The following is an explanation of what personal data we collect, and what happens after we collect it. Please note that GDPR refers to the General Data Protection Regulation, which is a European Union privacy and data protection regulation.
With the exception of when you contact us, we collect no personal data when you use the app. All your timers and settings are stored on your device, and we don't have access to this information unless you choose to share it with us.
When you email us (either from inside the app, or directly) your email is first sent to our email forwarding service, and then passed on to, and stored in, our email support system. Our email forwarding service is provided by Pobox, and our email support system is provided by Zendesk Inc. Any personal data you email us will only be used to collect feedback, fix bugs, and write back.
If you email us from within the app, you may opt-in to inlcuding detailed logs of your app usage. We collect this opt-in information as it greatly helps us get to the bottom of any problems you are reporting. Please note that the developers of Timeglass may download the information you have provided onto their own devices in order to help diagnose and fix any issues you have reported.
The personal data collected as part of this process includes:
When you access the Timeglass website, our website hosting provider, Netlify, logs some basic data about your devices connection to their servers, including your IP address. This is an action which is often necessary for legal reasons, and to help Netlify protect our website from attack.
We will retain your email data in Zendesk for up to 180 days. Please note that once we delete your data from Zendesk, Zendesk themselves may retain your data in the form of a backup for up to 90 days. If we are attempting to resolve an issue you have notified us about, we may have to store some of your email data locally on our own devices to do so. In this case we will delete this locally stored data within 90 days.
In general, Pobox will only retain your email data for as long as it takes to forward your email to Zendesk, and will not save a copy of your email. The exception to this is if Pobox suspects that your email may be spam, in which case it will retain your message for up to 30 days.
Netlify Inc. retains logs of website visits for at most 30 days.
Pobox is owned by FastMail Pty. Ltd. and is based in both Australia and the United States. Pobox has been licenced by us to transfer personal information worldwide, including to countries outside the European Economic Area. To provide adequate safeguards for this data transfer, we have entered into a contract with FastMail that contains European Commission approved standard data protection clauses. Please contact us if you wish to obtain a copy of these safeguards.
Zendesk is a company based in the United States that uses servers in both the US and the EEA, and has been licensed by us to transfer personal information worldwide, including to countries outside the European Economic Area. Zendesk is certified under Privacy Shield, which has been approved by the European Commission as providing adequate safeguards for the transfer of personal data to United States based companies. To provide further safeguards for this data transfer, we have entered into a contract with Zendesk that contains European Commission approved standard data protection clauses. Please contact us if you wish to obtain a copy of these safeguards.
Netlify Inc. is a company based in the United States that makes use of servers hosted worldwide, and has been licensed by us to transfer personal information worldwide, including to countries outside the European Economic Area. To provide adequate safeguards for this data transer, we have entered into a contract with Netlify that contains European Commission approved standard data protection clauses. Please contact us if you wish to obtain a copy of these safeguards.
Our legal basis for the use of Zendesk and the collection & processing of this personal data is Article 6 (1) a, b & f of the GDPR. Specifically:
Our legal basis for the use of Pobox and their collection & processing of personal data is Article 6 (1) b & f of the GDPR. Specifically:
Our legal basis for the use of Netlify and their logging of personal data is Article 6 (1) f of the GDPR. Specifically, we have a legitimate interest in having a website for the app, as it is required by Apple, provides resources for you the user, and helps us to market the app. We also have a legitimate interest that our website host logs this data, as this helps the website host to protect against online attacks against the website.
The above 'Personal data we collect' section describes which services we use to process your personal data, and the nature of the personal data that we send to each of these services. Aside from what is listed in that section, we do not share your data with anyone, unless we are required to by law. Please note that we will never sell your data.
EEA citizens & residents have the following rights regarding the personal data we collect as per the GDPR. Some non-EEA citizens and residents also have some or all of the following rights.
Timeglass is built by Cosmic Teapot Pty. Ltd., we are a two-person company based in Australia.
If you have any questions concerning the personal data we collect and how we handle it, or if you wish to exercise your rights, please email us: dataprivacy(at symbol)timeglassapp.io
We will investigate and attempt to resolve any issues or complaints, and will make every reasonable effort we can to enable you to exercise your rights, within the time periods provided by applicable data protection laws.