Privacy Policy

Imprimer maintenant
Dear TIMIFY customers, dear visitors of our website,

We appreciate your trust. Therefore, the protection of your data, your personal rights as well as the observation of your right to informational self-determination in collection, processing and use of your personal data is important to us. By the following declarations we inform you what data of yours we collect and process in connection with the use of our website. You can find a short outline in our data protection notes.

TerminApp GmbH, Balanstrasse 73, building no. 24, 3rd floor, 81541 Munich, Germany, represented by the managing director Mr. Andreas Knuerr, is responsible for data privacy on this website. You can call us at +49 (0)89 - 411 4715 51 or write an email to info@timify.com. You can contact our data protection officer via the above-mentioned address under TerminApp GmbH, Data Protection Officer, as well as by phone at +49 (0)89 - 411 4715 51 or via email: dataprivacy@timify.com.
 

1. Matter of this Privacy Policy

The matter of this privacy policy is the information on what personal data are collected via the website – retrievable from timify.com – and for which purpose it is processed. Insofar as we link to other pages, we have neither influence nor control over the linked contents and the data protection regulations there. We recommend to check the privacy policies on the linked websites in order to see if and to what extent personal data are collected, processed, used or made accessible to third parties there.
 

2. Definitions and Terms

First you get a selection of some legal definitions helpful to you for understanding the privacy policy. The complete text of the General Data Protection Regulation (GDPR) including further definitions and terminology can be found at the following link.
  • Personal data: Any information relating to an identified or identifiable natural person (hereafter “impacted person”); a natural person is considered identifiable if he/she can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or several factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  • Processing: Any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, acquisition, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, distribution or any other way of provision, matching or connection, restriction, delete or destruction.
  • Controller: Refers to the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for his/her/its nomination may be provided for by Union or Member State law.
  • Recipient: Refers to a natural or legal person, public authority, agency or another body, to which personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the context of a particular request in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection regulations according to the purposes of the processing.
  • Third party: This is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the di-rect authority of the controller or processor, are authorised to process personal data.

3. Categories of personal data processed on our website

3.1. Viewing the website - Generating so-called logfiles

Personal data
IP address, cookie identifier (cookies)

Data processing description and purpose
Upon your viewing the website, TIMIFY collects so-called access data and saves those in a so-called logfile. These access data include the IP address. In addition, we save the name of the website you called up, the viewed file, the date and time of the accessing, the trans-ferred amount of data and the report of successful accessing, the browser type and version, the operating system, the so-called referrer URL (the page visited before) as well as the requesting provider in the logfile. However, from these data an inference to you as a person is not possible.

In addition, so-called cookies are placed on your terminal (laptop, tablet, smartphone or PC) upon viewing our website. For details on the cookies used on the website, their specific purpose as well as instructions how to delete those cookies, please see the cookie and opt-out notes.

We collect the logfile data, including the IP address, in order to guarantee the website´s smooth establishment of connection and to enable the users´ comfortable use of our website. In addition, the logfile serves to analyze system security and stability as well as administrative purposes. Cookies also enable us to make the use of our products and our website more comfortable for the visitor e.g. by using the cookies to see if you have already visited an individual page of our website. With the help of cookie identifiers we also obtain information about user behavior on our website or the search requests used to get to our website and we can adapt the offer to the user´s interests in future visits.

Interest in data processing
The logfiles, including the IP address, only serve the website´s technical and artistic optimization and the security of our systems (e.g. in the context of an attack on our IT or a security incident). We can make no personal connection from the logfile data, including the IP ad-dress, when our website is viewed. This is only possible if you log into your customer account at the same time. In that case, we can assign the IP address directly to you. With the help of the cookie identifier, we learn, for example, if and to what extent you have already visited our websites, if you have already signed up with us with a certain identifier and when you returned to it. For details and information on how cookies can be deleted, please see the document cookie and opt-out notes.

Recipients and processors of data
We host our website and the shop in our own data center as well as at an external provider.
 
ProviderData processing purposeDetails on provider & data protection notes
Amazon Webservices Inc.,
410 Terry Drive Ave North,
WA 98109-5210 Seattle, USA
Hosting and Backup Data processing only takes place at the Amazon Webservices data cen-ters located in Europe.https://aws.amazon.com/de/data-protection/
https://aws.amazon.com/de/compliance/eu-data-protection/
https://aws.amazon.com/de/compliance/data-center/data-centers/
Privacy Shield


Duration of data retention
The logfiles, therefore the included IP address, are automatically deleted two (2) months after collection. Before, however, the IP address is anonymized and stored for administrative (technical) purposes only.

Legal basis
Art. 6 section 1 f) GDPR

Provision mandatory or required
The provision of the afore-mentioned personal data is neither mandatory by law nor by contract. However, without the IP address and the cookie identifier, our website´s service and functionality might not be guaranteed or individual services might be unavailable or limited.
 


3.2. Viewing the website - Web analysis

Personal data
IP address, cookie identifier (cookies)

Data processing description and purpose
On our website, we use so-called tracking or web analysis tools, meaning the collection of access data on our website and the analysis of our visitors´ behavior for the purpose of optimizing our choice of products.

With the help of these tools, we can analyze how and where from the visitors come to our website, which sections of a website are visit-ed particularly often and how often and how long which subpages and categories are looked at. In addition, we can determine which search keywords and websites a user entered and analyze how many users in total visit our pages and which information or offers are most popular. The goal is to be able to shape our products and our website user-friendly with the help of the hereby obtained findings.

Interest in data processing
From statistical evaluation of user profiles, we can derive statements about our websites´ way of functioning and success, e.g. answers to questions how often information sites on certain product groups were called up or how many visitors clicked on certain offers. With the help of tracking tools, we can adjust our products to our customers, visitors and anyone interested more specifically. For details on pro-viders, way of functioning as well as information on how you can delete the cookies used hereby and prevent tracking, please see the cookie and opt-out notes.

Recipients and processors of data
On our behalf, the following providers of tracking or web analysis tools process the access data for us for the purpose of user analysis and statistical editing. For that, we have concluded the respective data processing contracts with the providers. For further details on the tools´ technical way of functioning as well as information on how you can prevent tracking please see cookie and opt-out notes.
 
ProviderToolDetails on provider & data protection notes & privacy shield
Google Inc.
1600 Amphitheatre Parkway,
Mountain View, CA 94043, USA
Google Analytics
GA Audiences
http://www.google.com/policies/
https://support.google.com/analytics/answer/6004245?hl=de
Privacy Shield


Duration of data retention
For details on cookies and the technologies used in the context of these tracking tools, their storage time and information on how you can delete those data, please see the cookie and opt-out notes.

Legal basis
Art. 6 section 1 f) GDPR

Provision mandatory or required
The provision of the afore-mentioned personal data is neither mandatory by law nor by contract.

Profiling
With the help of tracking tools, the website visitors´ behavior and interests can be analyzed. For that, we create a pseudonymous user profile. If you additionally log into your account with your user data, we can draw conclusions to you as a person from that profile information.
 


3.4. Section: Viewing the website - Advertising

Personal data
IP-Adresse, Cookie-Kennung (Cookies)

Data processing description and purpose
In addition, so-called ad tracking tools are used on the website. With the help of those ad tracking tools we can show or have shown indi-vidual advertising on our websites chosen according to the visitors´ preferences (automated). Technically, ad tracking usually works via ad IDs, in which profiles of users are created i.a. via cookies by advertising network providers and upon viewing a website, the ad is placed on the basis of the cookie profile. By using tracking pixels on various websites, cookies are stored on users´ terminals by the advertising partner upon a user´s first visit to the advertising partner´s website. Due to such remarketing offers, a user can be “followed” on the internet and he can be shown offers that are (supposedly) particularly interesting to him. Often, tracking is done via so-called browser finger-prints using information such as the individual setting of screen resolution, color depth, time zone and installed plugins in order to recog-nize users or user groups.

Interest in data processing
With the help of ad tracking tools, we can aim our choice of products more specifically at our customers, visitors and anyone interested. With the help of ad tracking tools and the connected ad placement, we or third parties can, at the same time, earn money from the ads. In addition, based on user behavior, we can determine which sectors of our website might be of particular interest to visitors in order to show specific advertising. The ads are shown themed according to a website´s focus and a user´s corresponding addictive behavior. This way, those ad tracking tools can analyze where the visitors come from, which sectors of a website are visited and how often and how long which subpages and categories are looked at. Commonly used advertising is e.g. retargeting or remarketing, addressing a user at other times and at other places on the net once again, e.g. by showing products they visited before on other websites or which could be of interest to a user. Please find details and further specifics about the providers of those tools at cookie and opt-out notes.

Recipients and processors of data
On our behalf, the following providers of web analysis tools process the access data for the purpose of user behavior analysis and individ-ual advertising. For that, we have concluded the respective data processing contracts with the providers. For further details on the tools´ technical way of functioning as well as information on how you can prevent tracking please see the cookie and opt-out notes.
 
ProviderToolDetails on provider & data protection notes
Google Inc.
1600 Amphitheatre Parkway,
Mountain View, CA 94043, USA
Google AdWords User list
Google Double Click
Google Ad Exchange
Google Dynamic Re-marketing
http://www.google.com/settings/ads
http://www.google.com/privacy/ads/
http://www.google.com/policies/
http://www.google.com/policies/technologies/ads/
Privacy Shield


Duration of data retention
For details on cookies used in the context of these tracking tools, their storage time and information on how you can delete those cookies, please see the cookie and opt-out notes.

Legal basis
Art. 6 section 1 f) GDPR

Provision mandatory or required
The provision of the afore-mentioned personal data is neither mandatory by law nor by contract.

Profiling
With the help of ad tracking tools, the website visitors´ behavior and interests can be analyzed. For that, we or the mentioned advertisting partners create a pseudonymous user profile.
 


3.5. Section: TIMIFY registration and log-in - Service Provider

Personal data
Email address, first and last name, address, company, home country, login data for registered customers; IP address, cookie identifier; customer statistics, vacation days and sick days, customer and accounting data, mobile phone number

Data processing description and purpose
If you register with us as a service provider, we process your data in order to provide your customer account. With the help of the entered data we can grant you access to your TIMIFY user interface. Via this account, you can create your profile, populate appointments, services and staff data and analyze booking behavior with the help of our statistics tools. Via the dashboard, you can also e.g. adapt the appoint-ment booking solution to your individual desires and preferences. If you have a customer account, we need your login data in order to verify your customer account.

Interest in data processing
We do not pass on your customer data to third parties.

However, we collaborate with a professional service provider who gives us the opportunity via his platform to offer you support and sup-porting features connected to the use of your account, including e.g. support requests or technical problem solutions arising in the context of the use of your TIMIFY account. In order to guarantee optimal support, that service provider processes the email address, first and last name, address, company as well as home country and mobile phone number on our behalf, so that we can enable a smooth assignment of your request. The collaboration is only based on a data processing contract and the certainty that your data are highly protected against unauthorized access.

As a provider of our appointment booking solution, we see ourselves as your data processor underlying the requirements of art. 28 GDPR. That means that we process all abovementioned data without exception on your behalf, in compliance with your advice and only for the purpose of providing the account and the appointment booking solution. We always guarantee highest data security standards. Please find further information in our contract on data processing.

Your payment data (in a premium or enterprise account) are transferred to the respective payment service provider according to the pay-ment method you chose. The payment service provider carries the responsibility for your payment data. Please find information, in particu-lar on the payment service providers´ responsible office, the contact data of the payment service providers´ data protection officer and the categories of personal data processed by the payment service providers, at https://www.timify.com/pages/terms-of-use-smb/.

Recipients and processors of data
 
ProviderToolDetails on provider & data protection notes
Intercom, Inc.
55 2nd Street, 4th Floor,
San Francisco, California, 94105, USA
Intercomhttps://www.intercom.com/de/terms-and-policies
Privacy Shield
Appcues Inc.
54 Canal Street, 5th Floor,
Boston, MA 02114, USA
Appcueshttps://www.appcues.com/privacy
Privacy Shield


Duration of data retention
We store your account data for the duration of your customer account´s existence or until you ask us to delete them. We process or de-lete invoices and order confirmations with due regard to the tax and trade law retention periods applicable here, as long as you have not agreed to further use of your data. You can delete your customer account yourself via your account or by sending a message to the con-tact options specified below.

Legal basis
Art. 6 Abs. 1 b), f) DS-GVO

Provision mandatory or required
Die Bereitstellung der o. g. personenbezogenen Daten für den Account ist vertraglich vorgeschrieben. Andernfalls ist die Bereitstellung der Terminbuchungslösung nicht möglich.
 


3.6. Section: TIMIFY appointment bookings - Appointment bookers

Personal data
Email address, first and last name, mobile phone number, login data for registered customers

Data processing description and purpose
If you are an appointment booker, you have the possibility to make appointments with self-chosen service providers and make contact with the service providers. For that, you can either register or use the guest access. If you have a customer account (no guest access), we need your login data (email address and password) to verify your customer account. (art. 6 section 1 b), f) GDPR).

Facebook Connect:

As an appointment booker, you can log into your account using your Facebook login data (Facebook Connect). Facebook Connect is a service enabling users of the social network Facebook to log into our websites with their Facebook profile without having to create separate accounts there. In order to be able to use the plugin Facebook Connect used here, you need a Facebook account. Using that tool, at least the full name is connected with our account. The user is shown further details in a pop-up. We neither have influence on the collect-ed data and data processing processes, nor do we know the full extent of data collection, processing purposes, storage periods. Neither do we have any information on the plugin provider deleting collected data. On our part, login data and your IP address are transferred to the network. If you decide to register with Facebook Connect and click the button “login with Facebook” / “connect with Facebook”, you will be automatically taken to the Facebook platform. There, you can sign in with your usage data. After successful authentication, a con-nection is made between the Facebook profile and our website, enabling the transfer of data. Now you can use our website´s services without having to record a separate profile with personal data there. Please note that via Facebook Connect, Facebook receives information about the application or website including which actions you perform. In order to personalize the process of establishing a connec-tion, there is the possibility that Facebook, in some cases even before authorizing the application or website, receives a limited amount of information. The data collection´s purpose and extent and Facebook´s further processing and use of the data as well as your rights and setting options to protect your privacy please find in the privacy policy at: http://www.facebook.com/policy.php. We use Facebook Con-nect in order to receive information from our customers on which interests exist that make sense for our choice of products and services. By automated data updating via the Facebook profile we mainly receive current data and can generate a higher number of registered cus-tomers due to the simplified login process. More customers create a customer account if they do not need a new, additional account for that (art. 6 section 1 f) GDPR).

Recipients and processors of data
We do not pass on your customer data to third parties.

As a provider of our appointment booking solution, we see ourselves as a data processor underlying the requirements of art. 28 GDPR. That means that we process all abovementioned data without exception on your behalf, in compliance with your advice and only for the purpose of providing the account. We always guarantee highest data security standards.

Duration of data retention
The personal data you recorded in your account are available to you for the duration of your account´s existence and are stored by us for that period. The personal data are deleted if you do it yourself with regard to individual data or if you ask us to do it. Apart from that, how-ever, we delete them 5 years after the last appointment booking or login to the customer account at the latest.

Legal basis
Art. 6 section 1 b), f) GDPR

Provision mandatory or required
The provision of the aforementioned personal data for the account is mandatory by contract. Otherwise, appointment booking is not pos-sible. For guest access, we do not need any login data. Using Facebook Connect is not possible without entering the login data.
 


3.7. Section: Newsletter - News

Personal data
Email address, first and last name

Data processing description and purpose
If you sign up for our email newsletter, we will regularly send you information on our choice of products, special offers or news about Timi-fy. Mandatory details for sending you the newsletter are your email address as well as your name in order to be able to address you per-sonally. For sending the newsletter, we use the so-called double opt-in process, meaning that we do not send you an email newsletter until you have expressly confirmed that you consent to the newsletter mailing. For that, we send you a confirmation email asking you to click on a respective link in order to confirm that you want to receive newsletters from now on. Not until you activate the confirmation link do you give us your consent to use your personal data. The data are used exclusively for purposes of promotional approach by way of the newsletter.

When we send out the newsletter, we also automatically analyze your user behavior. For this analysis, the sent emails contain so-called web beacons or tracking pixels which help us determine that you received the newsletter, opened it and clicked on the links deposited in the newsletter. With data collected like that, we create a user profile in order to customize the newsletter to your individual interests. We might connect those data by use of tracking with actions performed by you on our website.

Recipients and processors of data
On our behalf, the following newsletter tool provider processes the data for the purpose of mailing and user analysis or statistical prepara-tion for us. For that, we have concluded the respective data processing contract with the provider.
 
ProviderToolDetails on provider & data protection notes
Intercom, Inc.
55 2nd Street, 4th Floor,
San Francisco, California, 94105, USA
Intercomhttps://www.intercom.com/de/terms-and-policies
Privacy Shield


Duration of data retention
t any time, you may object to receiving newsletters and therefore to the processing of your abovementioned data for the purpose of email advertising. If you do not wish to receive any more emails, you may click on the so-called “unsubscribe link” in every email or contact us at dataprivacy@timify.com. There are no extra costs for this apart from transmittal fees according to the base rates. The legitimacy of processing on the basis of consent until your objection remains unaffected. You may object to tracking at any time by clicking on the sep-arate link provided in every email or by informing us through another way of contact. By that, you are deregistered from the newsletter as well. Until then, the data are stored as long as you subscribe to the newsletter. After deregistration, we store the data purely statistically and anonymously.

Legal basis
Art. 6 section 1 a), f) GDPR

Provision mandatory or required
The provision of personal data is neither mandatory by law nor by contract. However, without indicating the email address, mailing or re-ceiving the newsletter is not possible.
 


3.8. Section: Contact - TIMIFY support

Personal data
Email address, message

Data processing description and purpose
On our website, we use contact and chat features in order to communicate with our customers and anyone interested and to reply to their requests and inquiries. We process such requests and information addressed to us in order to handle your request and to make contact with you. At the same time, the data serves to match your profile, if you register as a customer with the same data. We also use your contact form data, including the request itself, to create offers.

Recipients and processors of data
The contact and chat features are supplied by the following providers, with whom we have concluded the respective data processing contracts.
 
ProviderToolDetails on provider & data protection notes
Intercom, Inc.
55 2nd Street, 4th Floor,
San Francisco, California, 94105, USA
Intercomhttps://www.intercom.com/de/terms-and-policies
Privacy Shield


Duration of data retention
We use the data until the respective conversation with you has ended. The conversation has ended, if it can be understood from the cir-cumstances that the respective situation has been clarified conclusively. In addition, we store the communication until we are asked to delete it, however not longer than 5 years after the last contact or login to the customer account. You may object to the consent to data processing at any time without affecting the legitimacy of processing made on the basis of consent until objection.

Legal basis
Art. 6 section 1 a, b) GDPR

Provision mandatory or required
The provision of personal data is neither mandatory by law nor by contract. However, without the information, the request cannot be processed.
 
 

4. Your rights

You have the right to request at any time a confirmation by TIMIFY if we process your personal data and the right to information about those personal data. Your right to correction, deletion and limitation of data processing, as well as the right to object at any time to the processing of personal data or to revoke at any time the consent to data processing or to request data transfer. Please address all requests for information, information inquiries, revocations or objections to data processing via email to our data protection officer or to the abovementioned contact details. In addition, you have the right to complain to a supervisory authority in case of privacy breaches.

Last updated on: 24.05.2018
Rejoignez 1000 sociétés de 1 pays différents !