To support delivery of our Services, Timely Limited ("Timely") may engage and use data processors ("Subprocessors") with access to certain personal information. This page provides important information about the identity, location and role of each Subprocessor we use.
Terms used on this page, but not explicitly defined, have the meaning outlined in our Terms of Service or the Data Processing Agreement established with you, the customer. If you are a Timely customer and wish to opt-in and sign our additional Data Processing Agreement (DPA), please contact us at [email protected].
The information shared here is for educational purposes to demonstrate how Timely engages with third-party systems, specifically which providers we use as part of delivering the Timely service to you. It should not be interpreted as offering any additional rights or binding agreements.
What is a Subprocessor?
A subprocessor is an external service or provider that is enlisted by Timely to deliver our service to you. As part of that service delivery, we may be required to share personal information we have collected about you with these providers.
How do we protect your information?
We take the privacy and security of your personal data very seriously and have strict processes in place to ensure this information is shared securely and only when necessary.
Personal information: We employ Secure Socket Layer (SSL) technology on the collection, storage and processing of all data. All accounts are accessed via secure login with one-way hashing of all passwords. We do not access or share any data unless required to by law or with your permission to help resolve system problems.
Payments: All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorised with special access rights to such systems, and are required to keep the information confidential. We do not store this information ourselves, instead keeping this with our payment providers who have the highest level of PCI compliance (Find out more about our provider's compliance).
Timely also requires that any third-party services or subprocessors, that we use as part of delivering this service to you, meet the requirements and obligations under GDPR, as well as those requirements of the local authority (NZ).
We have established Data Processing Agreements (DPA's) with all of our providers, to ensure your personal information is collected, stored and processed in a legal/lawful manner. These agreements also meet the criteria under the Privacy Shield framework, which protects the transfer of personal data from the European Union and Switzerland to the United States.
Third parties (Subprocessors)
We've broken the list of processors into relevant sections, to give you greater understanding over how these services have access to your information.
Infrastructure Subprocessors – Service Data Storage
Timely uses the following organisations to store/host/collect Personal Information, or provide other infrastructure that helps with delivery of the Timely Service. These are secure environments that are controlled by the Timely team and are protected by Data Processing Agreements:
Entity Name | Purpose | Entity Country |
Amazon Web Services, Inc. | Cloud Service Provider | United States |
Microsoft Corporation (Microsoft Azure) | Cloud Service Provider | United States |
Google Inc. | Cloud Service Provider | United States |
Service Specific Subprocessors
Timely works with other third-parties to provide specific functions or features within the Timely Service. These providers will have access to relevant personal information (both in an identifiable and anonymous manner) in order to provide their relevant functions. The use of information is limited to the specific purposes we've detailed below:
Entity Name | Purpose | Entity Country |
Twilio, Inc. | Cloud-based SMS Notification Services | United States |
Nexmo Inc. | Cloud-based SMS Notification Services | United States |
SendGrid, Inc | Cloud-based Email Notification Services | United States |
Mailgun Technologies, Inc | Cloud-based Email Notification Services | United States |
HelpScout, Inc | Cloud-based Customer Support Services | United States |
Atlassian, Inc. | Cloud-based Customer Support Services | Australia |
Salesforce.com, Inc | Cloud-based Customer Support Services | United States |
Slack Technologies, Inc | Cloud-based Communication Services | United States |
Chargify, LLC | Cloud-based Billing Services | Various |
Autopilot | Cloud-based Email Delivery Services | United States |
Ask Nicely | Cloud-based Survey Services | New Zealand |
TYPEFORM S.L | Cloud-based Survey Services | Spain |
Fullstory, Inc | Cloud-based Usability Services | United States |
Hotjar Ltd | Cloud-based Usability Services | Malta |
Add on integrations
The following subprocessors are third-parties that we offer optional integrations with. Relevant customer data and personal information will be shared with these services as part of delivering the wider Timely Service. These third-parties are engaged directly by you, the account holder, you can enable or disable these features in your account at any time.
Entity Name | Purpose | Entity Country |
Xero Limited | Cloud-based Accounting Services | New Zealand |
MYOB Group Limited | Cloud-based Accounting Services | New Zealand, Australia |
Intuit, Inc (QuickBooks) | Cloud-based Accounting Services | Various (New Zealand, Australia, United Kingdom, United States) |
Google Inc (Google Calendar, Google Contacts) | Cloud-based Services | United States |
Vend Limited | Cloud-based POS Services | New Zealand, Australia, United Kingdom |
Spreedly, Inc | Cloud-based Payment Services | United States |
PayPal, Inc; PayPal (Europe) Ltd | Cloud-based Payment Services | United States, United Kingdom |
Stripe, Inc; Stripe Payments Europe, Ltd; Stripe Payments Australia Pty. Ltd | Cloud-based Payment Services | United States; Ireland; Australia |
Authorize.net LLC | Cloud-based Payment Services | United States |
Content Delivery Channels
Timely also uses certain providers to assist and support operations under the Timely Services (as described in the Data Processing Agreement).These providers do not have direct access to data that you have shared with us, but we may collect personal information you have shared with us via these services, as part of delivering the wider Timely Service.
For example: If you contact us for support via our Facebook, Twitter or Instagram page, we will pass on your contact details and questions to other services that we use to provide support (see Service Specific Subprocessors above.
Entity Name | Purpose | Entity Country(ies) |
Automattic (Wordpress) | Cloud-based CMS Services | United States |
Cloud-based Social Network | United States (Virginia and California) | |
Cloud-based Social Network | United States (Virginia and California) | |
Cloud-based Social Network | United States |
Changes and updates
As our business grows and evolves, the third-parties and subprocessors that we engage with may also change over time. We will provide the account owner with notice of any changes by sending a notification to the registered account holder's email address, along with posting any changes here. Please check back here to stay in the loop.