When signing up for or using Timely you are entrusting Timely with the protection and sensitivity of your information, and that of your customers. This is a responsibility we take very seriously. This document is intended to outline what we collect, how we store it, what we do with it, and what your rights are as it relates to that data.
This privacy policy is intended to apply to individuals or entities who use Timely’s websites, mobile applications, products and services (collectively, “Services”).
OUR RELATIONSHIP TO YOU
To understand Timely’s data protection obligations and your rights to your Personal Data under this Policy, it is important that you identify which relationship(s) you have with Timely.
“Users” or “User” refers to the registered users of the Timely Services, including Users with both paid and free or trial accounts. Timely has a “data controller” or direct relationship with Users using and accessing the Services with regard to their own Personal Data. (Authorised users of a Users’ Timely paid, free, and/or demo account are collectively and individually referred to as “Users.”)
“End Customers” refers to individuals doing business with a User utilising Timely Services and/or whether your data was entered by the User or whether the End Customer enters it on a form hosted by Timely on behalf of a User, or via a Timely application on a third-party site such as Facebook or Instagram. Timely has a “data processor” relationship with any End Customer and will collect End Customer Personal Information solely on behalf of Users. The End Customer agreement with the relevant User should explain how the User shares End Customer Personal Information with Timely and other third parties, how End Customers can request a change or deletion of their Personal Information, and how End Customers can exercise any other data privacy right conferred upon them by applicable laws and regulations. End Customers should direct any data privacy questions to the Timely User with which they do business.
“Visitors” refers to any individual accessing public Timely websites (“Sites”) as well as to any individual submitting Personal Data via the Sites for any reason including, but not limited to submitting a “contact us” or other online inquiry form, subscribing to a newsletter or blog, registering for a demo or webinar, or completing an online survey. Timely has a “data controller” or direct relationship with all Visitors accessing or submitting Personal Data via the Sites for any reason.
PERSONAL DATA
“Personal Data” means any information stored by Timely that could lead to an individual person being identified either directly or indirectly. This may include but is not limited to name, email address, phone number, street or postal address, IP address etc. We may create anonymous records from Personal Data for certain business purposes of Timely and our Affiliates as defined below. Any information that is anonymised or aggregated is no longer Personal Data and we may indefinitely use it, share it and retain it for any reason.
By registering for Timely Services Users acknowledge the collection, transfer, storage, processing, disclosure and other uses of their Personal Data as outlined in this Privacy Policy. By visiting and interacting with the Timely Sites, Visitors acknowledge the collection, transfer, storage, processing, disclosure and other uses of their Personal Data as outlined in this Privacy Policy. By interacting with Timely Services offered to them by Users, End Customers acknowledge that Timely is collecting, transferring, storing, processing, and disclosing their Personal Data solely on behalf of Users as a Data Processor and that the relevant
User is wholly responsible for protecting their Personal Data, responding to their Personal Data requests, and complying with all application data privacy laws and regulations in relation to End Customer Personal Data.
Any of the information we collect from you may be used in one of the following ways:
We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information.
All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorised with special access rights to such systems, and are required to keep the information confidential.
Timely sends billing information, product information, Service updates and Service notifications to you via email. Our emails will contain clear and obvious instructions describing how you can choose to be removed from any mailing list not essential to the Service. Timely will remove you at your request.
Personal Data we collect may be shared with a variety of parties depending upon the purpose for and context in which that information was provided.
We will share your Personal Data in accordance with your consent for us to do so. By utilising any Timely Services, End Customers consent to their Personal Data being shared with both Timely and the Timely User with which they are doing business.
Timely works with a number of third parties and partners who help us provide the Timely Services to our Users. Examples include hosting services, accounting services, business intelligence platforms, email and SMS partners, customer relationship management services, customer support platforms and more. In order to supply the Timely service Timely may send them Personal Data for storage or processing. In all cases where we share Personal Data with third parties, we will use a “minimum necessary” standard to disclose only that information required for satisfying the purpose of or performing the service for which the information is disclosed. Timely has taken steps to ensure that each partner or third party involved treats the Personal Data in accordance with all privacy laws and regulations applicable to our Users.
In order to streamline certain business operations, develop products and services that better meet the interests and needs of our customers, and inform our customers about relevant products and services, we may share a User’s or Visitor’s Personal Data with any of our current or future affiliated entities, subsidiaries and parent companies (“Affiliates”). Users and Visitors hereby agree to our sharing some or all of their information and Personal Data with our Affiliates. We never share End Customer Personal Data with Affiliates.
We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.
Non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Other than stated above, we do not sell, trade, or otherwise transfer Personal Data to outside parties.
We will retain your information and your client’s information for as long as necessary for us to provide you a service, to comply with our legal obligations and to fulfil any business need we may have.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Occasionally, at our discretion, we may include or offer third party products or services on our website. By opting to take up these third party products you agree to Timely providing your information to these third parties and you acknowledge that these third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
To quickly and efficiently resolve customer support issues related to your account, you consent to us logging into your account from time-to-time. If you do not wish us to access your account, then you may notify us in writing.
To bring you Services, we operate globally. In order to do so, your personal information may be transferred to, and processed in countries other than the country you live in, outside of your home country, including to Australia, New Zealand, United Kingdom and the United States. These countries may have laws different to what you’re used to. Rest assured, where we disclose Personal Data to a third party in another country, we put safeguards in place to ensure your Personal Data remains protected.
Specifically, Timely hosts data with Microsoft Azure in the United States and in Australia. This means that your personal information will be transferred to the US or to Australia. The servers on which personal information is stored are kept in a controlled and secure environment.
European Economic Area (EEA) users: This means that your information may be transferred outside of the EEA. Where your personal information is transferred outside the EEA, it will only be transferred to countries that have been deemed to provide adequate protection for EEA information (like New Zealand and Australia), or to a third party where we have approved transfer mechanisms in place to protect your personal information – i.e., by entering into the European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US based third parties).
Australian users: The third parties we share data with do not control, and are not permitted to access or use your Personal Data, except for the limited purpose it was provided. This means that, for the purposes of Australian privacy legislation and Australian users, Timely does not disclose Personal Data to third parties located overseas
RIGHTS
Users and Visitors with whom Timely has a data controller relationship have the following rights in relation to their Personal Data, in each case to the extent required/permitted under applicable law, and subject to our rights to limit or deny access or disclosure under applicable law.
End Customers and other consumers who do business with Users utilising Timely Services must contact the User(s) utilising Timely Services to exercise these rights. End Customers can request that the User provide you with access to your Personal Data that Timely stores on its behalf, that it make changes to that Personal Data, and/or that the Personal Data be deleted from Timely systems. Timely cannot honour such requests directly from End Customers but will assist Users with honouring them.
Access: Users and Visitors with whom Timely has a data controller relationship, may request a list of your Personal Data that we process by submitting an official request in writing via email to [email protected].
Rectification: Users and Visitors with whom Timely has a data controller relationship may correct any Personal Data that we hold about you by emailing us at [email protected] and indicating both the inaccurate and corrected information. Users may also log in to their Timely user account and modify their Personal Data.
Erasure/Deletion: Users and Visitors with whom Timely has a data controller relationship may request that we delete their Personal Data from our systems once per year by making an official request in writing via email to [email protected] and indicating the specific information they would like permanently deleted from our systems. Note that Users who request removal of their Personal Data will no longer have access to any existing Timely account and will not be able to use any Timely product or service. Timely reserves the right to retain certain account information for its recordkeeping or compliance purposes.
Users may also login to their Timely user account and delete any Personal Data for themselves, other Users of their Timely account, or End Customer Personal Data to which they have access. However, to ensure that Personal Data is completely removed from our systems, Users must submit an official request in writing to Timely at [email protected], as using a system delete function may merely restrict viewing that data from any system interface and prevent utilising that data for any system function rather than permanently deleting it.
Data Export: Users and Visitors may request a copy of their Personal Data in a common portable format of our choice by submitting an official request in writing via email to [email protected].
Timely will process requests from Users and Visitors to exercise any of the following rights within 30 days of receipt. We may require that Users and Visitors provide additional Personal Data to exercise these rights, e.g. information necessary to prove their identity. We also reserve the right to retain this additional information for our recordkeeping or compliance purposes.
CHOICES
It is possible for you to access and use the Timely Sites without providing any Personal Data, but you may not be able to access certain features or view certain content and some portions of the Sites may not function properly. You must provide Personal Data in order to utilise the Services. You have the following choices regarding Personal Data we process:
Consent: If you consent to processing you may withdraw your consent at any time to the extent required by law.
Deactivation/Cancellation: If you wish to deactivate your Timely account, you may do so by logging into your Timely account and following these instructions.
Mobile Opt-Out: You may opt-out of all information collection from your mobile device by uninstalling any Timely App. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.
Marketing Opt-out: You may opt-out of receiving marketing communications from us by following the opt-out instructions included in such communications. Any communications from us that are not service-related or transactional in nature will offer you an “unsubscribe” option. To the extent required by law, you may choose to opt-out of sharing Personal Data with third parties. You may also exercise your opt-out rights by emailing [email protected].
Cookies: If you do not want information collected through the use of cookies or similar technologies, you can manage/deny cookies (and certain technologies) using your browser’s settings menu or by using a variety of other browser-based tools.
YOUR EUROPEAN PRIVACY RIGHTS
In addition to the rights listed above, if you are in the EEA you also have rights to:
For more information about your European Privacy Rights, please see our GDPR help guide.
If you’re not happy with how we are processing your personal information, you have the right to complain to your local information protection authority. Your local data protection authority will be able to give you more information on how to submit a complaint.
You can request to exercise these rights by emailing [email protected]. We will process your request within 30 days of receiving your request. Note that we may require proof of identification before we process your request.
Our Services are not directed to children, and you may not use our Services if you are under the age of 18. You must also be old enough to consent to the processing of your Personal Data in your country (in some countries we may allow your parent or guardian to do so on your behalf).
By using our site, you consent to our privacy policy.
If we decide to change our privacy policy, we will post those changes on this page.
If you have any questions regarding this privacy policy, email us at [email protected] or post your questions to the address below:
P.O. Box 13112
Dunedin 9018
New Zealand