When using TimeTurtle.app, we collect some of your data. Since we sincerely care about privacy, we collect as little data as possible and handle your data with care.
What data do we keep and why?
When you are visiting this website
When you create an account
To provide our service, we need to be able to identify you. We do this based on your email address, and make use of a service (Auth0) to handle authentication. When you sign up with TimeTurtle, you effectively create an account at the authentication service. They provide us with a special token that includes your email address, which we use to connect you to the correct database.
When you upgrade to a paid account
When you upgrade to a non-free account, you may need to supply the payment provider with certain details in order to fulfill payments. The collection of this information is required by law and must be stored for a certain amount of time. No more data is requested than necessary, and your data will be treated with care.
When you use the TimeTurtle app
When you use the TimeTurtle application, the time tracking records that you create are send to the server and stored in a database. This makes it possible for you to use TimeTurtle on different devices, and you don't have to worry about maintaining your data. This is all essential in order to provide our service.
These data are also backed-up on a regular basis, so that they can be recovered in the event of a failure. It may also occur that some data ends up in log messages. We need those logs to investigate when something is off. These logs are purged about each month.
How do we protect your information?
All communication between your browser (the application) and the server is encrypted via Secure Socket Layer (SSL).Your personal data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. Further, we use appropriate security measures to access the systems related to our service, such as SSH keys and multi-factor authentication.
With whom do we share your data?
We do not sell, trade, or in any other way share your personal data with others, unless required by law. Note that as part using TimeTurtle, you may need to provide some personal information to the authentication service (Auth0) and the payment provider, as mentioned above.
We may share or publish generic aggregated information not linked to any personal data. We may for instance make plots of the average activity of our users as a whole to get insight into how the TimeTurtle app is used.
How long do we keep your data?
Keeping your data safe is part of our service. Therefore we keep your data until you ask us to delete it, or until the TimeTurtle service closes down.
Your rights regarding privacy
The GDPR declares that you may:
- Get informed about what personal data we store and process.
- Get access to most data that we have of you (see GDPR Article 15 for more details).
- Correct or remove personal details that are incorrect.
- Request that we do not use your data (we need to store it to provide the service, but you can request us to never process it in any other way).
- Request that we delete all your data.
To exercise these rights, contact us via the support page. Note that exercising some of these rights might make it impossible/impractical to provide our service to you. Especially since we already strive to store the minimum amount of data.
Questions regarding this policy can be asked via the support page.
This document was last updated on 19-05-2019.