How we handle your data
Last updated: 7 July 2026
Everything on one page for office managers. If you want the formal versions, see Privacy policy and Terms of service.
Where it lives
Your organisation's data is stored in a UK/EU region on managed cloud infrastructure with encryption at rest and in transit. Attachments (like fit notes) are held in a private bucket and only served through short-lived signed URLs.
Who can see what
- Employees see their own leave, sickness and profile.
- Managers see the requests they need to approve and their team calendar (sickness shown anonymously as "Absent").
- Admins see everyone in their organisation. Admins from other organisations can never see your data.
- Leavo staff do not access customer data unless you ask us to help support a specific issue.
Audit trail
Every meaningful action — request created, approved, rejected, sickness logged, attachment deleted — is written to an audit log that admins can view and export as CSV.
Export
Admins can export the whole organisation's data as a set of CSV files from Settings → Data & privacy. Individual employees can request a copy via their admin.
Deletion
Admins can request full organisation deletion from Settings → Data & privacy. Once confirmed, we remove your data within 30 days, keeping only what the law requires (e.g. SSP-related records for their statutory minimum period).
Sub-processors
We use a small set of infrastructure providers to run Leavo (hosting, database, transactional email, error monitoring). Full list on request.
Questions
Email privacy@leavo.app.
