This Privacy Policy outlines the policies and procedures with how, when and why DoubleTime collects information about you whilst using the service. By using the service, you agree to the collection and use of information in accordance with this document.

Table of Contents

• Definitions
• Collecting and Using Your Personal Data
  • Types of Data Collected
    • Personal Data
    • Business Data
    • Third-Party Personal Data
    • Usage Data
    • Information from Third-Party Social Media Services
    • Cookie Data
    • Local Storage Data
  • Use of Your Personal Data
  • Retention of Your Personal Data
  • Deletion of Your Personal Data
  • Disclosure of Your Personal Data
  • Security of Your Personal Data
  • Use of Business Data
  • Use of Third-Party Personal Data
• Capture and Printing of Data
• Third-Party Services
  • JIRA Cloud
  • Sentry
  • Tawk.to
  • Umami Software
• Third-Party Payment Processing
  • Data Collection and Handling
  • Data Protection and Security
  • Storage of Payment Information
  • Management of Payment Information
  • Data Transfers
  • Legal Basis for Processing
• Links to Other Websites
• Changes to this Privacy Policy
• Contact Us

Definitions

For the purposes of this Privacy Policy:

• "We", "our" or "us" refers to 0x234 Pty Ltd, an Australian proprietary limited company.
• "You" or "your" refers to the person or entity accessing or using the service.
• "Service" refers to our website, content, application and infrastructure which power DoubleTime.
• "Account" refers to a unique account created for you to access the service or parts of the service.
• "Device" refers to any electronic device that can access the service, including but not limited to a computer, a cell/mobile phone or a tablet.
• "Personal data" refers to any information that relates to an identified or identifiable individual.
• "Third-party personal data" refers to any information that relates to an identified or identifiable individual and/or entity.
• "Third-party social media service" refers to any website or any social network website through which a user can log in or create an account to use the service.
• "Usage data" refers to data collected automatically, either generated by the use of the service or from the service infrastructure itself (for example, the duration of a page visit).
• "User" refers to any person or entity accessing the service, with or without an account.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

While using the service, we may ask you to provide us with personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to:

• Email address
• First name and/or last name
• Country of residence

In addition, based on your usage, we automatically collect your:

• Device IP address
• Browser type
• Visited pages of the service

Business Data

In addition to personal data, we also collect information about your business to enhance the functionality and benefits of certain features within the application. This information may include, but is not limited to:

• Entity name
• Entity identification number (i.e. ABN)
• First name and/or last name of the primary contact
• Email address of the primary contact or office
• Phone number of the primary contact or office
• Address of the primary contact or office
• Services and cost of services provided

Please note that while some of the collected business data may include personal data, we handle this information separately and in accordance with our privacy policy. Personal data is used for individual identification and communication purposes, while business data is primarily used for organisational and service-related functionalities within the application. We maintain appropriate safeguards to ensure the confidentiality, integrity, and security of both personal and business data.

The collection and processing of business data are subject to the same level of care and protection as personal data. We do not use business data for any purposes other than those specified above, unless explicitly authorised by the user or as required by applicable laws and regulations.

Third-Party Personal Data

In order to provide our users with the full functionality and benefits of certain features within the application, it is necessary for us to collect and process third-party personal data. It is at the user's discretion to decide what information is provided and to ensure the accuracy of the information. The may include, but is not limited to:

• Entity name
• Entity identification number (i.e. ABN)
• First name and/or last name of primary contact
• Email address of primary contact or office
• Phone number of primary contact or office
• Address of primary contact or office
• Services and cost of services provided

Usage Data

Usage data is automatically collected when you use the service, including details such as your device's IP address, browser type, browser version, the pages of our service that you visit, the time and date of your visit, the time spent on those pages, and other diagnostic data. We also collect information that your browser sends whenever you visit our service or when you access the service by or through a mobile device.

In alignment with our dedication to privacy and transparency, we employ Umami analytics, which exemplifies our approach to responsible data handling. Umami is designed to respect user privacy, gathering anonymised data without using cookies or identifying individual users. This tool aids us in understanding how our service is used, allowing us to make informed improvements. We share this information to clearly communicate our practices and uphold our commitment to safeguarding your data.

Information from Third-Party Social Media Services

DoubleTime allows you to create an account and log in to use the service through the following third-party social media services:

• Github
• Gitlab
• Google
• LinkedIn

If you decide to register and grant us access to a third-party social media service, we may collect personal data that is already associated with your third-party social media service's account, such as your name and your email address.

Cookie Data

"Cookies" are small strings of code stored on your computer, which are stored either at our request or that of a third-party in which we rely on. Each cookie, in one way or another, distinguishes you from other users, and varies by type and lifecycle. Cookies which are considered temporary remain stored in memory of your device, only for the lifetime of your current session, and are usually destroyed when your web browser is closed. On the other hand, persistent cookies have a longer lifespan and remain on your device until you destroy them (or your browser is instructed to do so).

The service relies on proprietary session cookies (or first-party cookies) which are used to designate a unique session identifier to a user and keep them connected to the service, and provide authorisation to your account within the service. When disabled or destroyed, access to your account will not be possible and parts of the service may not function as intended.

We utilise third-party analytical cookies which help us collect information on a user's origin and their browsing behaviours within the service, for the purpose of statistical analysis, which gives us the ability to improve the service structure, content and offerings. These cookies can be disabled or destroyed, but will no longer allow us to collect data to improve the service.

For further information on cookies used, please refer to the table below:

If the device you are using is not your own (i.e. a public device, or a device belonging to your employer), we expect you to have the owner's authorisation to agree with the use of cookies on the device.

By continuing to use the service on any device, you are confirming to us that you are authorised to do so and are agreeing to the usage of cookies.

Local Storage Data

Similar to cookies, the service utilises a browser's local storage mechanism which enables personal data from your account to be stored on your device for an extended period of time to enhance your session performance. This data includes, but is not limited to:

• Settings for your personalised experience.
• Your tasks and their content.
• Your tags and their association to your tasks.

If the device you are using is not your own (i.e. a public device, or a device belonging to your employer), prior to ending your session, we encourage you to:

• Explicitly "log out" of your account, if you are logged in, destroying any local storage data associated with your account. This will not destroy any data that has been synced to your account.
• Instruct your browser or device to clear data associated with the service.

Use of Your Personal Data

Your personal data may be used for the following purposes:

• Account Management and Personalisation: We use your personal data to manage and personalise your account, providing you with a tailored experience within our service.
• Communication: We may contact you via email or other electronic communication channels, such as push notifications, to provide updates, important information, and notifications related to the functionalities, products or services you have contracted, including security updates.
• Marketing Communications: With your consent, we may use your personal data to send you news, special offers, and general information from time to time about features offered by our service. You have the option to opt out of receiving such communications at any time.
• Customer Support: When you submit requests to our support desk or interact with our live chat widget, such as submitting bug reports, feature requests, or any inquiries, we use your personal data to effectively address and manage your inquiries.
• Analytics and Improvements: We may analyse your personal data to identify usage trends, evaluate the effectiveness of promotional campaigns, and improve our service, marketing strategies, and your overall experience.
• Tax Eligibility: In certain cases, we may use your personal data to determine your eligibility for the inclusion of any local taxes as required by applicable laws and regulations.

Retention of Your Personal Data

Your personal data will be retained only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

Your usage data will also be retained for internal analysis purposes. Usage data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of the service, or we are legally obligated to retain this data for longer time periods.

Deletion of Your Personal Data

You have the right to delete or request that we assist in deleting the personal data that we have collected about you.

You may update, amend, or delete your information at any time by logging in to your account, if you have one, and visiting the account settings section that allows you to manage your personal information. You may also contact us to request access to, correct, or delete any personal information that you have provided to us and may not have direct access to.

Please note, however, that we may need to retain certain information when we have a legal obligation or lawful basis to do so.

Disclosure of Your Personal Data

Your personal data may be disclosed that such action is necessary to:

• Comply with a legal obligation through court or Government agency.
• Protect and defend the rights or property of DoubleTime.
• Prevent or investigate possible wrongdoing in connection with the service.
• Protect the personal safety of users of the service or the public.
• Protect against legal liability.

Security of Your Personal Data

The security of your personal data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

Use of Business Data

The business data provided by users is used solely for the following purposes:

• Invoice Generation: Generating invoices when sending them to clients through our application.
• Business Information Display: Displaying relevant business information, such as business entity name, identification number, primary contact details, and address, on the invoices.
• Professional Representation: Facilitating accurate and efficient representation of the user's business details to clients.
• Enhanced Invoice Functionality: Enhancing the functionality and professional appearance of the invoices.

It is important to note that while users have the ability to restrict public access to the invoice, there is still a possibility that this business data may be made public if the intended recipient shares or prints the invoice. Once the invoice is shared or printed by the recipient, the user's control over the visibility of the business data is limited.

We do not use this business data to contact users or for any advertising purposes. Our focus is solely on facilitating accurate and efficient invoice generation for the user's business needs. It is the user's discretion to decide how much business data they wish to provide and make public. If a user prefers to keep certain information private, we recommend not adding it to the system.

Use of Third-Party Personal Data

In addition to personal data, as part of our services, users are provided with the option of adding client personal data which enables the ability to create and share invoices, as well as the ability to organise tasks and invoices within the platform. In order to facilitate these processes, we may collect and process limited personal data of the clients, or as we refer to as third-party personal data, provided by our users.

The data collected is used solely for the purpose of:

• Organisation and Filtering: Users have the option to add client data to the application for the purpose of grouping, organising and filtering their tasks and invoices.
• Invoice Creation and Sharing: The third-party data is utilised to generate invoices and facilitate their secure sharing with the intended recipients, such as your clients. This ensures accurate, timely and efficient invoice processing.

All third-party personal data is handled with the same level of care and protection as the personal data of our users. We use this data solely for the purposes mentioned above and do not use it for any other purposes, such as marketing or sharing with third parties unless explicitly authorised by the user or as required by applicable laws and regulations.

Users have full discretion regarding the amount of third-party personal data they enter into the system. If they have concerns about the privacy of their clients' information, they may choose not to enter certain details, and only the necessary information required for invoice generation will be included. This allows users to exercise control over the visibility of their clients' data.

We take appropriate measures to maintain the privacy and security of third-party personal data during the invoice creation, sharing, and organisation processes. Users are encouraged to use the provided facilities to restrict access to public invoice links to prevent unauthorised access to this data. The option to enable this restriction on a per-invoice basis is made available when sending an invoice to a recipient, which will ensure the invoice is only accessible when the recipient enters their email address.

In the case where a public invoice link is not restricted, sensitive data, including personal names, addresses, and contact details, will be omitted to protect the privacy of the third-party's personal data.

However, it is important to note that if the recipient shares or prints the invoice, there is a possibility that the third-party personal data may be made public beyond the user's control. Users should consider this when sharing invoices with recipients who may not be the intended party but have access to the invoice, such as employees or representatives of the third-party business.

We strongly recommend that users review their privacy practices and inform their clients about the collection and processing of their personal data in relation to invoice creation, sharing, grouping, and organisation.

If you are a client of one of our users and have any concerns regarding the processing of your personal data, please contact the respective user directly. For any privacy-related inquiries or to exercise your rights regarding third-party data, please reach out to us using the contact information provided at the end of this privacy policy.

Capture and Printing of Data

While we provide measures to safeguard the privacy and security of user data within our application, it's important to note that users may have the ability to take screenshots or print screenshots containing sensitive information. Additionally, recipients of invoices may choose to print the invoices they receive. In such cases, we cannot control the subsequent handling or distribution of the printed or captured information.

We strongly advise users to consider the privacy implications of capturing or printing data from the app and to take appropriate measures to protect the confidentiality of sensitive information. Users should also inform their clients or recipients about the potential risks associated with printed invoices or captured screenshots and recommend handling such materials securely.

Once data is captured or printed, it may be subject to the recipient's or user's control, and our responsibility for protecting the privacy of the data may be limited.

Third-Party Services

We utilise third-party services to enhance the functionality and improve the quality of our service. These third-party services may store data in jurisdictions other than your home country, which is outside of our control.

JIRA Cloud

We collect your first and/or last name and email address through our contact forms, which are then submitted to JIRA Service Desk for customer support and ticket tracking purposes. This data is stored on JIRA Cloud, a third-party service. For more detailed information on how JIRA Cloud handles your data, we strongly encourage users to review Atlassian's Privacy Policy, and Terms of Service:

• Website: atlassian.com
• Privacy Policy: atlassian.com/legal/privacy-policy
• Terms of Service: atlassian.com/legal/cloud-terms-of-service

Sentry

To improve the reliability and performance of our service, we use Sentry to capture error information. When an error occurs within our software, Sentry may automatically collect data including but not limited to your IP address, browser type, and the state of your application at the time of the error. This data is used solely for debugging and improving the software we provide. For more detailed information on how Sentry handles your data, we strongly encourage users to review Sentry's Privacy Policy, and Terms of Service:

• Website: sentry.io
• Privacy Policy: sentry.io/privacy
• Terms of Service: sentry.io/terms

Tawk.to

For our live chat functionality, we use Tawk.to, a third-party communication platform. This service enables us to offer real-time assistance and support to our users directly on our website and app. The use of Tawk.to helps us enhance user interaction, providing an immediate channel for queries and support. For more detailed information on how Tawk.to handles your data, we strongly encourage users to review Tawk.to's Privacy Policy, and Terms of Service:

• Website: tawk.to
• Privacy Policy: tawk.to/privacy-policy
• Terms of Service: tawk.to/terms-of-service

Umami Software

For analytics tracking, we employ Umami, a tool focused on privacy. It helps us understand user engagement with our service in a non-intrusive manner. Umami collects anonymised data, providing insights without compromising individual privacy. For more detailed information on how Umami Software handles your data, we strongly encourage users to review Umami Software's Privacy Policy, and Terms of Service:

• Website: umami.is
• Privacy Policy: umami.is/privacy
• Terms of Service: umami.is/terms

Third-Party Payment Processing

We utilise the services of Stripe, a trusted third-party payment processor to handle subscriptions and payments directly. This section outlines how Stripe collects, uses and protects personal data during the payment processing.

For more detailed information on how Stripe handles personal data, payment processing and subscriptions, we strongly encourage users to review Stripe's Privacy Policy and Terms of Service:

• Website: stripe.com
• Privacy Policy: stripe.com/privacy
• Terms of Service: stripe.com/terms

Data Collection and Handling

When making payments, users are directed to Stripe's secure checkout session portal hosted on billing.stripe.com, which will appear in the browser's address bar. Within this portal, users enter their payment information directly on Stripe's platform. The data collected by Stripe may include:

• Credit card details
• Bank account details
• Country of residence

As part of the payment processing, our application will provide Stripe with personal data to create a customer record. This personal data may include:

• Email address
• First name and/or last name
• Country of residence

Please note that any additional address information collected by Stripe for billing and fraud prevention purposes is not passed back to our application, and therefore, it is not stored directly on our servers. Stripe handles and securely stores this information in accordance with its own privacy policy and data protection practices.

Furthermore, it's important to acknowledge that the specific data collected by Stripe may be subject to change based on their requirements and policies outside of this privacy policy. While we strive to keep our privacy policy up to date, we recommend reviewing Stripe's privacy policy directly for the most accurate and current information regarding their data collection and handling practices.

Data Protection and Security

We prioritise the security and protection of personal data during payment processing. By leveraging Stripe's services, we rely on their robust security measures and industry-standard practices to ensure the confidentiality and integrity of the data collected and processed through their checkout session portal.

Storage of Payment Information

As we rely on Stripe's checkout session portal, we do not collect or store any payment data within the application or on our servers. Stripe handles and securely stores this information in accordance with its own privacy policy and data protection practices.

Management of Payment Information

Users are provided with access to Stripe's customer portal hosted on billing.stripe.com, which will appear in the browser's address bar. The customer portal offers convenient management of payment details, access to invoices/receipts for services and the ability to upgrade or cancel a subscription contract with us.

The customer portal can be accessed within the application through the user menu. Please note that access to the customer portal is available once a subscription agreement has been entered into and will remain accessible even if the subscription is later cancelled.

We encourage users to take advantage of the customer portal to keep payment information up to date, track billing history and manage subscriptions effectively.

Data Transfers

Stripe may process and store personal data in countries outside of your own as part of its operations. Stripe ensures compliance with applicable data protection laws and regulations regarding cross-border data transfers.

Legal Basis for Processing

The legal basis for processing personal data in relation to payment transactions is typically the necessity to perform the contract (subscription agreement) between us and the user, as well as our legitimate interests as a business entity.

Links to Other Websites

The service may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third-party site. We have no control over and assume no responsibility for the content, products or services on or available from those websites or resources.

You acknowledge sole responsibility for and assume all risk arising from your use of any third-party websites or resources.

We strongly encourage you to review the privacy policy and terms of service of every site you visit.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or as necessary to address new features or services. We encourage you to review this policy periodically to stay informed about how we collect, use and protect your information.

We will notify you of any material changes to this Privacy Policy by posting a prominent notice on the service, or by other means as required by applicable law. Your continued use of our services after the effective date constitutes your acceptance of the updated policy.

Contact Us

If you wish to reach out regarding privacy-related inquiries, please contact us by email at [email protected]