Data Processing Agreement
This agreement describes how Kindleye Limited processes personal data on your behalf when you use RosterProject. It forms part of the Terms of Service and applies to every customer automatically. Last updated 12 July 2026.
1. Roles
For the purposes of Hong Kong's Personal Data (Privacy) Ordinance (Cap. 486, the "PDPO"), the Customer is the data user of the personal data it puts into its RosterProject workspace, and Kindleye Limited is its data processor: we process that data on the Customer's behalf, only to provide the rostering service. This agreement is the contractual measure contemplated by DPP 4(2) of the PDPO for engaging a data processor.
2. What data we process
- Staff records: name, rank and station, date of birth and joining date (used for leave entitlements), contracted days and hours, availability, leave and day-off history, rostered shifts.
- Pay data, only if the Customer chooses to enter it (used for labour-cost projections), held behind the workspace's salary-key access control.
- Manager accounts: name and work email of the workspace's users.
The data subjects are the Customer's employees and workspace users.
3. Our commitments
- We process personal data only as needed to provide, secure, and support the service, and on the Customer's documented instructions — never for our own purposes, and we never sell it.
- We protect it with the technical and organisational measures described on our Security page (encryption in transit and at rest, database-level workspace isolation, access controls), consistent with DPP 4 (security).
- Personnel and providers with access are bound by confidentiality obligations.
- We retain personal data no longer than needed to provide the service, consistent with DPP 2(3) and s.26 PDPO (see Section 6).
- If we become aware of a data breach affecting the Customer's personal data, we notify the Customer without undue delay — target within 72 hours of confirmation — with the information needed for the Customer's own assessment and notifications.
- We assist the Customer in responding to data access and correction requests from data subjects under ss.18–24 PDPO and DPP 6 — the export and edit tools in the workspace handle most requests directly.
4. Subprocessors
We use the infrastructure providers listed on the Security page (currently Supabase, Vercel, Stripe, and Resend). Each is bound by written terms imposing data-protection obligations no weaker than this agreement. We give 30 days' notice before adding a subprocessor that handles personal data; if the Customer reasonably objects, it may terminate and export its data.
5. Where data is stored
Workspace data is stored on AWS in Singapore (via Supabase). Section 33 of the PDPO (cross-border transfer restrictions) is not yet in operation; we nonetheless contract with our subprocessors so that personal data receives protection substantially similar to the PDPO wherever it is processed.
6. Return and deletion
- The Customer can export its workspace data at any time (Dashboard → Export data).
- A lapsed subscription never causes deletion — the workspace becomes read-only and the data stays intact.
- On termination, we delete the workspace's personal data on written request within 30 days, with residual copies removed as encrypted backups expire on their own schedule.
7. Liability and law
Liability under this agreement is subject to the limitations in the Terms of Service. This agreement is governed by the laws of the Hong Kong Special Administrative Region.
8. Signed copies
This agreement applies automatically to every RosterProject customer. If your procurement process needs a countersigned copy, email support@rosterproject.com and we'll turn it around quickly.