Skip to content
Absenca

Privacy Policy

Last updated: April 2026

At Absenca, we take your privacy seriously. This policy explains how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data We Collect

We collect the following categories of personal data:

  • Account information: name, email address, and password (hashed) when you create an account
  • Organization data: company name, office locations, departments, and team structure
  • Leave management data: leave requests, balances, approvals, and related notes
  • Usage data: API request logs, feature usage metrics, and error reports for service improvement
  • Payment information: processed securely by Stripe — we never store your card details
  • Communication data: emails sent through our platform (via Resend) and support interactions

2. Legal Basis for Processing

We process your data under the following legal bases:

  • Contract performance: to provide and maintain the Absenca service
  • Consent: for optional features like email notifications and marketing communications
  • Legitimate interest: for security, fraud prevention, and service improvement
  • Legal obligation: to comply with tax, accounting, and other legal requirements

3. How We Use Your Data

Your data is used to provide the Absenca service, including leave tracking, team management, approval workflows, and reporting. We also use aggregated, anonymized data to improve our service.

4. Data Storage & Retention

Your data is stored on Cloudflare's global network with data residency in the EU. We retain your data for as long as your account is active. Upon account deletion, personal data is removed within 30 days, except where retention is required by law.

5. Third-Party Services

We use the following third-party services to operate Absenca:

  • Cloudflare: infrastructure, CDN, and database hosting (Workers, D1, Pages)
  • Stripe: payment processing for subscriptions
  • Resend: transactional email delivery
  • Google & Microsoft: optional calendar sync integrations (only when you connect them)

6. Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies. Analytics are powered by Cloudflare Web Analytics, which does not use cookies or collect personal data.

7. Your Rights

Under GDPR, you have the right to:

  • Access: request a copy of your personal data
  • Rectification: correct inaccurate or incomplete data
  • Erasure: request deletion of your personal data
  • Portability: receive your data in a structured, machine-readable format
  • Restriction: limit how we process your data
  • Objection: object to processing based on legitimate interest

8. Contact & Data Protection

For any privacy-related questions or to exercise your rights, contact us at [email protected]. We will respond within 30 days as required by GDPR.

9. Changes to This Policy

We may update this policy from time to time. Significant changes will be communicated via email or an in-app notification. Continued use of the service after changes constitutes acceptance of the updated policy.