This policy (together with our end-user license agreement as set out at https://www.timter.com/terms-and-conditions/ (“EULA”)) applies to your use of the Timter mobile application software (“App”), once you have downloaded or streamed a copy of the App onto your mobile phone or handheld device (“Device”), and any of the services accessible through the App (“Services”).
This App is not intended for children and we do not knowingly collect data relating to children.
This policy is provided in a layered format so you can click through to the specific areas set out below.
- IMPORTANT INFORMATION AND WHO WE ARE
- THE DATA WE COLLECT ABOUT YOU
- HOW IS YOUR PERSONAL DATA COLLECTED?
- HOW WE USE YOUR PERSONAL DATA
- DISCLOSURES OF YOUR PERSONAL DATA
- INTERNATIONAL TRANSFERS
- DATA SECURITY
- DATA RETENTION
- YOUR LEGAL RIGHTS
Important information and who we are
Tradecraft Tools Limited (trading as “Timter” and referred to as “we“, “us” or “our” in this policy) is the data controller and is responsible for your personal data.
Our full details are:
Email address: firstname.lastname@example.org
Postal address: Acre House, 11/15 William Road, London, United Kingdom, NW1 3ER
You have the right to make a complaint at any time to the Information Commissioner’s Office (“ICO”), the UK supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
This version was last updated in January 2021. It may change and if it does, these changes will be posted on this page and, where appropriate, notified to you via email. The new policy may be displayed on-screen and you may be required to read and accept the changes to continue your use of the App or the Services.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during our relationship with you.
Third party links
The App contains links to and from the websites of our partner networks and affiliates. Please note that those websites and any services that may be accessible through them have their own privacy policies and we do not accept any responsibility or liability for those policies or for any personal data that may be collected through those websites or services, such as Contact and Location Data. Please check those policies before you submit any personal data to those websites or use those services.
The data we collect about you
We may collect, use, store and transfer different kinds of personal data about you as follows:
- Identity Data.
- Contact Data.
- Financial Data.
- Device Data.
- Content Data.
- Profile Data.
- Usage Data.
- Marketing and Communications Data.
- Location Data
We explain these categories of data here.
How is your personal data collected?
We will collect and process the following data about you:
Information you give us.
This is information (including Identity, Contact, Financial, and Marketing and Communications Data) that you give us about you by filling in forms on the Website, by entering information into the App or by corresponding with us (for example, by email). It includes information you provide when you download or register the App, subscribe to any of our Services and when you report a problem with the App or our Services. If you contact us, we will keep a record of that correspondence.
Information we collect about you and your device.
We also use GPS technology to determine your current location. Some of our location-enabled Services require your personal data for the feature to work. If you wish to use the particular feature, you will be asked to consent to your data being used for this purpose. You can withdraw your consent at any time by changing the app authorization from the settings of your phone (according to the methods provided by your operating system, Android or iOs).
Information we receive from other sources including third parties and publicly available sources.
We will receive personal data about you from various third parties as set out below:
Information (including Identity, Contact, Financial, and Marketing and Communications Data) from Google, Facebook or Apple that you provide when you register for the App on those platforms;
When you report a problem with the App or provide feedback, Device Data is collected, which we use to diagnose the problem you reported and respond to you. You can also send us a screenshot. We will use your username and name when we respond.
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to allow you to use the App (either in whole or in part) or to access certain services through the App. We will notify you if this is the case at the time.
How we use your personal data
We will only use your personal data when the law allows us to do so. Most commonly we will use your personal data in the following circumstances:
- Where you have consented before the processing.
- Where we need to perform a contract we are about to enter or have entered with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
Click here to find out more about the types of lawful basis that we will rely on to process your personal data.
We will only send you direct marketing communications by email or text if we have your consent. You have the right to withdraw that consent at any time by contacting us.
Purposes for which we will use your personal data and our legal bases for doing so
|Purpose/activity||Type of data (see glossary below)||Lawful basis for processing|
|To install the App and register you as a new App user||
|To manage our relationship with you including notifying you of changes to the App or any Services||
||Performance of a contract with you
Necessary for our legitimate interests (to keep records updated)
Necessary to comply with legal obligations (to inform you of any changes to our terms and conditions)
|To administer and protect our business and the App including troubleshooting, data analysis and system testing||
||Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security)|
|To deliver content and our own advertisements to you, such as our newsletter||
||Necessary for our legitimate interests (to promote our business, study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)|
|To measure and analyse the effectiveness of the advertising we serve you
To monitor trends so we can improve the App
||Necessary for our legitimate interests (to develop the App and Services, analyse how customers use the App and Services and grow our business)|
Disclosures of your personal data
We will need to share your personal data with the Third Parties as set out in the Glossary, for the purposes and on the legal bases set out in the table above.
We only share your personal data with third parties who will respect the security of your personal data and treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Some of our external third parties are based outside the UK so their processing of your personal data will involve a transfer of data outside the UK.
Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it, as follows:
- Back4App, our cloud provider, is based in Germany, which is a country that that has been deemed to provide an adequate level of protection for personal data by the ICO.
- Our app developer, based in Poland, which is a country that has been deemed to provide an adequate level of protection for personal data by the ICO;
- Where we use other service providers, such as Intercom in the US, we may use specific contracts approved by the ICO which give personal data the same protection it has in the UK. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
All information you provide to us is stored on our secure servers. Where you have chosen a password, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Once we have received your information, we will use strict procedures and security features to try to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way.
We have put in place procedures to deal with any suspected personal data breach and will notify you and the ICO of any breach when we are legally required to do so.
We have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers, for tax purposes and in case we need to defend a claim.
In some circumstances you can ask us to delete your data: see [Your legal rights] below for further information.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for our own research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
If you do not renew your subscription to use the App you will automatically be switched to the LITE version of Timter, you will have read-only access to all previously entered data and you will be able to make use of limited functionality. After 12 months (twelve) continuous months of inactivity on the App we will treat the account as expired and your personal data will be deleted, unless we have a legitimate reason to keep it for longer.
Your legal rights
Under certain circumstances you have the following rights under data protection laws in relation to your personal data.
Please click on the links below to find out more about these rights:
- Request access to your personal data.
- Request correction of your personal data.
- Request erasure of your personal data.
- Object to processing of your personal data.
- Request restriction of processing your personal data.
- Request transfer or your personal data.
- Right to withdraw consent.
You also have the right to ask us not to continue to process your personal data for marketing purposes.
You can exercise any of these rights at any time by contacting us at email@example.com.
Descriptions of categories of personal data
Identity Data: first name, last name, profession and company or trading name.
Contact Data: billing address, contact address, email address and telephone numbers.
Financial Data: bank account details, VAT number, invoice history and materials purchase history.
Device Data: includes the type of mobile device you use, a unique device identifier, and your mobile operating platform.
Content Data: includes information stored on your Device, including login information; details of the materials you have ordered from suppliers and your current stock; project names; contacts of customers, suppliers and accountants; calendar appointments and reminders; photos, videos and other digital content; notes; charging rates; expenses; estimates and invoices; job history; your logo and/or brand.
Profile Data: includes your password, user ID or social media login, your preferences and feedback.
Usage Data: includes details of your use of our App including, but not limited to, traffic data.
Marketing and Communications Data: includes your preferences in receiving marketing from us and your communication preferences.
Location Data: includes your current location disclosed by GPS technology.
Consent means processing your personal data where you have signified your agreement by a statement or clear opt-in to processing for a specific purpose. You can withdraw your consent at any time by contacting us.
Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can contact us for further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities.
Performance of Contract means processing your data where it is necessary for the performance of our contract with you, or to take steps at your request before entering into that contract.
Comply with a legal obligation
Service providers acting as processors, including the Google and Apple app stores; our cloud services providers; our app developer, based in Poland; Google Analytics; and Intercom (our customer relationships manager);
Professional advisers acting as data controllers or data processors including lawyers, bankers, accountants, auditors and insurers based in the UK.
HM Revenue and Customs, the ICO and other authorities based in the UK who require reporting of processing activities in certain circumstances.
Our marketing agency (based in UK) will manage ads on Facebook and Instagram knowing who is already a Timter App user.
Your legal rights
You have the right to:
Request access to your personal data. (including a copy of the personal data we hold about you).
Request correction of the personal data that we hold about you.
Request erasure of your personal data. You can ask us to delete or remove personal data where there is no good reason for us continuing to process it, or if we have processed your information unlawfully.
Object to processing of your personal data where we are processing your personal data for direct marketing purposes, or relying on a legitimate interest and there is something about your particular situation which makes you want to object to this processing as you feel it impacts on your fundamental rights and freedoms.
Request restriction (or suspension) of processing of your personal data where:
- you want us to establish the data’s accuracy;
- our use of the data is unlawful but you do not want us to erase it;
- you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
- you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party, in a structured, commonly used, machine-readable format.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you.