2026/01/22 Scheduled Revision

TimeTree, Inc. (hereinafter referred to as the "Company" or "we") handles user information, including personal data of customers (hereinafter referred to as "Users" or "you") of its services (hereinafter referred to as the "Services"), in accordance with this TimeTree Privacy Policy (hereinafter referred to as the "Privacy Policy").

Data Controller
TimeTree, Inc. ( https://timetreeapp.com/intl/corporate )
Contact: support@timetreeapp.com

Article 1 (Acquisition and Legal Basis of Processing User Information)

Legal basis:

Insofar as we obtain your consent for the processing of your personal data, the legal basis for the processing is Art. 6 para. 1 sentence 1 lit. a) General Data Protection Regulation ("GDPR").

If your personal data is processed to fulfil a contract with you or as part of the initiation of a contractual relationship, the legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b) GDPR.

Insofar as the processing of personal data is necessary to fulfil a legal obligation incumbent on us, the legal basis for the processing is Art. 6 para. 1 sentence 1 lit. c) GDPR.

If your personal data is processed to protect the legitimate interests of us or a third party, whereby your interests, fundamental rights and freedoms do not outweigh the former interest, the legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f) GDPR.

(1) Information entered by the User to use various functions of the Services, such as the following information:

  • Information required for user registration
    • Name, email address, date of birth
  • Information registered in the calendar
    • Title, date/time, participants, notes, labels, media files (such as images and videos)
  • Inquiries to support
  • Users who have consented to answer surveys or participate in interviews (name, email address, response contents)

(2) Information provided by external services (e.g., social networking services) when the User permits linkage, as indicated by the external service:

  • Information acquired when using SNS login
    • User identifier, name
  • Schedule information linked to the device calendar
    • Title, date/time, notes

(3) Information automatically acquired during use of the Services:

  • Device information
  • Access history within the Services
  • Access history to advertisements within the Services and behavior history related to such ads
  • Advertising identifiers (e.g., IDFA or Google Advertising ID)
  • User agent
  • IP address
  • Cookie data
  • GPS information

Article 2 (Purpose of Use of User Information)

The Company may use collected user information for the following purposes ("Purposes of Use"). The Company will not handle personal information beyond what is necessary to achieve these purposes without the User's prior consent, unless otherwise permitted by law:

  • For authentication during use of the Services
  • For providing the Services and services for Users
  • For customer support and responding to inquiries related to the Services
  • For responding to violations of the Company's terms and conditions
  • For research, analysis, and improvement aimed at enhancing the Services
  • For notifications regarding significant matters affecting the Services (e.g., major changes, suspension)
  • For providing information on the Company's services and products, including advertisements from the Company and partner businesses deemed beneficial to the User
  • For analyzing attributes and behavioral history to understand user interests and preferences (including analysis using AI models such as large language models (LLMs))

Article 3 (Provision of User Information to Third Parties and transfer outside of Japan)

  1. The Company shall not share or sell user information to third parties without prior User consent, except in the following cases:

    (1) Sharing initiated by the User's actions within the Service

    E.g., when a User shares a calendar or event using the Service's sharing features, necessary information will be provided to the intended recipients. If the public sharing function is used, information may be disclosed to the general public online.

    (2) Sharing for achieving the Purposes of Use

    The Company engages external service providers to manage and provide the Services. These providers may process personal data on the Company's behalf and are contractually obligated to use the data solely for providing services in accordance with this Privacy Policy and are prohibited from disclosing or using the data for other purposes.

    https://timetreeapp.com/intl/en/terms/privacy/data-processor-list

    (3) Sharing based on legal obligations

    Information may be disclosed in response to lawful requests, such as court orders.

    (4) Sharing due to mergers or business transfers

    Information may be provided in the event of a merger or other business succession.

    (5) Sharing for consolidated accounting of TimeTree, Inc. and its equity-method affiliates

  2. The Company may provide or disclose statistical data that cannot identify individuals to third parties.

  3. If the Company provides personal data to third parties located outside of Japan, the Company relies on security measures for secure data transmission, such as the adequacy decision or the standard contractual clauses ('SCC') developed by the EU Commission. In special circumstances where the adequacy decision or the SCC are not a viable option, the company obtains the prior consent of the user, unless exceptions are permitted by law.

Article 4 (Transfer of User Information)

The Company transfers user information obtained outside Japan to Japan for processing and storage, in compliance with applicable data protection laws. Transfers of user information from the EU/EEA to Japan are based on the adequacy decision of the European Commission (Decision 2019/419), confirming that Japan ensures an adequate level of protection for personal data under Art. 45 GDPR.

Article 5 (User Rights Concerning User Information)

You have the following rights vis-à-vis us:

  1. Right to information

    You have a right to information about whether and which of your personal data is processed by us. In this case, we will also inform you about

    (1) the purpose of processing;

    (2) the data categories;

    (3) the recipients of your personal data;

    (4) the planned storage period or the criteria for the planned storage period;

    (5) Your further rights;

    (6) unless you have provided us with your personal data: All available information about its origin;

    (7) if available: the existence of automated decision-making and information about the logic involved, the scope and the intended effects of the processing.

  2. Right to rectification

    You have a right to rectification and/or completion if your personal data processed by us is incorrect or incomplete.

  3. Right to restriction of processing

    You have a right to restriction of processing if

    (1) we verify the accuracy of your personal data processed by us;

    (2) the processing of your personal data is unlawful;

    (3) you need your personal data processed by us for legal prosecution after the purpose has ceased to exist;

    (4) you have objected to the processing of your personal data and we are examining this objection.

  4. Right to cancellation

    You have a right to erasure if

    (1) we no longer need your personal data for its original purpose;

    (2) you withdraw your consent and there is no other legal basis for the processing of your personal data;

    (3) you object to the processing of your personal data and - provided it is not direct marketing - there are no overriding grounds for further processing;

    (4) the processing of your personal data is unlawful;

    (5) the deletion of your personal data is required by law;

    (6) your personal data was collected as a minor for information society services.

  5. Right to information

    If you have exercised your right to rectification, erasure or restriction of processing, we will notify all recipients of your personal data of this rectification, erasure or restriction of processing.

  6. Right to data portability

    You have the right to receive your personal data processed by us on the basis of consent or for the performance of a contract in a structured, commonly used and machine-readable format and to transmit those data to another controller. If this is technically feasible, you have the right to have us transfer this data directly to another controller.

  7. Right of objection

    You have the right to object to the processing of your personal data on special grounds. In this case, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing.

    If your personal data is processed for the purpose of direct marketing, you have the right to object at any time.

  8. Right of cancellation

    You have the right to revoke any consent given to us at any time. Withdrawal of consent does not affect the lawfulness of previous processing based on consent.

  9. Right to lodge a complaint with a supervisory authority

    Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with the competent supervisory authority if you are of the opinion that the processing of your personal data by us violates the GDPR.

    The competent supervisory authority for us is:

    The Hessian Commissioner for Data Protection and Freedom of Information

    poststelle@datenschutz.hessen.de

    Data Protection Officer

    Telefon: +49 611 1408 161

    Department 2.3

    Post office box 3163

    65021 Wiesbaden, Germany

    You can also get in touch with the supervisory authority in your area of your residence.

You can only exercise the rights granted to you under applicable laws and regulations.

Article 6 (Use of Information Collection Modules and Third-Party Advertising)

The Company may incorporate third-party information collection modules into its applications for purposes such as measuring user activity and displaying advertisements delivered by third parties.

More about data collection and advertising modules:

https://support.timetreeapp.com/hc/articles/900002151423

Article 7 (Profiling and Automated Decision-Making)

The Company may use user information for profiling in order to provide personalized advertisements, recommendations, and content tailored to user preferences. Profiling means the automated processing of personal data to evaluate certain personal aspects, in particular to analyze or predict aspects such as interests, behavior, or location.

Logic involved: Profiling is based on analysis of user activity within the Services (e.g., frequency of calendar use, interaction with content, clicks on advertisements, device and location data) and comparison with statistical user segments.

Purpose and significance: The purpose of profiling is to display more relevant advertisements or recommendations and to improve the user experience. This may affect which advertisements or recommendations you see, but it does not produce legal effects or similarly significant impacts on you.

Legal basis: Where required by applicable data protection laws, profiling is carried out on the basis of your explicit consent. For users in the EU/EEA, profiling is based on consent pursuant to Art. 6 para. 1 lit. a GDPR. You may withdraw your consent at any time with future effect.

User rights: You have the right to object to profiling at any time. In addition, under certain laws (including Art. 22 GDPR for users in the EU/EEA), you have the right not to be subject to a decision based solely on automated processing — including profiling — which produces legal effects concerning you or similarly significantly affects you, unless exceptions may apply where such processing is

(i) necessary for the performance of a contract,

(ii) permitted by law, or

(iii) based on your explicit consent. In these cases, you may request human intervention, express your point of view, and contest the decision.

Article 8 (Security Measures for User Information)

The Company implements appropriate technical and organizational security measures to protect user information against unauthorized access, leaks, loss, or damage, in compliance with applicable data protection laws. These measures (referred to as "TOM" under the GDPR) are designed to ensure a level of security appropriate to the risk and to maintain accurate and up-to-date data within the scope necessary for achieving the purposes of use.

More about security measures:

https://support.timetreeapp.com/hc/articles/10404288026265

Article 9 (Retention of User Information)

We store your personal data only for as long as it is necessary to fulfill the purposes for which it was collected. If you withdraw your consent and no other legal basis for processing applies, we will delete or anonymize your data.

We may also be required to retain data where retention obligations are stipulated by applicable laws or regulations (for example, under European Union, national, or other jurisdictional requirements). During such retention periods, your data will be securely stored and its processing will be restricted to compliance with such legal obligations.

In concrete terms, personal data will be deleted or anonymized within 60 days following account deletion.

Article 10 (Measures in Case of Data Breach)

In the event of a data breach involving user information, the Company will investigate the facts, determine the cause, take steps to mitigate damage and prevent recurrence, and report to supervisory authorities as required by law.

Article 11 (Revisions to the Privacy Policy)

If this Privacy Policy is revised, the revised version will be posted on the Company's website and application. If legal requirements dictate that user consent is necessary for changes, the Company will obtain such consent through prescribed means.

Article 12 (Contact Information)

For inquiries regarding the handling of user information in the Services (including exercising data subject rights):

support@timetreeapp.com

Our designated EU representative according to Article 27 GDPR and their contact information:

Atsumi & Sakai Europa GmbH – Rechtsanwälte und Steuerberater

Barckhausstraße 1, 60325 Frankfurt am Main, Germany

eu-representative@timetreeapp.com


Established: December 25, 2014
Revised: November 27, 2018
Revised: May 12, 2023
Revised: August 9, 2023
Scheduled Revision: January 22, 2026
Note: As of September 1, 2019, the company name was changed from "JUBILEE WORKS Inc." to "TimeTree, Inc."
View revisions