Last revised 7 April 2015.
User privacy and security is important to TimeSuit. Below we provide an overview of our security policies and technology.
- Our product uses OAuth2 for user verification. We never have access to our users’ Google account or Gmail passwords.
Data collection and access
- In order to enable TimeSuit features, we collect and store information about the inbound and outbound email activity of our users. We store a permanent copy of metadata for outbound mail composed using TimeSuit, and for inbound replies to those messages. No permanent copies of the actual email messages are stored.
- When TimeSuit is utilised some data are collected regarding the features applied. This data is only used for internal purposes in order to assist us in product development. the data is stored on industry leading cloud services where only TimeSuit staff with legitimate needs has access – furthermore strong passwords are applied
- A secure HTTPS connection handles the interaction between Gmail and TimeSuit.
Responses for incidents
- Our systems are monitored daily and when problems are detected our IT-team are notified immediately in order to solve the problem. If a serious error should entail systemt downtime, this will be communicated over our website, and/or our facebook page our twitter page or through direct email.
- All operations are logged for at least 30-days and can be utilised in order to reconstruct a chain of events in order to investigate incident occurrence.
- Our system operations are logged extensively, and the logs are stored for at least a 30-day period in the cloud. If needed, these logs may be mined to investigate incidents or to reconstruct a chain of events.
- Should a substantial security breach occur, we will take steps minimize the damage and we will notify affected users of the nature and extent of the breach as soon as we register the breach.
- If requested, we will delete a user’s account, removing all customer data associated with that account.
Backups of portions of our data are stored in the cloud, where our maximum retention period for backups are 7 days.
Feedback from you
If you find or experience a bug or an other vulnerability, we would obviously like to know about in order to ensure all users security.
Therefore please follow the below steps:
E-mail your findings to dev@TimeSuit.com.
If possible please include screenshots or other relevant documentation in order for us to identify and fix the problem.
Do not take advantage of the vulnerability or problem you have discovered, this could be by using that vulnerability to edit other users data – please focus on the problem from your own accounts point of view, and only communicate the issue to TimeSuit staff.
Feedback from us
- We will do our best to respond to your mail within 5 business days.
- During the resolution period, we will keep you informed as necessary, also with an expected timeframe for resolving the problem.
- your report will be handled with very strict confidentiality and only dislcosed to TimeSuit staff of necessity.
Alterations and modifications
To some extend we may update our policies according to changes in our business. When changes are made we will revise the “last revised” date at the top of this policy. Any changes to the policy will have immediate effect upon posting it at the website. In this respect we encourage you to review our policies periodically. If you should object to any of our alterations or modifications, your sole recourse is to stop using the site and our services. Your continued access or use of the TimeSuit Services after the modifications become effective is deemed your conclusive acceptance of the modified policies.