arrow_back Back to home

Privacy Policy

Last updated: March 3, 2026

1. Data Controller

The data controller for GetTimetracker.app ("the Service") is Wellmade, a company registered in Belgium.

For any privacy-related inquiries, you can reach us at privacy@gettimetracker.app.

2. What Data We Collect

We collect only the data necessary to provide the Service:

  • Account information: Your name and email address, provided during registration.
  • Workspace data: Clients, projects, tasks, and time entries you create within the Service.
  • Payment information: Processed securely by our third-party payment processor. We do not store your credit card details.
  • Technical data: Minimal server logs (IP address, request timestamps) required to operate and secure the Service. These are retained for a limited period and are not used for tracking or profiling.

We do not collect any data beyond what is listed above. We do not purchase or otherwise acquire data about you from third parties.

3. Legal Basis for Processing

Under Article 6(1) of the General Data Protection Regulation (GDPR), we process your personal data on the following legal bases:

  • Contract performance (Art. 6(1)(b)): Processing your account and workspace data is necessary to provide you with the Service you signed up for.
  • Legitimate interest (Art. 6(1)(f)): Minimal server logs to ensure the security and availability of the Service.
  • Legal obligation (Art. 6(1)(c)): Retention of financial records as required by applicable tax and accounting laws.

4. How We Use Your Data

Your data is used exclusively to:

  • Provide, maintain, and improve the Service
  • Process payments and manage your subscription
  • Communicate with you about your account (e.g., service updates, billing issues)
  • Ensure the security of the Service

5. Data Sharing

We do not sell, rent, or trade your personal data. We share data only with:

  • Payment processor: To handle subscription billing securely. They process your payment data under their own privacy policy and are GDPR-compliant.
  • Hosting provider: Our infrastructure provider processes data on our behalf under a Data Processing Agreement (DPA) in compliance with GDPR.

6. Cookies & Tracking

We do not use cookies for tracking, analytics, or advertising.

The Service may use strictly necessary cookies (such as session cookies) solely to keep you logged in and ensure the application functions correctly. These are exempt from consent requirements under the ePrivacy Directive as they are essential for the service you requested.

We do not use any third-party analytics services, tracking pixels, social media trackers, or behavioural profiling tools. No cookie banner is needed because we do not use any non-essential cookies.

7. Data Retention

  • Account and workspace data: Retained for as long as your account is active. Upon account deletion, your data will be permanently removed within 30 days.
  • Financial records: Retained for the period required by applicable Belgian and EU tax law (typically 7 years).
  • Server logs: Automatically deleted after 90 days.

8. Your Rights Under GDPR

As a data subject under the GDPR, you have the following rights:

  • Right of access (Art. 15): You can request a copy of the personal data we hold about you.
  • Right to rectification (Art. 16): You can ask us to correct inaccurate or incomplete data.
  • Right to erasure (Art. 17): You can request deletion of your personal data ("right to be forgotten").
  • Right to restriction (Art. 18): You can ask us to restrict processing of your data in certain circumstances.
  • Right to data portability (Art. 20): You can request your data in a portable format. CSV export is available on all plans directly from the Service.
  • Right to object (Art. 21): You can object to processing based on legitimate interest.
  • Right related to automated decision-making (Art. 22): We do not make any automated decisions or profiling that produce legal or significant effects on you.

To exercise any of these rights, contact us at privacy@gettimetracker.app. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. This includes encryption in transit (TLS), secure authentication, and regular security reviews.

10. International Transfers

If your data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or adequacy decisions.

11. Children's Privacy

The Service is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you via email or through the Service at least 30 days before the changes take effect. The "Last updated" date at the top reflects the most recent revision.

13. Contact & Supervisory Authority

For any questions or concerns regarding this Privacy Policy or your personal data, contact us at privacy@gettimetracker.app.

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / GBA) at www.gegevensbeschermingsautoriteit.be, or with the supervisory authority in your country of residence.