img
  1. Home
  2. Data Policy

Data Policy

This Data Policy explains how TimoDesk (“we,” “us,” “our”) processes, stores, and protects personal data on behalf of our customers (“you,” “your,” “Customer”).

By using TimoDesk, you agree to this Data Policy.

This document is designed to clarify roles and responsibilities when personal or institutional data is processed through TimoDesk’s time-tracking and monitoring tools.

1. Roles & Responsibilities

A. Customer as Data Controller

You decide what data is collected and how it is used within your organization.

You are responsible for ensuring your use of TimoDesk complies with any applicable laws, including labor, privacy, and monitoring regulations.

B. TimoDesk as Data Processor

We process personal data only to deliver the Service you use — such as tracking time, activity, screenshots, and other productivity information.

We do not use your staff’s data for advertising, profiling, or resale.

2. Types of Data We Process

Depending on the features you enable, we may process the following categories:

A. User & Account Data
  • Name
  • Email
  • Workspace or company information
  • Role and permissions
  • Phone number
B. Work & Activity Data
  • Time entries
  • Apps and websites used
  • Active/idle time
  • Mouse/keyboard activity levels (not keystrokes)
  • Tasks and project information
  • Screenshots (if enabled)
  • Shift logs and attendance
C. Device & Technical Data
  • IP address
  • Browser type
  • Device identifiers
  • OS version
  • App version
  • Login timestamps

3. Purpose of Processing

We process personal data only to:

  • Provide and operate TimoDesk services
  • Analyze productivity and generate reports
  • Maintain account security
  • Offer user support
  • Improve product features and performance
  • Perform billing and account verification
  • Comply with legal or security requirements

We do not process data for marketing without consent.

4. Data Storage & Security

We use industry-standard security practices to keep your data safe:

  • Encrypted data transfers (HTTPS/SSL)
  • Secure data centers and cloud hosting
  • Access controls and authentication
  • Regular audits and monitoring
  • Strict internal access rules

Only authorized staff can access data, and only when necessary to support or improve the Service. But in the event of any cyberattack or data breach, we will not be held liable for any resulting data leaks or damages.

5. Data Access & Sharing

A. Your Organization

Your company admins have full access to all workspace data.

You are responsible for notifying your employees about monitoring and securing their consent where required.

B. Approved Service Providers

We may share data with trusted third parties that help us operate TimoDesk, including:

  • Cloud hosting
  • Payment processors
  • Email and support tools
  • Analytics tools

These providers only use data according to our instructions.

C. Legal Requirements

We may share data when required by law, court orders, fraud prevention, or to protect safety.

We never sell or rent personal information.

6. International Data Transfers

Your data may be stored or processed in other countries depending on our hosting infrastructure.

We ensure that adequate protection measures are in place for all international transfers, following common industry standards.

7. Data Retention

We keep personal data only for as long as:

  • You have an active TimoDesk account
  • Required to deliver the Service
  • Needed for legal, tax, or security reasons

You may request deletion of user data at any time.

If your account is closed, data is removed according to our retention schedule unless specific laws require otherwise.

8. Your Rights

Depending on your region, you may have the right to:

  • Access the data we hold about you
  • Correct inaccurate information
  • Request deletion
  • Export personal data
  • Restrict or object to certain processing
  • Withdraw consent where applicable

We will respond to all data-related requests within a reasonable timeframe.

Employees using TimoDesk through their company should first contact their employer regarding any requests for data access or deletion. To request data termination, the employee must send us an official letter authorized and signed by their employer.

9. Sub-Processors

We maintain a list of authorized sub-processors (cloud hosting, analytics, support tools, etc.).

We ensure all sub-processors meet strict security and data protection standards.

If required, we will notify customers when material changes are made to this list.

10. Data Breach Notification

If we ever identify unauthorized access to personal data, we will:

  • Notify affected customers without undue delay
  • Provide relevant details if possible
  • Take immediate steps to contain and resolve the issue

11. Customer Responsibilities

You agree to:

  • Use TimoDesk in a lawful manner
  • Inform your employees about data collection
  • Configure monitoring settings responsibly
  • Provide and manage consent where required
  • Maintain secure access to your TimoDesk account
  • Notify us if any bypass methods are found or any technical bugs are there.

12. Changes to This Data Policy

We may update this Data Policy as necessary. If any changes are significant, we will notify you via email or through the TimoDesk dashboard. Please note that we reserve the right to edit, update, or add to this Data Policy at any time.

13. Contact Information

If you have questions or need help regarding data protection, please contact our support team. [email protected]