TimefyMe is committed to a professional management of your personal data. The personal data and time data which you enter would never be disclosed to unauthorized third parties. Where we are subject to a legal requirement to collect data about our users, such data would be stored only for the period that is mandated by law.
The following person or entity is responsible for the protection of your personal data at TimefyMe (https://TimefyMe.com):
Every time you access our web service TimefyMe the servers log your request in files that are kept for a limited period of time. The stored data comprises the IP-address of your computer with a date and time stamp, the uniform resource identifier (URI) of the requested resources, the referring web site (referrer URI), some identifiers of the operating system, client software, protocols and carriers when available. The technical administration of our service infrastructure collects these data for the sole purpose of being able to investigate server load issues and security. An analysis of the data would take place in the event of server load problems, of an attack on the information technology infrastructure of the service, or for statistical purposes of server load.
According to Article 6, Paragraph 1, Point F, and recital 49 of the GDPR, access server logs (described above) are kept for 100 days. Error server logs, which are generated only when an unexpected error occurs and additionally contain system state information, are kept for 200 days. The system state information in the error logs may contain the location of the user which generated the error, versions of software used, search terms, and stack traces, which are the parts of the software executed including times and data. Additionally, in the case of a security incident, we keep security server logs for 400 days. The data stored is described at ModSecurity Logs.
The internet protocols specify HTTP "cookies" (cmp. IETF Request for Comments 2965, http://tools.ietf.org/html/rfc2965) for the technical administration of a user session. TimefyMe also uses cookies to store your preferred language. Cookies are small text files. A web browser automatically saves cookies on your connecting device when you request the TimefyMe site. Upon first use we inform you about that. Cookies are strictly necessary so that the service provider could provide TimefyMe as you requested. If cookies are disabled, the service will not work. TimefyMe uses cookies for the envisaged technical purpose, and does not make use of the controversial cross-site tracking cookies.
TimefyMe operates an in-house solution for web analytics using Matomo (formerly Piwik). Our installation of Matomo is configured to not store any personal data. The stored Matomo data comprises an anonymized version of the IP address of a request, time stamp and the duration of the visit, the specific pages which are accessed, browsers, plugins, search engines and referring pages (referrer URI).
TimefyMe applies the results from the Matomo web analytics tool to improve user navigation and service quality of TimefyMe. Under no circumstances TimefyMe would reconcile the data in Matomo with other records of your personal data. Technical security measures and direct instructions to our system administrators prohibit data merge and reconnaissance of pseudonyms.
When you sign in as a user of the website TimefyMe we store the following data in the database: time stamp of registration, IP address of the computer, user identification, counter-phrase of the password ("hash"), electronic mail and where applicable: full name, profile image, a membership in "groups", time zone, language, country. When you sign in as a user, you can always edit your "profile" and voluntarily add more information about yourself. We invite you to use a pseudonym instead of your real name.
As the main functionality of TimefyMe you enter timestamp information about activities you carry out comprising an activity description, a start time stamp and an end time stamp. It is not checked whether these pieces of information are correct, relate to you or another person. When you join a group that data would normally be visible to the group creator and other group members, including your editing operations. You consent by joining a group to that transparency. For your convenience you are made aware that you are wilfully sharing your time entries with others. At any time you can download your data entries in a convenient format.
When you terminate a user account we would normally offer you read access to your data during a transition period, so you can migrate your own data to another service. When we proceed to remove a user account the following data will be irreversibly erased: username, email, first and surname, profile image if any, country, city and time zone. In addition we erase associations of a user to groups. Some entries remain in the data base and relate to activities in groups and timeline. We will attribute remaining entries to a "former user" account.
We process and use your personal data for the mere purpose that we are able to provide and optimize the TimefyMe services for you. Email contact data is used for automated confirmation of registration via email. Occasionally you may get notified by us via email. It is a fully automated service. By no means an IP address would be reconciled with personal data from other sources. IP addresses are masked in order to render a mapping impossible. Depending on technical capabilities you are free to submit geographic indicators (location information) to us in order to better customize services. At TimefyMe we take specific technical and organizational state-of-the-art measures for the protection of your personal data.
A principle of collecting, processing and using as little personal data as possible governs the collection, processing and use of personal data and the technical choices and design of the web service TimefyMe. In particular, personal data is rendered anonymous or aliased as far as it is technically feasible and proportionate.
We organise the operation of TimefyMe that only those staffers get access to the data where they require it in the performance of their activities. These staffers have signed confidentiality agreements, and have to bear serious consequences for breach of confidentiality, such as termination and criminal/civil sanctions.
The personal data received are sent exclusively to TimefyMe and to our web hosting provider Hetzner Online GmbH, Gunzenhausen, Germany. All data is stored exclusively in Germany. A contract based on Article 28 of the GDPR is available between TimefyMe and Hetzner.