Here at Timely, we've been working diligently and hard to ensure that we fulfill our obligation to maintain our transparency about how we use your data. On May 25th, 2018, the EU General Data Protection (GDPR) becomes the standardization for how we use and protect EU citizens' data. The General Data Protection Regulation (GDPR) is a data protection law, replacing an existing EU Data protection law. GDPR strengthens the protection of you and your "personal data." It constitutes as a set of rules that govern monitoring and processing of EU data.
How is Timely preparing for GDPR?
We've been working hard to define our own GDPR roadmap. With an extremely large overhaul of processes and data models, we want to ensure we meet our legal obligations but make sure we do the absolute best thing for you, our customer, while still enabling us to be agile, grow, and continue to build kickass products for you.
Building new features
We're building features that are vital and necessary for you to be able to fully delete all data linked to you within Timely.
Taking security measures
We believe your data is yours and that you should always be in control of it and have control over it. All of your information is kept entirely private and not shared with anyone.
We are also reviewing our internal access design to ensure the right people have access to the right level of customer data.
We've appointed a Data Protection Officer
We have dedicated a specific person as a Data Protection Officer to advise, oversee, and manage Timely's data. If you have questions about this touch base at [email protected].
Updating our Data Processing Agreements (DPAs):
As an important part of GDPR requirements, we're updating our data processing agreement and privacy commitments to meet our obligations for GDPR that lay the land for the terms for Timely and our customers. And as a our parent company, Memory AS, is a registered company in Norway and a member of the European Economic Area (EEA), we have adopted the EU directive 1995/46/EC in its laws (including GDPR)
Our data will be stored and processed in the US by our sub suppliers and sub processors, Amazon and Heroku (Salesforce). Both of these companies are Privacy Shield-certified, so transfer of data to them will be in compliance with EU law. We do not use any other sub suppliers outside the EU/EEA-area.
Coordinating with our vendors
We're reviewing all of our vendors to understand their GDPR plans to organize and structure GDPR-ready data processing agreements with them.
Feel free to reach out to us if you have any questions about GDPR - we’d be happy to chat to you about it.