Privacy Policy - Timer | AI Productivity OS

1. Introduction

Welcome to Timer. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how Timer ("we", "our", or "us") collects, uses, processes, and shares your personal information when you use our platform and related services, including our website, mobile applications, and APIs.

Timer is operated by AtivoLabs, a company registered in Portugal at Avenida da Liberdade 110, 1250-146 Lisboa, Portugal. This policy applies to all Timer services.

This policy is governed by the General Data Protection Regulation (EU) 2016/679 ("GDPR") and Portuguese Law No. 58/2019, which supplements GDPR with national provisions.

2. Information We Collect

2.1 Information You Provide

Account Information: Name, email address, password, profile picture, time zone, and professional information (company name, job title, industry).
Scheduling Data: Meeting types, availability preferences, booking details, calendar events, meeting notes, and cancellation/rescheduling history.
Communication Data: Messages sent through Timer's chat features, guest chat conversations, and correspondence with our support team.
Payment Information: Billing details processed securely through our payment provider, Stripe. We do not store credit card numbers on our servers.
Integration Data: Calendar information and email data from connected services such as Google Calendar, Gmail, Microsoft Outlook, Zoom, and LinkedIn.
Files and Documents: Files you upload to Timer, including documents, images, and other attachments, subject to your plan's storage quota.
Signature Data: Documents submitted for electronic signature, signer names, email addresses, and signature images.
Form Responses: Data submitted through custom forms you create or respond to within Timer.
Feedback and Reports: Bug reports, feature requests, and feedback you submit to help us improve the platform.

2.2 Information We Automatically Collect

Usage Data: How you interact with our services, features used, session duration, and performance metrics.
Device Information: IP address, browser type, operating system, and device identifiers (only when you enable device information collection in your privacy settings).
Analytics Data: Aggregated usage patterns and system performance data, subject to your analytics preferences.
Location Data: General location based on IP address for time zone detection and localization. We do not collect precise GPS location data.

2.3 Information Collected During Video Calls and Recordings

Call Metadata: Participants, call duration, call type (audio or video), and connection quality metrics.
Recordings: If you choose to record a meeting, the audio and/or video content is captured and stored on our servers. Recordings are only initiated by the meeting host. All participants are clearly notified before recording begins and may choose to leave the meeting if they do not wish to be recorded.
Transcriptions: If you enable meeting transcription, the audio from your meeting is processed by Pilot AI to generate a text transcript (see Section 12).
Live Captions: If enabled, real-time captions are generated during calls. Caption data is transient and not stored after the call ends.

2.4 Information Collected During Electronic Signatures

Legal Audit Trail

Timer collects signer information to ensure the legal validity of electronically signed documents, in compliance with EU eIDAS regulation.

When a document is Timer's e-signature feature, we collect the following for legal audit trail purposes:

Signer's full name and email address
Date and time of signing
IP address at the time of signing
Browser and device information at the time of signing
Document access and viewing history

This information is collected to ensure the legal validity and non-repudiation of signed documents, in accordance with Regulation (EU) No 910/2014 (eIDAS) and applicable Portuguese contract law. Signature audit trails are retained for the duration required by the applicable legal framework governing the signed document.

3. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases, as defined by the General Data Protection Regulation (GDPR):

Legal Basis	Processing Activities
Performance of Contract (Art. 6(1)(b))	Providing the Timer platform, managing your account, processing bookings, handling payments and subscriptions, delivering notifications related to your account and meetings.
Consent (Art. 6(1)(a))	Meeting recording and transcription, AI-powered features (Pilot), Gmail and email integration, third-party calendar synchronization, marketing communications, analytics and usage tracking (where configurable).
Legitimate Interest (Art. 6(1)(f))	Platform security and fraud prevention, service improvement and troubleshooting, aggregated analytics for product development, error monitoring and performance optimization. We have conducted a Legitimate Interest Assessment (LIA) for these activities, which is available upon request by contacting [email protected].
Legal Obligation (Art. 6(1)(c))	Tax and billing record retention, responding to lawful government requests, electronic signature audit trails.

Where we rely on consent, you may withdraw it at any time through your account privacy settings or by contacting us. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

4. How We Use Your Information

4.1 Service Delivery

Provide and Timer's scheduling, communication, and productivity platform
Process and manage your bookings, calendar integrations, and availability
Enable communication between you and your meeting attendees, team members, and contacts
Synchronize with your connected calendar and email services
Facilitate video and audio calls between participants
Process and store meeting recordings and transcriptions when you choose to enable them
Manage electronic signature workflows and maintain signing audit trails
Store and serve files you upload to the platform
Process payments and manage your subscription
Provide customer support and respond to your inquiries

4.2 Service Improvement

Analyze usage patterns to improve our platform and develop new features
Conduct research and analytics to enhance user experience
Monitor system performance and resolve technical issues
Test new features and functionality in controlled environments

4.3 Communication

Send service notifications related to your bookings, meetings, and account activity
Deliver booking confirmations, reminders, and cancellation notices
Provide customer support and technical assistance
Share product updates and new feature announcements (only with your consent)
Send security alerts and account-related notifications

5. AI and Smart Features

AI-Powered Features Require Your Consent

All AI features in Timer are optional and only activated when you choose to use them. You can control which AI features are enabled at any time through your account settings.

Timer offers the following AI-powered features:

Timer Pilot (AI Assistant): A conversational AI assistant that helps you manage your schedule, draft communications, and automate tasks. When you interact with Pilot, your messages and relevant context (such as meeting details) are processed by Pilot AI to generate responses.
Meeting Transcription: With your explicit action, meeting audio is processed by Pilot AI to generate text transcripts. Audio is transmitted securely and is not retained beyond the processing session.
AI-Generated Insights: When enabled, Pilot AI analyzes your transcripts to extract action items, summaries, and meeting highlights.
Smart Scheduling: Pilot AI analyzes your calendar patterns to suggest optimal meeting times and detect scheduling conflicts.
Image Generation: When you request AI-generated images (for presentations, creative assets, or other purposes), your text prompts are processed by Pilot AI. Only the prompt text is transmitted — no personal data is included unless you choose to include it in your prompt.

AI features consume "Pilot Minutes" (PM), a usage-based allowance included in your subscription plan. We track PM consumption to manage your balance and billing.

You can disable AI analytics, pattern analysis, and personalized recommendations individually through your privacy settings.

6. Email Integration (Gmail)

Gmail Data Access

Timer's Dispatch feature allows you to send emails directly from the platform through your connected Gmail account. This integration is entirely optional and only activated when you connect your Gmail account.

6.1 What Gmail Data We Access

Email Sending: We use your Gmail account to send emails on your behalf through the Dispatch feature.
Email Metadata: We access basic email metadata (subject lines, recipients, delivery status) to track message delivery and provide send confirmations.
Account Identity: Your Gmail email address and display name to identify your connected account.

6.2 How We Use Gmail Data

Send emails on your behalf when you use the Dispatch feature
Display delivery status and send confirmations within Timer
Provide email activity logs so you can track your sent communications

6.3 What We Do Not Do With Gmail Data

We do not read, scan, or analyze the content of your emails for advertising purposes
We do not sell, share, or transfer your Gmail data to third parties for their own purposes
We do not store the full content of your sent emails beyond what is necessary for delivery confirmation
We do not use your Gmail data to build user profiles for advertising or marketing

6.4 Gmail Data Retention

Email Content: Email content is transmitted to Gmail for delivery and is not stored Timer's servers beyond the sending process.
Delivery Logs: Basic delivery metadata (recipient, subject, timestamp, status) is retained for 90 days to provide your activity history.
Account Connection: Your Gmail authorization tokens are stored securely while your account is connected.

6.5 Disconnecting Gmail

You can disconnect your Gmail account at any time from your Timer account settings. When you disconnect:

Timer's access to your Gmail account is immediately revoked
Stored authorization tokens are deleted
Historical delivery logs are retained for 90 days, then automatically deleted
You can also revoke access directly from your Google Account permissions page

7. Google API Services — Limited Use Disclosure

Google User Data Policy Compliance

Timer's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, Timer:

Only uses access to Google user data to provide and improve the user-facing features described in this privacy policy (calendar synchronization and email dispatch).
Does not transfer Google user data to third parties unless necessary to provide or improve these features, you provide explicit consent, it is required for security purposes, or it is necessary to comply with applicable law.
Does not use Google user data for serving advertisements.
Does not allow humans to read Google user data unless you have provided affirmative consent, it is necessary for security purposes (such as investigating abuse), it is necessary to comply with applicable law, or the data is aggregated and anonymized for internal operations.

8. Chat and Messaging

End-to-End Encrypted

Direct messages in Timer are protected with end-to-end encryption. Only the sender and recipient can read message content — not even Timer can access it.

Timer provides messaging features that allow you to communicate with team members, contacts, and guests.

Encryption: Messages sent through Timer's chat are encrypted in transit and at rest. Direct messages between users are protected with end-to-end encryption, meaning only the sender and recipient can read the message content.
Guest and Public Chat: Timer allows you to invite external guests to conversations and create chat rooms accessible via a shared link. Guests provide their name to participate. Chat room content is visible to all participants in that room.
Message Retention: Messages are retained while your account is active. When you delete your account, your messages are removed in accordance with our data retention schedule (see Section 13).
Message Metadata: We process message delivery status, timestamps, and read receipts to provide the messaging experience.

9. Video and Audio Calls

Recording Requires Notification

Meeting recordings are never started without clear notification to all participants. Participants may leave the meeting at any time if they do not wish to be recorded.

Timer provides video and audio calling features for meetings and consultations.

Call Data: We collect call metadata including participants, duration, and connection quality to provide and improve the calling experience.
Recording: Meeting recordings are only initiated by the host. All participants are clearly notified before recording begins and may choose to leave the meeting if they do not consent to being recorded. Recorded audio and video files are stored securely on our servers and are accessible only to authorized users.
Transcription: When you choose to transcribe a meeting, the audio is securely processed by Pilot AI (see Section 12). The resulting transcript is stored on our servers and accessible through your account.
Camera and Microphone: Timer requests access to your camera and microphone only when you initiate or join a video call. You can deny or revoke this permission at any time through your browser settings.

10. File Storage

Timer allows you to upload and store files within the platform, subject to your subscription plan's storage limits.

Storage: Files are stored securely on our servers. Each subscription plan includes a storage quota.
Sharing: You may share files with other users or generate shareable links. You control who has access to your files.
Retention: Files are retained while your account is active. Upon account deletion, files are removed in accordance with our data retention schedule.
File Metadata: We track file name, type, size, upload date, and sharing status for platform functionality.

11. Information Sharing and Disclosure

11.1 With Your Consent

We share your information with third parties when you explicitly consent, such as when connecting calendar integrations, enabling email dispatch, or activating meeting transcription services.

11.2 Service Providers (Sub-processors)

We work with trusted service providers who process data on our behalf to operate Timer. These providers are contractually bound to protect your data and only process it as instructed by us:

Stripe — Payment processing and subscription billing. Stripe processes your payment method details and billing address. Timer does not store credit card numbers. Stripe Privacy Policy.
Google — Calendar synchronization (Google Calendar API), email dispatch (Gmail API), and location search. Google Privacy Policy.
Zoom — Meeting integration when you connect your Zoom account for calendar synchronization. Zoom Privacy Policy.
Microsoft — Calendar synchronization when you connect your Microsoft Outlook account. Microsoft Privacy Statement.
LinkedIn (Microsoft) — Social authentication when you choose to sign in with your LinkedIn account. Profile information you authorize is used for account creation. LinkedIn Privacy Policy.
Cloudflare — Content delivery, performance optimization, and security protection Timer's web infrastructure. Cloudflare may process IP addresses and request metadata as part of its services. Cloudflare Privacy Policy.
Unsplash and Pexels — Image search services for creative features within the platform. Search queries are sent to retrieve image results. Unsplash Privacy Policy. Pexels Privacy Policy.
Cloud Infrastructure — Secure hosting and data storage providers located within the European Union.

11.3 Legal Requirements

We may disclose your information if required by law, court order, or governmental regulation, or to protect the rights, property, or safety of Timer, our users, or the public.

11.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. You will be notified of any such change and the choices you may have regarding your information.

12. AI Data Processing (Pilot AI)

Pilot AI

All AI features in Timer are powered by Pilot AI, our integrated AI engine. Your data is processed securely and is never used to train AI models.

Pilot AI powers the following features:

Feature	Data Processed
Timer Pilot (AI Assistant)	Your messages, relevant meeting context
Meeting Transcription	Meeting audio
AI Insights & Action Items	Transcript text
Image Generation	Text prompts

Important safeguards:

All data is transmitted securely using encryption in transit.
Pilot AI processes data solely to fulfill your request and does not use it to train AI models.
Your data is not processed unless you actively use an AI-powered feature.
Audio sent for transcription is not retained beyond the processing session.
You can choose not to use any AI feature — they are entirely optional.

13. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill our legal obligations. Specific retention periods are as follows:

Data Type	Retention Period
Account information	While your account is active
Booking and meeting data	While your account is active
Chat messages	While your account is active
Meeting recordings	Subject to your configured retention policy (default: retained while account is active)
Meeting transcripts	90 days by default (configurable in your settings)
AI assistant conversation history	90 days by default (configurable in your settings)
Email dispatch delivery logs	90 days
Uploaded files	While your account is active
Signed documents and audit trails	As required by eIDAS (EU Regulation 910/2014) and applicable contract law
Payment and billing records	7 years (tax and legal obligations)
Security and error logs	12 months
Aggregated analytics	Indefinitely (anonymized, non-identifiable)

After account deletion:

Most personal data is deleted within 30 days of account closure.
Data required for legal obligations (billing records, signature audit trails) is retained for the periods specified above.
Aggregated, anonymized data that cannot identify you may be retained for research and service improvement purposes.

14. Data Security

Security Measures

We implement industry-standard security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction.

Our security measures include:

Encryption in Transit: All data transmitted to and from Timer is encrypted using TLS (HTTPS).
Encryption at Rest: Personal data is stored in encrypted databases with restricted access.
End-to-End Encryption: Direct messages between users are protected with end-to-end encryption.
Access Controls: Strict employee access controls and role-based permissions.
Security Headers: Industry-standard browser security protections are enforced on all pages.
Regular Audits: Ongoing security assessments and vulnerability testing.
Data Backup: Regular encrypted backups to prevent data loss.
Session Security: Secure session management with automatic timeouts.

15. Your Rights and Choices

You Are in Control

Timer gives you granular privacy controls over analytics, AI features, data sharing, and communications. You decide what data we collect and how it is used.

15.1 Privacy Controls

Timer provides granular privacy controls in your account settings, allowing you to manage:

Analytics and Usage Tracking: Choose whether we collect analytics about your platform usage.
Performance Monitoring: Control whether we collect performance and error data.
Marketing Communications: Opt in or out of product updates and promotional communications.
Third-Party Data Sharing: Control whether anonymized usage data is shared for analytics.
Device Information: Choose whether we collect device and browser information.
AI Analytics: Control whether AI features analyze your patterns to improve recommendations.
Data Retention Preferences: Configure how long certain data types (such as transcripts and AI history) are retained.

15.2 Account Controls

Access: View and update your personal information in your account settings.
Correction: Correct inaccurate or incomplete information at any time.
Deletion: Delete your account and associated data through your account settings.
Data Export: Export your data, including analytics and activity history.
Integration Management: Connect and disconnect third-party integrations (Google, Zoom, LinkedIn) at any time from your settings.
Communication Preferences: Control what notifications you receive via email and in-app.

15.3 EU/EEA Residents (GDPR Rights)

If you are located in the European Union or European Economic Area, you have the following rights under the GDPR:

Right to Access (Art. 15): Request a copy of the personal data we hold about you.
Right to Rectification (Art. 16): Request correction of inaccurate or incomplete data.
Right to Erasure (Art. 17): Request deletion of your personal data, subject to legal retention obligations.
Right to Restrict Processing (Art. 18): Request limitation of how we process your data.
Right to Data Portability (Art. 20): Receive your data in a structured, commonly used, machine-readable format.
Right to Object (Art. 21): Object to processing based on legitimate interest, including profiling.
Right to Withdraw Consent (Art. 7): Withdraw consent at any time for processing activities based on consent.
Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection authority. In Portugal, this is the Comissão Nacional de Proteção de Dados (CNPD) — www.cnpd.pt.

To exercise any of these rights, contact us at [email protected]. We will respond within one calendar month, as required by GDPR Article 12.

16. Automated Decision-Making

Timer uses AI-powered features that may involve automated processing of your data, such as smart scheduling suggestions, conflict detection, and AI-generated meeting insights. These features are designed to assist you and do not make legally binding or similarly significant decisions about you without human involvement.

You have the right to:

Opt out of automated processing features through your account settings.
Request human review of any automated output by contacting our support team.
Receive an explanation of the logic involved in automated features upon request.

17. Special Categories of Personal Data

Sensitive Data

Timer does not intentionally collect sensitive personal data. However, user-generated content such as meeting transcripts or chat messages may incidentally contain such information.

Timer does not intentionally collect special categories of personal data as defined by GDPR Article 9 (such as data revealing racial or ethnic origin, political opinions, religious beliefs, health information, or sexual orientation).

However, we acknowledge that such data may be incidentally captured within user-generated content, including meeting transcripts, chat messages, or uploaded documents. Where this occurs:

The data is processed under the same security protections as all other personal data.
It is not extracted, categorized, or used for any separate purpose.
It is not used for profiling or automated decision-making.
It is subject to the same retention and deletion policies as the content in which it appears.
You may request deletion of any content containing such data at any time.

18. Cookies and Similar Technologies

No Tracking Cookies

Timer does not use advertising cookies, behavioral tracking, or social media pixels. We only use cookies essential for the platform to function and to remember your preferences.

Timer uses cookies and similar technologies for the following purposes:

Cookie Category	Purpose	Lifespan
Session / Authentication	Maintains your login session and authenticates requests. Required for the platform to function.	Session (expires on browser close or after 30 minutes of inactivity)
Preferences	Remembers your UI preferences, language settings, view modes, and theme selections.	Persistent (up to 1 year)
Security	Protects against cross-site request forgery (CSRF) and other security threats.	Session
Infrastructure (Cloudflare)	Cloudflare may set cookies for security, bot detection, and performance optimization.	Varies (see Cloudflare cookie documentation)

All cookies set by Timer are configured as:

HTTP-only: Not accessible to JavaScript, protecting against cross-site scripting attacks.
Secure: Transmitted only over HTTPS connections.
SameSite=Strict: Prevents cross-site request forgery by restricting cookie transmission to same-site requests.

Timer does not use third-party advertising cookies, behavioral tracking cookies, or social media tracking pixels. We do not participate in ad networks or cross-site tracking.

19. Mobile Application

If you use Timer through our mobile application, we may additionally collect:

Push Notification Tokens: To deliver real-time notifications about meetings, messages, and calls. You can disable push notifications through your device settings at any time.
Device Platform: Whether you are using iOS or Android, for compatibility and notification delivery.
Device Information: Basic device information as controlled by your privacy settings.

The mobile app does not access your contacts, photos, or other device data beyond what is described above and what you explicitly authorize (such as camera and microphone access during video calls).

20. Notifications and Communications

Timer sends notifications through the following channels:

Email: Booking confirmations, reminders, cancellations, security alerts, and (with your consent) product updates. Email notifications are throttled to avoid excessive messaging.
In-App Notifications: Real-time alerts within the Timer platform about meetings, messages, and activity.
Push Notifications: Mobile push notifications for time-sensitive events such as incoming calls and upcoming meetings.

You can manage your notification preferences in your account settings, choosing which types of notifications you wish to receive and through which channels.

21. International Data Transfers

Timer is operated by AtivoLabs in Portugal. Your data may be processed in Portugal and in other countries where our service providers operate (including the United States, for services such as Stripe and Google).

For transfers outside the EU/EEA, we ensure appropriate safeguards are in place, including:

EU-US Data Privacy Framework compliance
Standard Contractual Clauses (SCCs) with service providers
Adequacy decisions by the European Commission
Other appropriate safeguards as required by applicable law

22. Additional Rights for Users Outside the EU

22.1 United Kingdom

If you are located in the United Kingdom, your personal data is protected under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. You have the same rights as described in Section 15.3 of this policy. Your supervisory authority is the Information Commissioner's Office (ICO) — ico.org.uk.

22.2 California, United States

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including:

Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you.
Right to Delete: Request deletion of your personal information, subject to certain exceptions.
Right to Opt-Out of Sale: Timer does not sell your personal information to third parties.
Right to Non-Discrimination: You will not receive discriminatory treatment for exercising your privacy rights.

To exercise these rights, contact us at [email protected].

23. Data Breach Notification

72-Hour Notification

In the event of a data breach, we will notify the relevant data protection authority within 72 hours and affected users without undue delay, as required by GDPR.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

Notify the relevant data protection authority (CNPD) within 72 hours of becoming aware of the breach, as required by GDPR Article 33.
Notify affected users without undue delay if the breach is likely to result in a high risk to their rights and freedoms, as required by GDPR Article 34.
Document all breaches, including their effects and the remedial actions taken.

24. Children's Privacy

Timer is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly. If you believe a child under 16 has provided us with personal data, please contact us at [email protected].

25. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, features, or for legal and regulatory reasons. When we make changes:

We will update the "Last updated" date at the top of this policy.
For significant changes, we will notify you via email or in-app notification at least 30 days before the changes take effect.
Previous versions of this policy will remain available upon request.
Your continued use of Timer after changes become effective constitutes acceptance of the updated policy, except where changes affect consent-based processing activities — in such cases, we will seek your explicit consent before applying those changes.