Cookie Policy

1. Data Controller & Scope

Remote Time Management Ltd. (“RTM”) collects personal data as defined under GDPR (Art. 4(1)) and CCPA (Cal. Civ. Code § 1798.140). This policy applies to all users of our services including website visitors, clients, and personnel.

2. Data Collection Categories

• Personal identifiers: name, email, job title, company
• Usage data: page views, tool integrations via OAuth (e.g., Slack, Trello)
• Time-tracking metrics: project hours, task durations, productivity scores
• Cookies: session, persistent, analytics (detailed in our Cookie Policy)

3. Legal Bases & Processing Purposes

We process data under legitimate interest (Art. 6(1)(f) GDPR) for service delivery and improvement, and consent for non-essential cookies (Art. 7). Purposes include: onboarding, billing according to KPI-based contracts, security audits, and anonymized benchmarking.

4. Data Sharing & Transfers

We utilize subprocessors like AWS (Ireland), Toggl (Estonia), and Salesforce (US) with Standard Contractual Clauses where required. We do not sell personal data. Third-party disclosures occur only for legal compliance or via explicit opt-in.

5. User Rights

GDPR: access, rectification, erasure (Art. 17), data portability (Art. 20). CCPA: right to know, delete, opt-out of sale. Contact DPO at [email protected]. Response within 30 days.

6. Data Retention & Security

Personal data stored for duration of contract plus 24 months for accounting purposes. Encrypted at rest (AES-256) and in transit (TLS 1.3). Regular vulnerability scans and SOC 2 Type II compliance.

7. Policy Updates

Changes will be notified via email 14 days prior. Last updated: May 2024.