1 Our approach to privacy
In line with the new General Data Protection Regulation (GDPR), we aim to collect the minimum personal information necessary to ensure our service functions properly and for us to meet our legal, accountancy and customer service obligations. We promise to be honest about how we use your data and to make it simple for you to delete personal information we may hold on you.
We will never share your personal information with third parties unless required to by law, for accountancy purposes or as part of an acquisition of our company or service by another legal entity. We will never use your personal information to spam you with marketing emails.
We do not store any credit card information ourselves, instead using established global payment services to process credit card transactions. To minimise the possibility of data leakage, we have removed all third-party advertising from our website - and now just include non-targeted adverts to our own products.
2 What information do we have on you
2.1 For general site visitors (people who just view timelines created on our website or who browse our website without signing up for an account), we do not store any information in our databases. Our servers may log IP addresses of website visitors in server log files. These log files are regularly rotated and eventually deleted. Our privacy-focussed analytics service CloudFlare Web Analytics also records non-personally-identifiable, non-trackable information from site visitors.
2.2 For signed up users of our free service (people who have set up an account on www.tiki-toki.com but who do not have a premium account), in addition to the information recorded from general site visitors (1.1), we store the username, email and password (the latter in an encrypted state) in our database. Users can also optionally enter their name into our service which we store in the database. We also generate a cookie on the user's computer to track whether the user is logged in and to support our core timeline creation service (see Cookie section below). This cookie stores information verifying that you are the owner of a www.tiki-toki.com account. We also record in our database content that the user have entered into our service.
2.3 For premium account users (people who pay for an account on www.tiki-toki.com), in addition to the information recorded from signed up users of our free service (1.2), we record the IP Address of the user in our database in order to confirm the user's country location (we need to do this to comply with EU VAT regulations). For premium account users who pay by invoice, we also record the name and address of the company or individual in digital files on our office computers.
Users who pay for their account via a monthly PayPal subscription will also need to enter their personal/business information into PayPal. Users who pay for their account via the Stripe payment service will also need to enter their personal/business information into Stripe. Key senior Webalon staff members access some of the personal information from PayPal and Stripe (not credit card details) for accountancy purposes only.
Some personal information from PayPal (not credit card details) is imported by senior Webalon employees into a trusted online accountancy package - Kashflow - for accountancy purposes only. For users who pay by invoice, we record their name, organisation name and address for accountancy purposes.
Premium account user information - such as contact names, company names, usernames, location of users, email addresses, IP addresses (not credit card details) - are also exported to online document service Google Docs. This information is only accessible by trusted senior Webalon employees and is used solely for accountancy purposes and for reminding premium account users when their accounts are due for renewal.
2.4 In addition to the information in 2.1-2.3, we record and backup all email correspondence we receive from people.
2.5 Our service also stores content that users have entered into their timelines in our database. This content might include text and media links. Images uploaded by premium users are hosted on our servers, and served up using Amazon's content delivery service CloudFront.
2.6 Under GDPR, users have a right to be informed what information a company has on them. To find out what information we have on you, please email a request to help@tiki-toki.com. See here to find out more about your "rights to be informed" under GDPR.
3 How we use your information
3.1 The username, password and email address of signed-up users stored in our databases are only used for the following purposes: i) Core site functionality such as verifying log-in credentials, tracking whether users are logged in, and supporting the timeline creation and editing service. ii) Emailing (automatically) users their username and a reset password at their request. iii) Emailing (manually) some premium account users a reminder when their premium account is due for renewal. iv) Emailing (manually) some former premium account users to find out why they canceled their premium account.
3.2 The cookie stored on the computers of logged-in account owners is used by our service to verify whether the user is the owner of a www.tiki-toki.com account, to confirm whether they are logged into their account and to support our core timeline creation service (see Cookie section below)
3.3 The IP address of premium account users stored in our database is used to identify the user's country location. We need to record this information to comply with EU VAT regulations, which require at least two separate pieces of information to identify the location of a purchaser. This information is only accessed by key trusted senior Webalon employees.
3.4 The IP address of site visitors recorded in our server logs is only accessed in order to prevent malicious attacks or hacks on our service, or to identify errors in our service. This information is only accessed by key trusted senior Webalon employees.
3.5 Names, company names and addresses on invoices are used for accountancy purposes. This information may be accessed by trusted senior Webalon employees or our company accountant for accountancy purposes.
3.6 Information stored on payment processors PayPal and Stripe and on online accountancy service Kashflow is used for accountancy purposes. This information may be accessed by trusted senior Webalon employees or our company accountant for accountancy purposes.
3.7 Non-personally-indentifiable, non-trackable information stored on CloudFlare Web Analytics is used by trusted senior Webalon employees to identify how our website is used by visitors, highlight popular content, identify how visited our site has been over time, and identify how people find our website.
3.8 Information stored on online document service Google Docs is used for accountancy purposes and to manage expiry of premium accounts. This information may be accessed by trusted senior Webalon employees or our company accountant for accountancy purposes.
3.8 Correspondence information stored in our email system and email backups is used for the day-to-day running of our businesses, providing support to our users, and accountancy purposes. It is only accessed by trusted senior Webalon employees.
4 How to delete your information
4.1 You can remove textual content and media links that you have entered into a timeline and which are stored in our database by logging into your Tiki-Toki account and using our admin interface to remove events on the timeline or choosing the delete timeline option.
4.2 To delete your Tiki-Toki account, email us a help@tiki-toki.com, requesting that we delete your account. Please provide your username. We may ask for additional information to confirm that you are the owner of the account.
4.3 To request the removal of information not listed in 4.1-4.2, please email us at help@tiki-toki.com outlining what information you want removed. We may or may not be able to remove this information, depending on whether it is needed for legal or accountancy purposes, or whether deleting it would breach other users' freedom of expression.
4.4 To find out what rights you have regarding deletion of your data, please refer to Article 17 of the GDPR. See here.
5 Cookies
5.1 Cookies are small files stored on your computer when you visit certain websites. You can find out more about cookies here.
5.2 Tiki-Toki uses cookies for the following purposes:
(i) Check whether you are logged into our website.
(ii) Verify that you are the owner of a particular www.tiki-toki.com account.
5.4 You can turn off cookies in your browser but this will prevent you using our timeline creation service, though you will still be able to view timelines.
6 Contact us
6.1 If you have any questions about our privacy policy, please contact us by email at hello@tiki-toki.com.