Data protection, privacy and data security
Notes on data privacy
This website is hosted by Gebauer GmbH (Obere Dammstraße, 42643 Solingen, Germany) on servers provided by maxcluster GmbH (Lise-Meitner-Str. 1b, 33104 Paderborn, Germany). The website uses services of Cloudflare (Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA). The website is operated by TimeLine ERP India Pvt. Ltd.. We attach great importance to the protection of your privacy as a user of our website. The initial data collection takes place on German servers. The data processing in India is governed by the Digital Personal Data Protection Act, 2023 (DPDP Act). Should any changes to these data protection guidelines become necessary in the future, we will publish them on this page.
The data controllers are:
For hosting and initial data collection:
Gebauer GmbH
Obere Dammstraße 8-10
42653 Solingen
Germany
For CDN services:
Cloudflare, Inc.
101 Townsend St.
San Francisco
CA 94107
USA
For data processing in India:
TimeLine ERP India Pvt. Ltd.
905, Matrix (Near Divya Bhasker)
S G Road, Ahmedabad – 390 051
Gujarat
India
Table of Contents
General information about data processing
Collection and Storage
Data Flow Structure:
- Initial collection on secure German servers
- Processing through European CDN infrastructure
- Primary processing and storage in India
- Mandatory data copy maintenance in India as per DPDP Act
Categories of Personal Data:
- Contact information (name, company details, email, phone)
- Technical data (IP address, browser information)
- Usage data (form submissions, website interactions)
- Communication records
Consent Management
Your consent for data processing is:
- Free: Given without any pressure or compulsion
- Specific: Obtained for each distinct purpose
- Informed: Based on clear information about data usage
- Unconditional: Not tied to any other services
- Unambiguous: Through clear affirmative action
- Revocable: Can be withdrawn at any time
Consent Withdrawal:
- Available through our website’s privacy dashboard
- Can be requested via email
- Takes effect within 72 hours of request
- Does not affect processing based on other legal grounds
Your Rights Under the DPDP Act
As a Data Principal, you have the right to:
- Access your personal data
- Correct inaccurate or incomplete data
- Erase your personal data
- Nominate another person in case of incapacity
- File grievances through our redressal system
- Withdraw previously given consent
Grievance Redressal
Grievance Officer:
Rupesh Shah
[email protected]
+91 91 52659599
Resolution Timeline: 7 working days
Escalation Path:
- Submit complaint to Grievance Officer
- If unresolved, escalate to Data Protection Officer
- Final escalation to Data Protection Board of India
Technical Services and Data Processing
Hosting Infrastructure
Our website is hosted on German servers through:
maxcluster GmbH
Lise-Meitner-Str. 1b
33104 Paderborn
Germany
Technical Security Measures:
- SSL/TLS encryption for all data transmission
- Regular security audits and updates
- Access control systems
- Intrusion detection and prevention
- Data backup and recovery protocols
Content Delivery Network (CDN)
Cloudflare
To make our website faster and more secure, we use Cloudflare from Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA) for this website. Cloudflare uses cookies and processes user data. Cloudflare, Inc. is a US company that offers various security services and a content delivery network. These services serve as a reverse proxy for websites and are located between the user and our hosting provider. We will try to explain in more detail below what this all means exactly.
What is Cloudflare?
Cloudflare provides a Content Delivery Network (CDN) consisting of servers connected via the Internet. Cloudflare has distributed these servers around the world so that websites can reach your screen faster. Simply put, Cloudflare creates copies of our website on its own servers. Now, when you visit our website, a load balancing system ensures that the server that can display our website to you the fastest delivers the most parts of our website. A CDN considerably reduces the distance of data transmission to your browser. In this way, you not only receive the content of our website from our hosting server, but also from servers all over the world. The use of Cloudflare is particularly useful for users from abroad as it allows the site to be retrieved from a server nearby. Cloudflare not only offers the ability to deliver websites quickly, but also various security features such as DDoS protection or the Web Application Firewall.
Why we use Cloudflare?
With our website, we naturally want to offer you the best possible service. Cloudflare helps us to increase the speed and security of our website. Cloudflare provides us with services such as DDoS protection and web firewall as well as web optimizations. A reverse proxy and the content distribution network (CDN) are also included. Cloudflare protects against threats and restricts inappropriate bots and crawlers that waste our server and bandwidth resources.
What data is stored by Cloudflare?
As a rule, Cloudflare only transmits the data that is controlled by the operators of the website. Thus, the content is not determined by Cloudflare, but always by the operator of the website itself. In addition, Cloudflare may collect certain information about our website and process data that is sent by us or that has received instructions relevant to Cloudflare. In most cases, Cloudflare receives information such as IP addresses, security fingerprints, DNS log data and performance data for websites from browser activity. Log data helps Cloudflare to detect new threats, for example. In this way, Cloudflare can provide our website with a high level of security protection. Cloudflare processes this information as part of its services in accordance with applicable legislation. Of course, this includes the General Data Protection Regulation (GDPR).
Cloudflare also uses a cookie for security reasons. The cookie (__cfduid) is used to identify individual users behind a shared IP address and to apply security settings for each individual user. This cookie is particularly useful if you are using our website from a location where there are a number of infected computers. But if your computer is reliable, we can determine this through the cookie. This way you can browse our website unhindered despite infected PCs in your area. It is also important to note that this cookie does not store any personal data. This cookie is absolutely necessary for the security of Cloudflare functions and cannot be switched off.
Cookies from Cloudflare
__cfduid
Expiration time: 1 year
Usage: Security settings for each individual visitor
Example value: d798bf7df9c1ad5b7583eda5cc5e78311141511
Cloudflare also works with third-party providers. In accordance with privacy policies and other confidentiality and security measures, they may process personal data only under Cloudflare’s instructions. Cloudflare will not share any personal data without our explicit consent.
Where and for how long is the data stored?
Your data is stored by Cloudflare primarily in the USA and the European Economic Area. Cloudflare is able to transfer and access the above information globally. Cloudflare typically stores user-level data for domains for less than 24 hours. However, if Cloudflare triggers an IP address security alerts, exceptions to the above retention period may occur.
How can I delete my data or prevent data storage?
Cloudflare only stores data logs for the period of time they are needed and these are usually deleted within 24 hours. In addition, Cloudflare does not store any personal information, such as your IP address. But Cloudflare does store information indefinitely as part of its permanent logs to increase the overall performance of Cloudflare Resolver and to identify potential security risks. On the page https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/privacy-policy/ you can read exactly which permanent logs are stored. All data collected (temporarily or permanently) by Cloudflare is cleansed of all personal data. Cloudflare also anonymizes all permanent log files.
In their privacy policy, Cloudflare states that they are not responsible for the content they receive. As a rule, Cloudflare refers to us as the website operator when you ask Cloudflare to update or delete your content. By deactivating the execution of script code in your browser or integrating a script blocker in your browser, you can also completely prevent the entire collection and processing of your data by Cloudflare.
Cloudflare is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. You can find more information about this at https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0.
You can find more information on data protection at Cloudflare at https://www.cloudflare.com/de-de/privacypolicy/
Data Storage and Transfer
Storage Locations:
- Initial data collection: German servers
- CDN caching: Global Cloudflare network
- Primary processing: Indian servers
- Mandatory copy: Indian data centers
Transfer Security:
- End-to-end encryption
- Secure file transfer protocols
- Regular transfer audits
- Access logging and monitoring
Security Measures
Technical Protection:
- Firewalls and intrusion detection
- Regular security updates
- Vulnerability scanning
- Encrypted data storage
Organizational Measures:
- Employee training programs
- Access control policies
- Regular compliance audits
- Incident response procedures
Automatic data storage and website delivery
Each time our website is called up, certain information is automatically created and stored. Website means the totality of all individual web pages on a domain (e.g. timeline-erp.com). This collected data should be collected as sparingly as possible and only with justification.
While you are visiting our website, the web server – which is the computer on which this website is stored – usually automatically stores data such as the following for reasons of operational security, for the creation of access statistics, etc.
- the complete Internet address (URL) of the accessed website (e.g. www.examplewebsite.de/examplelanguage/)
- the browser and browser version (e.g. Chrome)
- the operating system used (e.g. Windows 10)
- the address (URL) of the previously visited page (referrer URL) (e.g. www.beispielquellsite.de/vondabinichgekommen/)
- the host name and IP address of the device being accessed (e.g. COMPUTERNAME and 194.23.43.121)
- date and time
- in files called web server log files.
As a rule, these files are stored for two weeks and then automatically deleted. A storage of these data together with other personal data of the user does not take place.
Use of cookies
Our website uses cookies to store user-specific data. Below we explain what cookies are and why they are used.
What are cookies?
Whenever you visit a website, you do so with a browser. Known browsers are, for example, Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser or on your computer system when you visit them. These files are called cookies.
These cookies use special strings to store certain user data about you, such as language or personal page settings. When you return to our site, your browser transmits this information back to our site. If this happens, our site knows which settings you made during your last visit and displays them accordingly.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. Also, the expiration time of a cookie varies from a few minutes to a few years. Cookies do not cause any damage to your PC and do not contain viruses or Trojans. Cookies also cannot access information on your PC.
What are the different types of cookies?
We use different types of cookies on our website, each with different purposes. Most of the cookies we use are so-called “session cookies”. They are automatically deleted after the end of your visit. Other cookies remain stored on your terminal device until they expire or you delete them.
Essential cookies
These cookies are necessary to ensure basic functions of the website. For example, it needs these cookies to be able to save your cookie settings at all or to display the desired website language.
Statistics Cookies
Statistics cookies collect information anonymously. This information helps us to understand how our visitors use our website. In addition, these cookies are also used to measure the loading time and behavior of the website with different browsers.
Marketing cookies
Marketing cookies are used by third-party vendors or publishers to display personalized advertisements. They do this by tracking visitors across websites.
When you first visit our website, you will be asked which of these types of cookies you would like to allow. This decision is also stored in a cookie.
Duration of storage, possibility of objection and elimination
Cookies are stored on the user’s computer and transmitted from it to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website in full.
How can I delete cookies?
You can find information about which cookies have been stored in your browser and how to delete them in your browser settings:
Chrome: Delete, enable and manage cookies in Chrome
Safari: Managing cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have placed on your computer
Microsoft Edge:Delete and manage cookies
Borlabs Cookie
This website uses Borlabs Cookie, which sets a technically necessary cookie (borlabs-cookie) to store your cookie consents.
Borlabs cookie does not process any personal data.
The borlabs-cookie cookie stores your consents that you gave when you entered the website. If you wish to revoke these consents, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked again for your cookie consent.
Google Cookies
Our website uses the following cookies:
_ga
Contains a randomly generated user ID. Based on this ID, Google Analytics can recognize returning users on this website and merge the data from previous visits.
Storage period: 2 years
_dc_gtm_xxx
Certain data is only sent to Google Analytics a maximum of once per minute. The cookie has a lifetime of one minute. As long as it is set, certain data transfers are prevented.
Storage duration: 1 minute
_gat_gtag_xxx
Certain data is only sent to Google Analytics a maximum of once per minute. The cookie has a lifetime of one minute. As long as it is set, certain data transfers are prevented.
Storage duration: 1 minute
_gcl_au
Contains a randomly generated user ID.
Storage time: 90 days
_gid
Contains a randomly generated user ID. This ID allows Google Analytics to recognize returning users on this website and merge data from previous visits.
Storage duration: 24 hours
Contact Forms and Communication
Data Collection Through Forms
We collect the following information:
- Name and company details
- Business contact information
- Communication content
- Technical metadata
Processing Purposes:
- Primary: Business communication
- Secondary: Service improvement
- Security: Spam prevention
- Compliance: Legal requirements under DPDP Act
Storage and Retention:
- Initial storage: German servers
- Processing: Indian facilities
- Retention period:
* Active communications: Duration of business relationship
* Completed matters: 2 years
* Legal requirements: As per Indian law
Google reCAPTCHA Integration
Our primary goal is to ensure the best possible security and protection of our website for you and us. We use Google reCAPTCHA from Google Inc (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to ensure this. We can use reCAPTCHA to find out whether you are actually a human and not a robot or other spam software. Spam refers to any unsolicited information that is sent to us electronically. Traditional CAPTCHAS often required solving text or image puzzles for verification. With Google’s reCAPTCHA, ticking a box to confirm that you are not a bot is sufficient in most cases. With the new Invisible reCAPTCHA version, it is no longer necessary to check the box.
What is reCAPTCHA?
Google’s free captcha service reCAPTCHA protects websites from spam software and non-human visitors. This service is mostly used when you fill out forms on the Internet. A captcha service is an automatic Turing test that ensures that an Internet action is carried out by a real person and not by a bot. The Turing test, named after the computer scientist Alan Turing, shows how a human differs from a bot. With captchas, this can also be done by the computer or a software program. Small tasks that are easy for humans to solve but pose considerable difficulties for machines can be found in classic captchas. With reCAPTCHA, it is no longer necessary to actively solve puzzles. Modern risk techniques are used by the tool to distinguish humans from bots. All you need to do is tick the “I am not a robot” box. With Invisible reCAPTCHA, this is no longer necessary. A JavaScript element is integrated into the source code of reCAPTCHA. The tool then runs in the background and examines your user behavior. The software calculates a Captcha score from these user actions. This score is already used by Google before the Captcha is entered to determine the probability that you are a person. In general, ReCAPTCHA or Captchas are used when bots are able to manipulate or abuse certain actions (e.g. registrations, surveys, etc.).
Why do we use reCAPTCHA?
We only want to welcome real people to our site. That’s why we pull out all the stops to protect ourselves and give you the best possible user experience. That’s why we use Google reCAPTCHA from Google. By using reCAPTCHA, information is sent to Google. This is used by Google to check whether you are actually a human being. The security of our website and therefore your security is guaranteed by reCAPTCHA. For example, without reCAPTCHA, a bot that registers could register as many email addresses as possible in order to subsequently “spam” forums or blogs with unwanted advertising content. ReCAPTCHA enables us to avoid such bot attacks.
What data is stored by reCAPTCHA?
In order to find out whether the actions on our website actually originate from people, reCAPTCHA collects personal data from users. It is therefore possible to send the IP address and other data required for the reCAPTCHA service to Google. In the EU Member States or in other contracting states of the European Economic Area Agreement, IP addresses are almost always truncated before the data lands on a server in the United States. As long as you are not logged in with your Google account while using reCAPTCHA, the IP address will not be combined with other Google data. The reCAPTCHA algorithm first checks whether Google cookies from other Google services (e.g. YouTube, Gmail, etc.) are already included in your browser. Then reCAPTCHA places another cookie in your browser and records a screenshot of your browser window.
The completeness of the following list of collected browser and user data is not guaranteed. Rather, they are examples of data that we believe Google processes.
- Referrer URL (the address of the page from which the visitor came)
- IP address (e.g. 256.123.123.1)
- Information about the operating system (the software that enables the operation of your computer. Common operating systems are Windows, Mac OS X or Linux)
- Cookies (small text files that store data in your browser)
- Mouse and keyboard behavior (every action you perform with the mouse or keyboard is saved)
- Date and language settings (which language or date you have preset on your PC is saved)
- All JavaScript objects (JavaScript is a programming language that enables websites to adapt to the user. JavaScript objects can collect all kinds of data under one name)
- Screen resolution (shows how many pixels the image display consists of)
It is undisputed that Google uses and evaluates this data even before you click on the “I am not a robot” checkbox. Ticking the box is no longer necessary in the Invisible reCAPTCHA version, and the entire recognition process takes place in the background. Google does not provide detailed information about exactly how much and what data it stores.
The following cookies are used by reCAPTCHA:
Name: IDE
Expiration time: after one year
Usage: This cookie is set by the company DoubleClick (also owned by Google) to register and report the actions of a user on the website in dealing with advertisements. This allows the effectiveness of advertising to be measured and appropriate optimization measures to be taken. IDE is stored in browsers under the domain doubleclick.net.
Example value: WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-311141511
Name: 1P_JAR
Expiration time: after one month
Usage: This cookie collects statistics on website usage and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to display relevant advertisements to users. The cookie can also be used to prevent a user from seeing the same ad more than once.
Example value: 2019-5-14-12
Name: ANID
Expiry time: after 9 months
Usage: We were unable to find out much information about this cookie. In Google’s privacy policy, the cookie is mentioned in connection with “advertising cookies” such as “DSID”, “FLC”, “AID”, “TAID”. ANID is stored under domain google.com.
Example value: U7j1v3dZa3111415110xgZFmiqWppRWKOr
Name: CONSENT
Expiry time: after 19 years
Usage: The cookie stores the status of a user’s consent to the use of various Google services. CONSENT is also used for security purposes to verify users, prevent fraudulent login information and protect user data from unauthorized attacks.
Beispielwert: YES+AT.de+20150628-20-0
Name: NID
Expiration time: after 6 months
Usage: NID is used by Google to customize ads to your Google searches. With the help of the cookie, Google “remembers” your most frequently entered search queries or your previous interaction with ads. So you always get customized ads. The cookie contains a unique ID that Google uses to collect the user’s personal settings for advertising purposes.
Example value: 0WmuWqy311141511zILzqV_nmt3sDXwPeM5Q
Name: DV
Expiration time: after 10 minutes
Usage: As soon as you have checked the “I am not a robot” box, this cookie is set. The cookie is used by Google Analytics for personalized advertising. DV collects information in anonymized form and is also used to make user distinctions.
Example value: gEAABBCjJMXcI0dSAAAANbqc311141511
How long and where is the data stored?
By inserting reCAPTCHA, data is transferred from you to the Google server. Google does not clearly explain exactly where this data is stored. It can be assumed that data such as mouse interaction, time spent on the website or language settings are stored on the European or American Google servers. The IP address that your browser transmits to Google is not merged with other Google data from other Google services. However, if you are logged in to your Google account while using the reCAPTCHA plug-in, the data will be merged. The deviating data protection provisions of Google apply to this.
How can I delete my data or prevent data storage?
If you do not want any data about you and your behavior to be transmitted to Google, you must log out of Google completely and delete all Google cookies before you visit our website or use the reCAPTCHA software. In principle, the data is automatically transmitted to Google as soon as you visit our website. To delete this data again, you must contact Google support at https://support.google.com/?hl=de&tid=311141511
Analytics and Tracking
Google Analytics Implementation
This website uses Google Analytics, a web analytics service provided by Google, Inc (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, due to the activation of IP anonymization on this website, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.
Configuration aligned with DPDP Act requirements:
- IP anonymization enabled
- Data processing in India where possible
- Limited data collection scope
- Regular data cleanup
Data Collection Scope:
- Usage patterns
- Device information
- Geographic location (country level)
- Website interaction
Duration of storage, possibility of objection and removal.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link
https://tools.google.com/dlpage/gaoptout?hl=en
Processing Safeguards:
- Data minimization
- Purpose limitation
- Regular audits
- Access controls
Information from the third-party provider
Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User terms: http://www.google.com/analytics/terms/de.html, Data Protection Overview: http://www.google.com/intl/de/analytics/learn/privacy.html, as well as the privacy policy: http://www.google.de/intl/de/policies/privacy.
Google Tag Manager
We use the service called Google Tag Manager from Google. “Google” is a group of companies and consists of Google Ireland Ltd (provider of the service), Gordon House, Barrow Street, Dublin 4, Ireland as well as Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and other affiliated companies of Google LLC.
We have concluded an order processing agreement with Google. The Google Tag Manager is an auxiliary service and processes personal data itself only for technically necessary purposes. The Google Tag Manager takes care of loading other components, which in turn may collect data. The Google Tag Manager does not access this data.
For more information on the Google Tag Manager, please refer to Google’s privacy policy.
Please note that American authorities, such as intelligence agencies, could potentially gain access to personal data that is inevitably exchanged with Google due to the Internet Protocol (TCP) when this service is integrated, due to American laws such as the Cloud Act.
Google Adwords (Google Ads)
We use the offer of Google Adwords to draw attention to our attractive offers with the help of advertising media (so-called Google Adwords) on external websites. We can determine how successful the individual advertising measures are in relation to the data of the advertising campaigns. In this way, we pursue the interest of displaying advertising that is of interest to you, making our website more interesting for you and achieving a fair calculation of advertising costs.
These advertisements are delivered by Google via so-called “ad servers”. For this purpose, we use ad server cookies, through which certain parameters for measuring success, such as display of the ads or clicks by users, can be measured. If you access our website via a Google ad, Google Adwords will store a cookie on your PC. These cookies usually lose their validity after 30 days and are not intended to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values for this cookie.
These cookies enable Google to recognize your internet browser. If a user visits certain pages of the website of an Adwords customer and the cookie stored on his computer has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. A different cookie is assigned to each Adwords customer. Cookies can therefore not be tracked via the websites of Adwords customers. We ourselves do not collect and process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google. Based on these evaluations, we can see which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising tools; in particular, we cannot identify users on the basis of this information.
Due to the marketing tools used, your browser automatically establishes a direct connection with Google’s server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of AdWords Conversion, Google receives the information that you have called up the corresponding part of our website or clicked on an ad from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is the possibility that the provider learns your IP address and stores it.
You can prevent participation in this tracking process in various ways:
(a) by adjusting your browser software settings accordingly; in particular, suppressing third-party cookies will result in you not receiving third-party ads;
b) by disabling conversion tracking cookies by setting your browser to block cookies from the domain “www.googleadservices.com“, https://www.google.de/settings/ads, which setting will be deleted when you delete your cookies;
c) by deactivating the interest-based ads of the providers that are part of the self-regulatory campaign “About Ads” via the link http://www.aboutads.info/choices, whereby this setting will be deleted when you delete your cookies;
d) by permanently disabling them in your Firefox, Internetexplorer or Google Chrome browsers at the link http://www.google.com/settings/ads/plugin. We would like to point out that in this case you may not be able to use all functions of this offer to their full extent.
(6) The legal basis for the processing of your data is Art. 6 para. 1 p. 1 lit. f DS-GVO. Further information on data protection at Google can be found here: http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Grievance Redressal System
Filing Complaints:
- Online submission through website
- Email to Grievance Officer
- Postal mail to registered office
Grievance Officer Details:
Rupesh Shah
TimeLine ERP India Pvt. Ltd.
[email protected]
+91 91 52659599
Available: Monday to Friday, 9 AM to 5 PM IST
Escalation Process:
- Grievance Officer
- Data Protection Officer
- Senior Management
- Data Protection Board of India
Legal Framework and Final Provisions
Applicable Laws and Regulations
Primary Regulations:
- Digital Personal Data Protection Act, 2023 (DPDP Act)
- Information Technology Act, 2000
- Indian Contract Act, 1872
- Relevant German hosting regulations
Cross-Border Data Transfers
Data Flow Structure:
- Initial collection: German servers
- Processing: Indian facilities
- Storage: Primary copy in India
- Backup: Secure Indian data centers
Note on data transfer to the USA and other third countries
Among other things, we use tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.
Legal Basis for Processing
Your personal data is processed based on:
- Explicit consent
- Contractual necessity
- Legal obligations
- Legitimate business interests
Changes to Privacy Policy
Update Process:
- Regular policy reviews
- Immediate implementation of regulatory changes
Additional Rights and Protections
Data Principal Rights:
- Right to data portability
- Right to be forgotten
- Right to correction
- Right to grievance resolution
Final Declarations
Language Availability:
- Available in English
- German version for technical infrastructure
- Additional translations upon request
Jurisdiction:
- Primary: Indian courts
- Technical infrastructure: German jurisdiction
- Dispute resolution: As per DPDP Act
Validity:
This privacy policy is effective from 01.12.2024 and supersedes all previous versions.
This concludes our privacy policy. For any questions or concerns, please contact our Data Protection Officer.
Last Updated: 01.12.2024