Privacy, Safe Harbour and Timely (No longer applicable)

Important information

The policies discussed in this guide will be annulled and replaced by EU GDPR (General Data Protection Regulation) on the 25th May, 2018.

While the below information will still apply, there will be additional measures taken to comply with these new regulations.

You can find out more about Privacy at Timely, here:

Want to find out more about the GDPR? We recommend checking out the official GDPR website or the Information Commissioner's Office (ICO) website.

What is Safe Harbour?

The Safe Harbour Privacy Principles pact was an international data transfer agreement that allowed American companies to move personal data between the European Union and the US, in line with European privacy laws.

In essence, the Safe Harbour agreement was a promise made by the US government to protect EU citizens’ data when it is transferred by American companies (from the EU) to the US.

What has changed?

In October 2015, the European Court of Justice ruled that the Safe Harbo(u)r Framework no longer meets the EU's requirements for transferring personal data of European and Swiss residents, to the United States. 

This was due to a complaint by a customer that Facebook data was insufficiently protected, alongside information brought to light (by the likes of Edward Snowden), which demonstrated the level of unprecedented access US spy agencies have to personal data held in American companies’ servers.

A big part of this decision was the notion that the U.S. prizes national security over an individual’s right to privacy. This opposes European beliefs and directly violates European citizens right to the privacy of personal data.

What does this mean?

In light of that decision, all Timely customers that are located in the EEA must request and complete an additional data processing agreement, which incorporates the  Standard Contractual Clauses (for the purposes of Article 26(2) of Directive 95/46/EC). This protects both your data, and the privacy of your customer’s data and meets all requirements of the European Union Data Protection Directive.

Please get in touch with us via to sign the agreement.

We also utilise storage and processing services from the following US based subcontractors:

We have established Model Contact Clauses (or Standard Contractual Clauses) with all of these providers. Click on the name in the list to view the privacy policy of each company.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Get in touch with the Support Team Get in touch with the Support Team