Your privacy is critically important to us. At Time Machine CSA, we have a few fundamental principles we abide by:
- We don’t ask you for personal information unless we truly need it.
- We don’t share your personal information with anyone except to comply with the law, develop our products or protect your rights.
- We don’t store personal information on our servers unless required for the ongoing operation of our services.
- We aim to make it as simple for you to control what’s visible to the public, seen by search engines, kept private and permanently deleted.
Time Machine CSA has a Data Protection Officer who is responsible for matters relating to privacy and data protection. The Data Protection Officer can be reached at firstname.lastname@example.org.
About Time Machine CSA
Time Machine CSA is a registered company with registered office EPFL-CDH-DHLAB, INN 140 (Bâtiment INN), Station 14, CH-1015 Lausanne.
How do we collect personal information about you?
We obtain personal information about you that you provide to us through our website, emails, phone conversations, meetings and documents.
We also obtain personal information relating to you using automated technical means when you visit our website.
What type of personal information is collected?
The information we collect from you might include (but is not limited to) your name, address, email address, phone number, and any other information you choose to provide to us.
The information we collect through our website using automated technical means includes: the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, identification number, online identifier and location data. We also collect information about your website visit including which website pages are accessed, page response times and length of visits to pages.
How long do we retain your personal information?
We review our retention periods for personal data on a regular basis. We are legally required to hold some types of information for certain prescribed periods to fulfil our statutory obligations. Outside of specific statutory obligations, we will hold your personal data on our systems for as long as is necessary for the relevant purposes for which we use it, or in accordance with any retention periods set out in any relevant contract you hold with us.
How do we use your personal information?
We may use the information that you directly provide to us in the following ways:
- We may use your name, email address and postal address to provide you with information, you have requested from us, respond to enquiries or requests from you and communicate with you in relation to those enquiries or requests. Our legal basis for this use is our legitimate interests, namely carrying out activities in the course of Time Machine CSA business in response to customer enquiries or requests.
- We may use your name, email address and postal address to provide you with information regarding similar goods and services to those you have already enquired about or purchased. Our legal basis for this use is our legitimate interests, namely the ongoing marketing of our goods and services to individuals with whom we have an existing relationship in connection with our goods and services and/or who have expressed an interest in those goods and services.
- We may use your name, email address and postal address to send you marketing communications, if you have chosen to receive these. These may include information about new lead generation services, website features, industry news, promotions or offers. Our legal basis for this use is consent.
We may use the information that we automatically collect using technical means through our website to:
- Administer our site and for troubleshooting, testing, research and statistical purposes. We use Google Analytics, a third party website monitoring tool. For more information, see our Cookies Policy. Our legal basis for this is our legitimate interests, namely monitoring the use of our software and IT systems, improving our website.
- Measure or understand the effectiveness of our own advertising activity. Our legal basis for this use is our legitimate interests, namely improving the relevancy of our advertising.
- Measure or understand the effectiveness of our marketing emails. We use marketing software to track when individuals open emails and click on email links and to analyse subsequent behaviour on our website.. Our legal basis for this use is consent.
We may analyse the personal information we collect directly from you and obtain using automated technical means to create a profile of your interests and preferences so that we can contact you with information relevant to you (if you have chosen to receive marketing communications from us).
Who has access to information?
We will not sell or rent your information to third parties.
We may pass your information to third party service providers, including but not limited to:
- Business partners, suppliers and sub-contractors working on our behalf for the purposes of completing tasks and providing services to you.
- Advertisers and advertising networks (including social media) in order to select and serve relevant adverts to you. See our Cookies Policy for more information
When we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and otherwise use your information in accordance with applicable data protection law.
In addition to the specific disclosures set out in this section, we may disclose your personal information where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person, or for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative out-of-court procedure.
In this section we have summarised the rights that you have under data protection law. Some of the rights are complex, applying only in certain circumstances and subject to certain exceptions, and in the interests of keeping this policy concise, not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
You have the right:
- To object to us processing your personal information for marketing purposes. If you object, we will stop processing your personal information for this purpose. When we collect your data, you can choose whether or not you wish to receive marketing communications from us. If you wish to stop receiving marketing communications, you can opt out at any time by clicking an ‘unsubscribe’ link at the bottom of one of our emails.
- To access the information we hold about you and certain information about our processing of it and your rights in relation to it.
- In certain circumstances, to obtain erasure of the personal information we hold about you, subject to certain exceptions.
- To rectification of the information we hold about you.
- In certain circumstances, to restrict our processing of your personal information or object to us processing it If you object, we will stop processing your personal information unless certain exceptions apply.
- Where our legal basis for processing your personal information is your consent or the performance of a contract and we process it by automated means, to be provided with the personal information we hold about you in structured, commonly used and machine readable format and to transmit the information to another controller.
- To not be subject to a decision based solely on automated processing, including profiling, that produces legal effects concerning you or similarly affecting you, subject to certain exceptions.
- Where our processing of your personal information is based on your consent, to withdraw that consent at any time. If you withdraw your consent, we will stop the relevant processing, but it will not affect the lawfulness of our processing before the withdrawal.
To exercise any of these rights, email us at email@example.com or write to us at EPFL-CDH-DHLAB, INN 140 (Bâtiment INN), Station 14, CH-1015 Lausanne. In addition, you can exercise your right to object to direct marketing at any time by clicking an ‘unsubscribe’ link at the bottom of one of our emails.
If you consider that our processing of your personal information infringes data protection laws, you have the right to lodge a complaint to a supervisory authority responsible for data protection. You may do this in the EU member state of your habitual residence, your place of work or the place of the alleged infringement. More information about lodging a complaint with the Information Commissioner’s Office (the relevant UK supervisory authority) can be found at ico.org.uk/make-a-complaint/.
Security precautions in place to protect your information
We take appropriate technical and organisational precautions to secure your personal information and prevent its loss, misuse or alteration. All information you provide to us is stored on our secure servers. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
The transmission of unencrypted (or inadequately encrypted) data over the internet is inherently insecure, and for this reason we cannot guarantee the security of data sent between us over the internet.
Cookies allow us to provide important site functionality so you don’t have to re-enter lots of information. They also allow us to remember what links and pages you have been or viewed during a session. This helps us deliver a better, more personalised service to you.
It is possible to switch off cookies by setting your browser preferences. For more information on the Cookies we use, visit our Cookies Policy.
Links to other websites
Our website may contain links to other websites run by other organisations. We are not responsible for the privacy practices of those organisations or the content of their websites. You should read the privacy policies of these organisations before providing them with any personal information.
Transferring your information outside of European Economic Area (“EEA”)
In this section we provide information about the circumstances in which your personal information might be transferred to countries outside the EEA.
Our principal servers, where personal data is held and processed, are located in the UK. In addition, we back data up to secure servers with Amazon Web Services, located in the United States. Amazon is registered as part of the EU-US Privacy Shield Framework, so complies with the EU data protection requirement.
If you use our services while you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services.
Review of this Policy
We keep this Policy under regular review. This Policy was last updated on 9 March 2019.
You can obtain further information about data protection laws by visiting the Information Commissioner’s Office website at www.ico.org.uk.