Privacy Policy
Last Updated: 1 April 2023
This Privacy Policy describes the personal data which TimeZest, Inc collects, processes and stores, how TimeZest protects that data, and the legal basis, as well as your rights, in relation to doing so.
For the purposes of the California Consumer Privacy Act (CCPA), this Privacy Policy is a Notice of Collection, that informs consumers, at or before the time of collection of consumers’ personal information, of the categories of personal information TimeZest collects from them, and the purposes for which it will be used. This Privacy Policy also details TimeZest’s online and offline practices regarding the collection, use and disclosure of personal information, and the rights of consumers regarding their personal information pursuant to the CCPA.
Definitions
TimeZest collects different data from different groups of people, which we define here:
- Customers means the companies and individuals who have and use a TimeZest account, and includes their employees, contractors and agents.
- End Users means the individuals who use TimeZest to schedule appointments with our customers
- Visitors means data subjects, who may also be End Users or Customers, who visit or use the Website.
The TimeZest Website includes the marketing website at https://timezest.com, the scheduling application, our help center at https://help.timezest.com, and other internet sites, services and products that TimeZest may use.
Applicability
This Privacy Policy applies to personal data TimeZest collects when you visit or use our Website as described in the “What Data does TimeZest collect” section of this Privacy Notice below. TimeZest is the controller of that Personal Data. This Privacy Notice does not apply to personal data within Customer data, such as information a Customer collects about an End User when an End User books an appointment using the Website.
We process Personal Data within Customer Data on our customers’ behalf as a processor or service provider. If you are an End User and have questions about how your data is processed by our Customers or wish to exercise your rights with respect to that data, you must reach out to the Customer who collected your information.
If you contact us about personal data within Customer Data, we will promptly notify the relevant Customer who collected your data of your inquiry.
Why TimeZest collects your data
As a Visitor, TimeZest collects your data so that we can provide the Website to you, maintain the security and performance of the Website, respond to any inquiries you make, and proactively contact you regarding sweepstakes, promotions, TimeZest products and services and to provide other notifications to you. We may also use the data you provide to understand usage and improve the Website or other TimeZest products.
For the purposes of the GDPR, the legal basis for collecting your data as a Visitor is that the processing is necessary for the legitimate interests of TimeZest, and/or that the Visitor has given their consent to the processing of their data (for example, by submitting data entered in a contact form), and/or to comply with our legal obligations. Only for the processing of Visitor data is TimeZest a Data Controller as defined in the GDPR.
As an End User or Customer, TimeZest collects your data so that it can provide the Website, maintain the security and performance thereof, and respond to inquiries, and otherwise perform the requirements of TimeZest’s contractual arrangements with our Customers.
For the purposes of the GDPR, TimeZest is a Data Processor acting under a contractual arrangement with our Customers, who are the Data Controllers for your data. The legal basis of TimeZest’s processing is that it has a contractual arrangement with our Customers to process your data.
More generally, TimeZest may use the personal data we collect where necessary to comply with laws, lawful requests, and legal processes such as subpoenas, investigations or requests from government authorities. TimeZest will also generally use the personal data we collect for compliance, fraud protection and safety purposes.
What data does TimeZest collect?
TimeZest collects information about you both directly, and automatically when you use the Website.
Directly-collected information includes the following:
- From End Users: Your name, email, phone number and other information that a Customer may configure TimeZest to request and process when you schedule an appointment.
- From Customers: The names and email addresses of your employees, contractors and agents who use TimeZest, as well as details of appointments in any calendar connected to TimeZest. Additionally, if you subscribe to a paid TimeZest account, we will collect your billing address and payment information, although this will be stored securely only with our payment processor. TimeZest may also collect and process data about your End Users, such as their names and email addresses.
- From Visitors: Your name, email, phone number and any other information you submit in a web form on the Website. We may also receive this information if you subscribe to a newsletter we offer or participate in an event on webinar we host.
Automatically-collected information is collected from all types of users and includes the following:
- Device and Network Data. We collect data which is automatically sent by your browser when requesting a page from the Website, and our servers store this in our logs. This data includes your IP address, browser and operating system details, information about your hardware, and your time zone and approximate location.
- Cookie Data. TimeZest may use either “session” or “persistent” cookies to store data temporarily on your computer using “cookies” (a small text file sent by your computer each time your browser makes a request to our Website) which can be used to provide functionality such as keeping you logged in, and also identifying you across different browser sessions. Some cookies may be set by third-party services that we use.
- Usage and Aggregate Data. We may collect data about the pages you visit on the website, and also which functions of the Website you use, and how regularly. We aggregate this information, and use it to understand how our Website is used, and how we may improve it.
Your consent and choices
TimeZest considers your usage of the Website your consent to us collecting and processing your data, and if you do not wish for TimeZest to collect and process your data, then you should not use the Website. You additionally have rights as detailed in the “Your Rights” section of this document.
Further to that, you may exercise additional control over the data which TimeZest collects in the following ways:
- Unsubscribing from emails. You may unsubscribe from any TimeZest email communications (with certain limited exceptions, such as for notices we are legally required to send you) by clicking the “unsubscribe” link located in the footer of all TimeZest emails.
- Cookies. You may withdraw your consent for the cookies that TimeZest sets on your device by using the facilities of your browser to reject or delete cookies. When you do this, you may also inhibit TimeZest functionality, such as the ability to keep you logged in to the Website.
- Google Analytics. You may opt-out from Google Analytics service from using your information by installing the Google Analytics Opt-out Browser tool: https://tools.google.com/dlpage/gaoptout.
You may additionally control the information by adjusting the settings of your browser, using plugin/extensions for your browser which protect your privacy (e.g. by blocking ads or other tracking technologies), and by using the following tools provided by the online advertising industry:
- Network Advertising Initiative: https://optout.networkadvertising.org
- Digital Advertising Alliance: https://optout.aboutads.info
- AppChoices mobile app, available at https://www.youradchoices.com/appchoices, which will allow you to opt-out of interest-based ads in mobile apps served by participating members of the Digital Advertising Alliance.
Your Rights
Residents of California (under the CCPA) and the European Economic Area, Switzerland and the United Kingdom (under the GDPR) have a number of rights regarding their personal information. TimeZest recognizes those rights, and will allow all data subjects (including those outside those two jurisdictions) to exercise those rights.
You have the following rights regarding your personal data:
- Access. To access what personal data we hold regarding you, and to be provided with information about the processing of that personal data, the categories of data which we collect, the sources from which we have collected it, the purposes for which we collect it, the third parties to whom we may disclose it, and the categories of personal data and the third parties we disclose, sell or share that data with for a business purpose.
- Deletion. To request the deletion of the personal data we hold about you.
- Correction. To correct/update any inaccurate personal information we hold about you.
- Restriction. To restrict the processing of your personal information.
- Objection. To object to our reliance on a legitimate interest as a basis for processing your personal information.
- Withdrawing Consent/Opt-Out. You may withdraw your consent for us to process your personal data.
These rights are not absolute, and TimeZest may decline requests to exercise those rights where there is a legal basis to do so.
These rights may only directly be exercised by you where TimeZest is processing your personal data as the Controller of that Data (i.e. Visitor data). To exercise your rights in relation to data which TimeZest processes on behalf of our Customers, you must contact that Customer, who will then communicate with TimeZest regarding any actions that are to be taken.
TimeZest may require that you verify your identity prior to processing any requests made in relation to these rights.
Disclosure
TimeZest is not in the business of sharing or selling your Customer Data or Personal Information. We consider this information to be a vital part of our relationship with you. However, in addition to specific requests by you, there are certain circumstances in which we may share your personal data with third parties without further notice to you, as set forth below:
- Business Transfers. As we develop our business, we may buy, sell, or reorganize businesses or assets. In the event of such sale, merger, reorganization, dissolution or similar event, your personal data may be part of the transferred assets.
- Affiliated Companies. We may also share your personal data with our subsidiaries, affiliates and other related companies for purposes consistent with this Privacy Policy and operating the Website.
- Agents, Consultants and Service Providers. TimeZest, like many businesses, sometimes engages other companies to perform certain business-related functions. Examples of such functions include mailing information, maintaining databases and processing payments. When we employ another company to perform a function of this nature, we only provide them with the information that they need to perform their specific function, and we only allow them to process that information for the purposes the information was collected.
- Credit Card Processing. We use third-party service providers to manage subscription billing and credit card processing. These service providers are not permitted to use billing information except for the sole purpose of processing subscription billing and credit card transactions on TimeZest’s behalf.
- Site Optimization. We use analytics and search engine providers to assist us in the improvement and optimization of our Website and provide information to providers such as Google for these purposes.
- Legal Requirements. TimeZest may disclose your Personal Information if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation; (ii) enforce, protect or defend the rights or property of TimeZest our customers, or others; (iii) act in urgent circumstances to protect the personal safety of users of this Site or the public; or (iv) protect against legal liability; (v) to enforce or apply our Terms of Service or any other agreements; (vi) for fraud prevention; or (vii) credit risk reduction.
An up-to-date list of the third-party services which may process or store your personal data can be found at https://timezest.com/dpa/sub-processor-list/ .
Security of Personal Data
TimeZest has in place significant controls to ensure the security of all data we collect, including encryption, access limitation and controls, network controls and firewalls and other organizational measures. These controls are regularly reviewed to ensure their continued effectiveness.
Retention
We retain personal data for as long as necessary for the relevant activity for which it was provided or collected. This will be for as long as we provide access to the Website to you, your account with us remains open or any period set out in any relevant contract you have with us. However, we may keep some data after your account is closed or you cease using the Website for the purposes set out below.
After you have closed your account or ceased using the Website we usually delete personal data, however we may retain personal data where reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, maintain security, prevent fraud and abuse, resolve disputes, enforce our Terms or Services, or fulfill your request to “unsubscribe” from further messages from us.
We will retain de-personalized information after your account has been closed.
Storage and Processing Locations of Personal Data
Our services are global and your information (including personal data) may be stored and processed in any country where we have operations or where we engage service providers, and we may transfer your information to countries outside of your country of residence, which may have data protection rules that are different from those of your country of residence.
The personal data that we collect from you may therefore be transferred to, and stored at, a destination outside the European Economic Area (“EEA“). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers or partners. Such staff or subcontractors may be engaged in, among other things, the fulfillment of your order, the processing of your payment details or the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing outside of the EEA.
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. In particular, this means that your personal data will only be transferred to a country that provides an adequate level of protection (for example, where the European Commission has determined that a country provides an adequate level of protection) or where the recipient is bound by standard contractual clauses according to conditions provided by the European Commission (“EU Model Clauses”).
The Website is accessible via the internet and may potentially be accessed by anyone around the world. Other users may access the Website from outside the EEA. This means that where you chose to post your data on our Website, it could be accessed from anywhere around the world and therefore a transfer of your data outside of the EEA may be deemed to have occurred. You consent to such transfer of your data for and by way of this purpose.
Age of Users
The Website is not intended for and shall not be used by anyone under the age of 18.
Changes to the Privacy Policy
TimeZest may update this Privacy Policy from time to time to reflect material changes in the way that TimeZest handles your personal data, or to clarify or improve the privacy policy. If you continue to use the Website after those changes are posted, you are agreeing to the revised Privacy Policy.
Contacting Us
If you would like to exercise any rights under this Privacy Policy, or have questions or comments regarding it, you may contact us at:
TimeZest Inc.
2810 N Church St #88290
Wilmington DE 19802-4447
USA
Or via email at: [email protected]
