract; Legal obligation).

  • Comply with law, defend legal claims, prevent fraud/abuse (Legal obligation; Legitimate interests).

As a processor (on behalf of customers):

  • Deliver the Services per our Data Processing Addendum (DPA).

  • Host, store, and process HR data as configured by the customer.

  • Provide support, maintenance, analytics, and security for the customer’s environment.

  • Execute customer-controlled workflows, integrations, and exports.

California (CPRA) business purposes include: providing Services, security/fraud prevention, debugging, short-term transient use, performing services for the business, internal research for development, and quality/safety verification.

We do not sell Personal Information, and we do not share Personal Information for cross-context behavioral advertising.

5) Cookies, analytics & similar technologies

We use cookies and similar technologies to:

  • Enable core functionality (authentication, security, load balancing),
  • Remember preferences,
  • Measure Site and product usage,
  • Improve performance and features.

Where required, we request consent (e.g., via a cookie banner) and provide granular controls. You can manage preferences in your browser and in our cookie settings.

6) How we share information

We share Personal Data only as described below:

Sub-processors & vendors

Cloud hosting, databases, analytics, support tools, email/SMS providers, payment processors, identity/SSO, and other infrastructure or integrations necessary to deliver the Services.

Customer-authorized recipients

Integrations (e.g., payroll, accounting, SSO, ATS/LMS), or exports initiated by customer admins.

Professional advisors

Auditors, insurers, and legal counsel under confidentiality.

Corporate transactions

Mergers, acquisitions, financing, or asset transfers (with appropriate safeguards).

Legal compliance & safety

To comply with law, enforce agreements, or protect rights, safety, and security.

We maintain a regularly updated Sub-processor List and execute appropriate data protection terms with each provider.

7) International data transfers

We may transfer Personal Data to countries outside your own. When we do:

  • For EEA/UK/Switzerland data, we rely on Standard Contractual Clauses (SCCs) and, where applicable, the UK Addendum, plus additional safeguards.
  • If a relevant certification or adequacy decision applies, we will use it.
  • We implement technical and organizational measures to protect data during transfer.

8) Security

We employ industry-standard administrative, technical, and physical safeguards, including encryption in transit and at rest, access controls, MFA/SSO support, role-based permissions, logging, monitoring, regular backups, and third-party testing. No system is 100% secure; we encourage strong passwords, MFA, and cautious sharing.

9) Data retention

We retain Personal Data for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements, then delete or anonymize it. As a processor, we follow our customers’ instructions and retention schedules where applicable.

10) Your rights

Depending on your location, you may have rights to:

  • Access, correct, update, or delete your Personal Data.
  • Portability, restriction, and objection to processing.
  • Withdraw consent where processing is based on consent.
  • Not be subject to solely automated decisions with legal or similar significant effects.
  • Lodge a complaint with a supervisory authority.

Employees using Teamiy through an employer: contact your employer (controller) to exercise rights. We will support the controller in fulfilling your request.

California residents (CPRA): rights to know/access, correct, delete, portability, limit use/disclosure of sensitive PI, and to non-discrimination for exercising rights.

11) Children’s data

Teamiy is not directed to children under 16, and we do not knowingly collect Personal Data from them.

12) Automated decision-making & profiling

Teamiy does not make solely automated decisions producing legal or similarly significant effects. We may use usage analytics to improve features and detect misuse.

13) Third-party links & services

Our Sites and Services may link to third-party sites or integrate with third-party systems. Their privacy practices are governed by their policies.

14) Changes to this policy

We may update this Policy to reflect changes in our practices or laws. We will post the updated version with a revised “Last updated” date and, when appropriate, provide additional notice.

15) Contact us

Teamiy Privacy: support@teamiy.com

Postal: Teamiy by TechVerdi, Avenue Charles-Ferdinand-Ramuz 60, 1009 Pully, Switzerland.

EEA/UK representatives (if/when appointed) and regional contact details will be posted here.

Controller/Processor details & addenda

A) When Teamiy is the Controller (Sites, marketing, billing, recruiting)

We determine the purposes/means of processing. Legal bases include contract, legitimate interests, consent (where required), and legal obligations.

B) When Teamiy is the Processor (Services for customers)

We act under the customer’s documented instructions via our Master Subscription Agreement and Data Processing Addendum (DPA), including SCCs where relevant. We assist controllers with DPIAs, data subject requests, and incident notifications per the DPA.

Regional notices (high level)

EEA/UK/Switzerland (GDPR & UK GDPR).

Controller legal bases include contract, legitimate interests, consent, and legal obligation. Transfers rely on SCCs/UK Addendum plus safeguards. You have right to access, rectify, erase, restrict, port, object, and complain to your authority.

United States (CPRA/CCPA).

We are a “service provider” for customers’ employee data and a “business” for our own Sites/operations data. We do not “sell” personal information nor “share” it for cross-context behavioral advertising. You have right to know, access, correct, delete, portability, and limit the use/disclosure of sensitive PI.

Brazil (LGPD), Canada (PIPEDA), South Africa (POPIA), and Kenya (Data Protection Act 2019).

We process Personal Data as described, honoring applicable rights (access, correction, deletion, portability, objection, and complaint). Transfer mechanisms and contractual safeguards apply where cross-border flows occur.

Sub-processors & integrations

We engage carefully vetted sub-processors for hosting, storage, analytics, communications, support, payments, identity, and product features. Each is bound by confidentiality and data protection terms; we maintain technical and organizational measures appropriate to the risk. A current list of sub-processors and integrations is available on request (and, when published, via our Trust/Legal page).

Data security incidents

If we become aware of a security incident affecting Personal Data, we will investigate, mitigate, and notify affected customers and/or authorities as required by law and our DPA.

Join the Teamiy Journey

From HR managers in manufacturing plants to healthcare administrators and construction project leads, thousands trust Teamiy to make HR easy, efficient, and future-ready.

Discover Teamiy Today
Scroll to Top