Our business is based on selling quality software. Therefore, we have no interest in selling your data or using it for sleazy purposes. We believe that the less we know about you, the better, which is why we aim to limit the information we collect to the minimum necessary. Our intention for collecting and using your data is solely to provide you with the services you enrol for and improving these services.
We will never share your data with third parties, as long as it is not required by law or for the services we offer.
The purpose of this privacy policy (“Privacy Policy”) is to inform you in detail about:
what personally identifiable information or personal information we collect from you through our website (“www.timist.app”) and how we use such information,
what personally identifiable information or personal information we collect from you through the software application “Timist” and how we use such information,
what choices you have regarding the use of, and your ability to review and correct, the information.
For the purposes of this Privacy Policy, the terms “we”, “us” and “our” refer to the business as detailed in the Imprint, which is providing the following services: the website, which refers to the Timist Website (“www.timist.app”) and related services, and the app, which refers to the software application “Timist”. “You” refers to you, as a user of this website or the app, as applicable.
As such, we act as a Controller for the purpose of the General Data Protection Regulation (GDPR) and other data protection laws applicable in member states of the European Union.
We solely collect information that is necessary to provide you with our services and to improve our product.
Website Analytics: To understand how our customers find out about our product and services, and to improve our website, we use a self-hosted Matomo instance to collect pseudonymized data about the time of your visit, the pages you visit as well as the device and browser you are using.
Legal basis Art. 6(1)(f) GDPR.
We do not store any cookies and immediately anonymize IP adresses prior to saving them. No personal data is recorded.
If you prefer, you can still opt-out of tracking (which will place a cookie):
This website is hosted on Amazon Web Services in Germany.
Email and personal information: If you contact us via email, we will have to process your email and additional personal information, should you provide us any. We will not share your email address or use them for marketing purposes unless you have given us your explicit consent.
Subscriber information: To manage and verify your subscription, we have to process your digital purchase receipts from Apple. This includes only information about the type and time of purchase, along with a unique pseudonomyzed random user identifier, which we use to match your subscription across devices in our system.
We do not receive any contact or payment information, nor do we have access to your Apple ID. In addition, we collect data about redeemed trials and promotional codes.
We may also use this pseudonomyzed data for statistical reasons and fraud protection.
Legal basis Art. 6(1)(b) GDPR.
Usage Data (Optional): To improve our services we may collect pseudonomyzed data about your devices and how you use the app. Examples are number and types of devices you use, the operating systems installed on those devices, the version of the app and language settings.
In addition, we may also collect data about how you interact with the app, such as how many timers you add, how often you start them and which sections of the app you spend the most time in. We use this data to learn about user behavior to continually improve the app. We will never sell it to third parties. Your content, such as the names and descriptions of timers, tags and projects, are never transmitted to us.
If you do not want us to collect this data, you can disable the tracking in the applications “Settings” in the “Privacy” section (disable “Allow Pseudonomyzed Tracking”).
Legal basis Art. 6(1)(f) GDPR.
Diagnostic Data (Optional): To improve the quality of our services and to identify and solve specific problems, we occasionally solicit reports such as diagnostic reports from our customers. This is optional and requires your explicit consent.
Legal basis Art. 6(1)(a+f) GDPR.
Personal Content: Your personal content that you create within the app, e.g. your created timers and associated events, are stored locally on your device. It is not saved on our servers nor do we have access to this data.
Should you use the optional sync services, your data is synchronized with your personal iCloud storage using CloudKit (Apple service). CloudKit creates a backup of your data and syncronizes it between devices automatically. Using sync services requires you to enable iCloud. We do not have access to data stored in your iCloud account.
(Sync services may not yet be available to you.)
Subscriber Information and Purchase Statistics: Your digital purchase receipts, as well as redeemed trial and promotional codes, are stored on RevenueCat’s servers. RevenueCat enables us to validate your subscription and create purchase statistics. This data may be temporarily transferred to other devices or services for analytics purposes.
Usage and Diagnostics Data (Optional): Usage and diagnostics data are stored using pseudonomyzed user and device identifiers on Amazon Web Services servers in Germany. This data cannot be resolved to your name or other personal information. This data may be temporarily transferred to other devices or services for analytics purposes. Any pseudonomyzed user and event data is automatically deleted after 12 months. Aggregated statistics may be stored perpetually.
Customer Support Emails: Customer support emails are stored on Google’s servers, as we currently use the Google product GMAIL for customer support. This data may be temporarily transferred to other devices or services for analytics purposes.
Website Analytics Data: Website analytics data is stored on Amazon Web Services servers in Germany. Any pseudonomyzed user and event data is automatically deleted after 12 months. Aggregated statistics may be stored perpetually.
We store data as long as German law requires it and is necessary for the fulfilment of our services, or initiation of the contract, or as long as we claim legitimate interest. After that period, corresponding data is routinely deleted or anonymized. Statistical and diagnostic data is generally stored perpetually, but is also pseudonimysed to the extent possible. We are legally required to store your email for ten years.
All data is stored using standard industry practices and current encryption technologies.
Depending on your usage of our services, especially the use of this website, the app, or means of communication with us (e.g. for purposes like support), your personal data might be processed by the following services:
RevenueCat provides a service that processes purchases from the Apple App Store and enables us to manage your current subscription status, validate that you have an active subscription and analyze your purchase history for this app.
Personal Data: Purchase history and times the app was used
Country of Data Processing: USA
Privacy policy of processor: revenuecat.com/privacy
Apple provides the Apple App Store, through which the application is distributed and as such processes digital receipts for payments. In addition, should you enable sync services within the app, your content created in the app will be uploaded to Apple’s servers to enable syncing services and make your data available on all your devices.
Personal Data: Digital purchase receipts, use of promotional trials, content from the app for purposes of syncing it between devices
Country of Data Processing: Europe or USA
Privacy policy of processor: apple.com/legal/privacy
We use Google’s GMAIL service for customer support. Should you contact us via email, Google may process personally identifiable information of you, such as name or email address.
Personal Data: Name, email addresses and email content
Country of Data Processing: Europe or USA
Privacy policy of processor: policies.google.com/privacy
We may be required to provide personal data to governmental entities if it is required by law (e.g. tax regulations). We also clarify that contractual obligations may result in provision of personal data (e.g. information on a contractual partner).
By using our website or apps, you consent to our privacy policy.
Those under the age of 16, or below other age limits that require consent of a legal custodian for use of our services depending on local law, may not use the services without the consent or authorization of their parent or legal custodian.
Right of Access: You can request for us to provide you with information on how we collect, use and store your personal information, and to provide you with a copy of your personal information we store. We do not have access to personal content created in the app.
Right of Rectification: You can request that we correct information about you that is inaccurate.
Right to Delete (Right to be Forgotten): You can request that we delete information collected about you, given the following circumstances: that we are not required by law to preserve it, that it is not necessary for contract fulfilment, and that we can still identify your records.
Right to Object: You can object the processing of your information in certain cases, given that the processing is not required by law or necessary for contract fulfilment.
Right to Data Portability: Upon request, we will provide you all data under our control in a machine readable format (e.g. JSON). Should the data requested not be within our control, we will provide you with instructions to obtain your data.
If you have any further questions, please reach out to us via E-Mail. We will reply as soon as possible.
We may use the contact information you provide us, if any, to communicate with you about our product, diagnostic data, error reports, or provide you with support, should you request any.
The responsible body for the processing of personal data (“the Controller”) within the meaning of the law. Art 4 (7) GDPR:
Benedict Bartsch
Merowingerstrasse 43
52070 Aachen
Germany
Should the confidentiality of customer data be breached, we recognize it as our responsibility to our customers and the public to disclose the nature of any risk and provide a transparent account of the events without undue delay. Should the nature of the breach require it, we must inform the applicable supervisory authorities as is required by law and regulation.
There may be changes to this privacy policy, which we may make at our discretion. If you require knowledge of updates to this privacy policy, you should review this document frequently. We maintain the right to inform you about substantial changes through means of communication available to us (e.g. via email or in places like the App Store update description, within the app or through the update page on this website)
This privacy policy was last updated on January 3rd, 2020.
This privacy policy was originally published on June 21st, 2019. Te following updates have occured:
- January 3rd, 2020: Removed Google Analytics to reflect the change to self-hosted analytics on Matomo.
- January 18th, 2021: Updated principal data controller’s address.