SECURITY FIRST

Your Data.
Protected.

Enterprise-grade security to keep your shift data and earnings information safe, private, and under your control.

SSL/TLS
Encrypted Connections
bcrypt
Password Hashing
AES-256
Data Encryption
GDPR
Compliant

Security Features

Multiple layers of protection for your data

End-to-End Encryption

All data transmitted between your device and our servers is encrypted using industry-standard TLS 1.3 protocol. Your information is protected in transit at all times.

TLS 1.3 · 256-bit encryption

Secure Password Storage

Passwords are hashed using bcrypt with adaptive cost factors. We never store your password in plain text-even we can't see it.

bcrypt · Salted hashing

Optional Field-Level Encryption

For maximum privacy, enable field-level encryption for sensitive earnings data. Your financial information is encrypted at rest with AES-256.

AES-256 · Optional feature

Access Control

Your data is private by default. Only you can access your shift information. Even administrators cannot view your encrypted data.

User-level isolation

Secure Infrastructure

Hosted on enterprise-grade cloud infrastructure with regular security patches, DDoS protection, and 24/7 monitoring.

99.9% uptime · Monitored 24/7

Regular Backups

Automated daily backups ensure your data is never lost. All backups are encrypted and stored in geographically distributed locations.

Daily backups · Encrypted storage

Our Privacy Commitment

Your data belongs to you

We NEVER sell your data

Your information is never shared with third parties for marketing or advertising purposes.

You control your data

Export, delete, or modify your data anytime. Full transparency and control.

Minimal data collection

We only collect what's necessary to provide our services. No unnecessary tracking.

GDPR compliant

Full compliance with international data protection regulations.

Security Best Practices

Help us keep your account secure

1

Use a Strong Password

Create a unique password with at least 12 characters, including uppercase, lowercase, numbers, and symbols. Never reuse passwords across different services.

2

Keep Your Login Private

Never share your password with anyone. ShiftManager staff will never ask for your password. Be wary of phishing attempts.

3

Use Secure Connections

Always access ShiftManager over HTTPS. Avoid using public Wi-Fi without a VPN when accessing sensitive information.

4

Report Suspicious Activity

If you notice any unauthorized access or suspicious activity, contact us immediately at security@shift.tildaitech.co.ke

Security Questions?

Our security team is here to help. If you have questions about our security practices or need to report a vulnerability, we're here to listen.

security@shift.tildaitech.co.ke Contact Form

PGP key available on request for sensitive reports