Clockwise Privacy Policy

Effective date: August 27, 2024

At Clockwise, we take your privacy seriously. We consider it very important to limit who can see your Personal Data and to be transparent about how we use it. We don’t sell your Personal Data and, as further described herein, only disclose Personal Data to the minimal extent necessary to facilitate the functioning of the Services.

Please read the following to learn how we treat your Personal Data. By using or accessing the Services in any manner, you acknowledge that you accept the practices and policies outlined in this Privacy Policy, and you hereby consent that we will collect, use, and share your information in the following ways.

Remember that your use of Clockwise's Services is at all times subject to our Terms of Use, which incorporates this Privacy Policy. Any terms we use in this Policy without defining them have the definitions given to them in the Terms of Use.

1. What this Privacy Policy Covers

This Privacy Policy covers how we treat Personal Data that we gather when you access or use our Services. “Personal Data” means any information that identifies or relates to a particular individual and also includes information referred to as “personally identifiable information” or “personal information” under applicable data privacy laws, rules, or regulations. This Privacy Policy does not cover the practices of companies we don’t own or control or people we don’t manage.

2. Personal Data

Categories of Personal Data We Collect:

Categories of Sources of Personal Data

We collect Personal Data about you from the following data sources:

You

When you provide such information directly to us.

  • When you create an account or use our interactive tools and Services.
  • When you voluntarily provide information in free-form text boxes through the Services or through responses to surveys or questionnaires.
  • When you send us an email or otherwise contact us.

When you use the Services and such information is collected automatically.

  • Through Cookies (defined in our Cookie Policy).
  • If you download our mobile application or use a location-enabled browser, we may receive information about your location and mobile device, as applicable.
  • If you download and install certain applications and software we make available, we may receive and collect information transmitted from your computing device for the purpose of providing you the relevant Services, such as information regarding when you are logged on and available to receive updates or alert notices.

Third Parties

Vendors

  • We may use analytics providers to analyze how you interact and engage with the Services, or third parties may help us provide you with customer support.
  • We may use vendors to obtain information to generate leads and create user profiles.

Advertising Partners

  • We receive information about you from some of our vendors who assist us with marketing or promotional services related to how you interact with our websites, applications, products, Services, advertisements or communications.

Third-Party Credentials

  • When you sign up for an account with us using your calendar provider (for example, Google Calendar or Office 365), we will import the contents of your calendar account.

Our Commercial or Business Purposes for Collecting or Disclosing Personal Data

We do not sell your Personal Data or share your Personal Data with third parties for them to market or advertise their products to you. We process Personal Data to operate, improve, understand and personalize our Services.

We use Personal Data for the following purposes:

  • Providing, Customizing and Improving the Services
    • To meet or fulfill the reason you provided the information to us.
    • To provide support and assistance for the Services.
    • To create and manage your account or other user profiles.
    • To personalize website content and communications based on your preferences.
    • To process orders or other transactions.
    • To improve and develop the Services, including testing, research, analysis and product development.
    • To protect against or deter fraudulent, illegal or harmful actions and maintain the safety, security and integrity of our Services.
    • For any other business purpose stated when collecting your Personal Data or as otherwise set forth in applicable data privacy laws, such as the California Consumer Privacy Act, as amended by the California Privacy Rights Act of 2020 (the “CCPA”).
  • Marketing the Services
    • To market and sell the Services.
    • Showing you advertisements, including interest-based, online behavioral or targeted advertising.
  • Corresponding with You
    • To communicate with you about the Services, including Service announcements, updates or offers.
    • To respond to user inquiries and fulfill user requests.
  • Meeting Legal Requirements and Enforcing Legal Terms
    • To comply with our legal or contractual obligations, resolve disputes, and enforce our Terms of Use.
    • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
    • Protecting the rights, property or safety of you, Clockwise or another party.
    • Responding to claims that any posting or other content violates third-party rights.

We will not collect additional categories of Personal Data or use the Personal Data we collected for materially different, unrelated, or incompatible purposes without providing you notice.

As noted in the list above, we may communicate with you if you’ve provided us the means to do so. For example, if you’ve given us your email address, we may send you promotional email offers about the Services, or email you about your use of the Services. Also, we may receive a confirmation when you open an email from us, which helps us improve our Services. If you do not want to receive communications from us, please indicate your preference by emailing us at support@getclockwise.com.

3. How We Disclose Your Personal Data

We do not sell your Personal Data or share your Personal Data with third parties for them to market or advertise their products to you.

We disclose your Personal Data to the following categories of service providers and other parties:

Service Providers. These parties help us provide the Services or perform business functions on our behalf. They include:

  • Payment processors.
    • Our payment processing partner, Stripe, collects your voluntarily provided payment card information necessary to process your payment.
    • Please see Stripe’s terms of service and privacy policy for information on its use and storage of your Personal Data.
  • Security and fraud prevention consultants.
  • Hosting and other technology and communications providers.
  • Staff augmentation and contract personnel.
  • Marketing-related services providers.

Advertising Partners. These parties help us market our services and provide you with other offers that may be of interest to you. They include:

  • Ad networks or other related third parties who assist us to market and sell our Services.
  • Companies that we partner with to offer joint promotional offers or opportunities.

Analytics Partners. These parties provide analytics on web traffic or usage of the Services. They include:

  • Companies that track how users found or were referred to the Services.
  • Companies that track how users interact with the Services.

Enterprise Customer Administrator. This includes the administrator(s) of the entity or enterprise that you utilize our Services through, if any, such as your employer.

Other Parties at Your Direction.

  • Other users (where you post information publicly or as otherwise necessary to for the Services to optimize your schedule).
  • Social media services (if you intentionally interact with them through your use of the Services).
  • Third parties who you access through the Services.
  • Other parties authorized by you.

Legal Obligations

We may disclose any Personal Data that we collect with third parties in conjunction with any of the activities set forth under the “Meeting Legal Requirements and Enforcing Legal Terms” in the “Our Commercial or Business Purposes for Collecting or Disclosing Personal Data” section above.

Business Transfers

All of your Personal Data that we collect may be transferred to a third party if we undergo a merger, acquisition, bankruptcy or other transaction in which that third party assumes control of our business (in whole or in part). Should one of these events occur, we will make reasonable efforts to notify you before your information becomes subject to different privacy and security policies and practices.

Data That is Not Personal Data

We may create aggregated, de-identified or anonymized data from the Personal Data we collect, including by removing information that makes the data personally identifiable to a particular user. We may use such aggregated, de-identified or anonymized data and share it with third parties for our lawful business purposes, including to analyze, build and improve the Services and promote our business, provided that we will not share such data in a manner that could identify you.

4. Data Security

For your privacy and security, your account is protected by authentication through your calendar provider. Clockwise does not store or have access to your calendar provider password. Unauthorized access to your Clockwise account is directly tied to the security of your calendar provider account. We seek to protect Personal Data you directly provide to us from unauthorized access, use and disclosure using appropriate physical, technical, organizational and administrative security measures based on the type of Personal Data and how we are processing that data. For example, the Services use industry standard Secure Sockets Layer (SSL) technology to allow for the encryption of Personal Data you provide to us.  You should also help protect your data by appropriately selecting and protecting your calendar provider password and/or other sign-on mechanism; limiting access to your computer or device and browser; and signing off after you have finished accessing your account.

5. Data Retention

We retain Personal Data about you for as long as necessary to provide you with our Services or to perform our business or commercial purposes for collection your Personal Data. When establishing a retention period for specific categories of data, we consider who we collected the data from, our need for the Personal Data, why we collected the Personal Data, and the sensitivity of the Personal Data. In some cases we may retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form where that information would not identify you personally.

For example:

  • We retain your profile information and credentials for as long as you have an account with us.
  • We retain your payment data for as long as we need to process your purchase or subscription.
  • We retain your Device/IP data for as long as we need it to ensure that our systems are working appropriately, effectively, and efficiently.

6. Personal Data of Children

As noted in the Terms of Use, we do not knowingly collect or solicit Personal Data from children under 16; if you are a child under 16, please do not attempt to register for or otherwise use the Services or send us any Personal Data. If we learn we have collected Personal Data from a child under 16, we will delete that information as quickly as possible. If you believe that a child under 16 may have provided us Personal Data, please contact us at support@getclockwise.com.

7. Managing Your Preferences and Privacy Rights

You may manage your preferences and exercise certain rights with respect to your Personal Data as provided by applicable privacy laws and as described in this section. In managing your preferences and exercising your rights, please keep in mind the following:

  • General: You may have the right to object to or opt out of certain uses of your Personal Data. Where you have consented to the processing of your Personal Data, you may withdraw that consent at any time by contacting us as described below. Even if you opt out of certain uses of your Personal Data, we may still collect and use data that is not personally identifiable regarding your activities on our Services and for other legal purposes as described in the “Data That Is Not Personal Data” section above.
  • Responding to Your Requests: We respond to requests we receive from individuals wishing to manage their preferences or exercise their data protection rights in accordance with applicable data protection laws. This means that we may ask you for information to verify your request, and that your rights may be restricted by certain requirements or exceptions as provided by applicable privacy laws.
  • Email Communications: If you receive an email from us and do not want to receive future emails from us, you can use the “unsubscribe” link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails regarding products or services you have requested. We may also send you certain non-promotional communications regarding us and our Services, and you will not be able to opt out of those communications (e.g., communications regarding the Services or updates to this Privacy Policy.
  • If you are a resident of Virginia, your rights may not apply with respect to Personal Data collected in the course of a commercial or employment relationship.

Opt-Out from Targeted Advertising or Cross-Contextual Behavioral Advertising

As described in our Cookie Policy, we have incorporated certain Cookies from third parties into our website that serve a variety of purposes. Some of these cookies are provided by third parties to serve you relevant ads on our Services or on other websites you visit. These kinds of targeted advertising or cross-contextual behavioral advertising activities may constitute “selling” or “sharing” under privacy laws, depending on your State of residence. We do not otherwise “sell” or “share” your Personal Data.  To our knowledge, we do not sell or share the Personal Data of minors under 16 years of age.

In the last 12 months, we may have shared your Device/IP Data and/or your Web Analytics data the with our Advertising Partners for the purposes of cross-contextual behavioral advertising. We do not share your Calendar Data with third parties for cross-contextual behavioral advertising purposes.  You can opt-out from these activities by accessing your cookie consent settings by clicking on “Cookie Preferences” within the bottom navigation of getclockwise.com.If you are a resident of Nevada, you have the right to opt-out of the sale of certain Personal Data to third parties who intend to license or sell that Personal Data. You can exercise this right by contacting us at support@getclockwise.com with the subject line “Nevada Do Not Sell Request” and providing us with your name and the email address associated with your account. Please note that we do not sell your Personal Data as sales are defined in Nevada Revised Statutes Chapter 603A.

Common Rights for Residents of the European Economic Area, United Kingdom, California, and Virginia

If you are a resident of the European Economic Area (“EEA”), United Kingdom (“UK), Lichtenstein, Norway, Iceland, California or Virginia, you also have the following rights, subject to any requirements or exceptions under the EU or UK General Data Protection Regulations (collectively, the “GDPR”), CCPA, and VCDPA, as applicable:

  • Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can request this copy by reaching out to support@getclockwise.com
  • Rectification or Correction: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can make this request by emailing support@getclockwise.com. Depending on your location, your right to rectification or correction may be subject to certain exceptions: for example, if we decide, based on the totality of circumstances related to your Personal Data, that such data is correct. If your rectification or correction request is subject to one of these exceptions, we may deny your request.
  • Erasure or Deletion: You can request that we erase some or all of your Personal Data from our systems. Depending on your location, your right to erasure or deletion may be subject to certain exceptions: for example, we may need to retain your Personal Data to provide you with the Services or complete a transaction or other action you have requested, or if deletion of your Personal Data involves disproportionate effort. If your deletion request is subject to one of these exceptions, we may deny your request.
  • Data Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.

Other EEA and UK-Specific Rights

If you are a resident of the EEA, UK, Lichtenstein, Norway or Iceland, you may have additional rights under the GDPR with respect to your Personal Data that may not be available to other visitors to our Site. Your exercise of the following rights are subject to any requirements or exceptions under the GDPR.

  • Objection: You can object to the processing of your Personal Data or ask us to restrict processing of your Personal Data.
  • Withdraw Consent: If we have collected or processed your Personal Data solely on the basis of your consent, you may withdraw your consent.
  • Complain to Supervisory Authority: You have the right to lodge a complaint about Clockwise’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en.

Other California-Specific Rights

  • Non-discrimination: If you are a California resident, we will not discriminate against you for exercising your rights under the CCPA. Unless allowed under the CCPA, we will not deny you our goods or services, charge you different prices or rates, or provide you a lower quality of goods and services if you exercise your rights under the CCPA. However, we may offer different tiers of our Services as allowed by applicable data privacy laws (including the CCPA) with varying prices, rates, or levels of quality of the goods or services you receive related to the value of Personal Data that we receive from you.
  • Direct Marketing Disclosures: Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us to prevent disclosure of Personal Data to third parties for such third parties’ direct marketing purposes. We do not conduct such data sharing activities.

Exercising Your Rights

To exercise the rights described in this Privacy Policy, you or, if you are a California resident, your Authorized Agent (defined below), must send us a request that (1) provides sufficient information to allow us to verify that you are the person about whom we have collected Personal Data (such as your name, email, or other account-related information), and (2) describes your request in sufficient detail to allow us to understand, evaluate, and respond to it. Each request that meets both of these criteria will be considered a “Valid Request.” We may not respond to requests that do not meet these criteria. We will only use Personal Data provided in a Valid Request to verify you and complete your request. You do not need an account to submit a Valid Request.

We will work to respond to your Valid Request within the time period required by applicable law. We will not charge you a fee for making a Valid Request unless your Valid Request(s) is excessive, repetitive, or manifestly unfounded. If we determine that your Valid Request warrants a fee, we will notify you of the fee and explain that decision before completing your request.

You may submit a Valid Request using the following methods:

Additional Information for California Residents

If you are a California resident, you may also authorize an agent (an “Authorized Agent”) to exercise your rights on your behalf. To do this, you must provide your Authorized Agent with written permission to exercise your rights on your behalf, and we may request a copy of this written permission from your Authorized Agent when they make a request on your behalf.

Additional Information for Virginia Residents

If you are a Virginia resident and we refuse to take action on a request within a reasonable period of time after receiving your request, you may appeal in accordance with this section. In such appeal, you must (1) provide sufficient information to allow us to verify that you are the person about whom the original request pertains and to identify the original request, and (2) provide a description of the basis of your appeal. Please note that your appeal will be subject to your rights and obligations afforded to you under the VCDPA. We will respond to your appeal within 60 days of receiving your request. If we deny your appeal, you have the right to contact the Virginia Attorney General using the methods described at https://www.oag.state.va.us/consumer-protection/index.php/file-a-complaint.

You may appeal a decision by using the following method:

Additional Information for Residents of the EEA and UK

If you are a resident of the EEA or the UK, please submit your request to exercise your rights to our EU or UK Member Representatives via the contact information provided in Section 10 of this Privacy Policy (“Contact Information”).

8. Processing Personal Data Pursuant to the GDPR

For this section, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but “Personal Data” generally means information that can be used to individually identify a person, and “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure.  Clockwise will be the controller of your Personal Data processed in connection with the Services.

If there are any conflicts between this section and any other provision of this Privacy Policy, the policy or portion that is more protective of Personal Data shall control to the extent of such conflict.  If you have any questions about this section or whether any of the following applies to you, please contact us at support@getclockwise.com. Note that we may also process Personal Data of our customers’ end users or employees in connection with our provision of certain services to customers, in which case we are the processor of Personal Data. If we are the processor of your Personal Data (i.e., not the controller), please contact the controller party in the first instance to address your rights with respect to such data.

Personal Data We Collect

The “Categories of Personal Data We Collect” section above details the Personal Data that we collect from you.

Personal Data Use and Processing Grounds

The “Our Commercial or Business Purposes for Collecting or Disclosing Personal Data” section above explains how we use your Personal Data.

We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below.

Contractual Necessity:  We process the following categories of Personal Data (as identified in the “Processing of Personal Data Pursuant to the CCPA” section above) as a matter of “contractual necessity”, meaning that we need to process the data to perform under our Terms of Use with you, which enables us to provide you with the Services.  When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services that require such data.

  • Profile or Contact Data
  • Payment Data
  • Device/IP Data
  • Other Identifying Information that You Voluntarily Choose to Provide

Legitimate Interest:  We process the following categories of Personal Data (as identified in the “Processing of Personal Data Pursuant to the CCPA” section above) when we believe it furthers the legitimate interest of us or third parties.

  • Profile or Contact Data
  • Payment Data
  • Device/IP Data
  • Web Analytics
  • Location Data
  • Inferences Drawn From Other Personal Data
  • Other Identifying Information that You Voluntarily Choose to Provide
  • Other
  • We may also de-identify or anonymize Personal Data to further our legitimate interests.

Examples of these legitimate interests include:

  • Providing, Customizing and Improving the Services
  • Marketing the Services
  • Corresponding with You
  • Meeting Legal Requirements and Enforcing Legal Terms
  • Completing corporate transactions

Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data.  When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.

Other Processing Grounds: From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.

Sharing Personal Data

The “How We Disclose Your Personal Data” section above details how we share your Personal Data with third parties.

Transfers of Personal Data

The Services are hosted and operated in the United States (“U.S.”) through Clockwise and its service providers, and if you do not reside in the U.S., laws in the U.S. may differ from the laws where you reside. By using the Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to Clockwise in the U.S. and will be hosted on U.S. servers, and you authorize Clockwise to transfer, store and process your information to and in the U.S., and possibly other countries. In some circumstances, your Personal Data may be transferred to the U.S. pursuant to a data processing agreement incorporating standard data protection clauses.

Clockwise complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Clockwise has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Clockwise has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/

If a privacy complaint or dispute relating to Personal Data received by Clockwise in reliance on the Data Privacy Framework (or any of its predecessors) cannot be resolved through our internal processes, we have agreed to participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure. Subject to the terms of the VeraSafe Data Privacy Framework Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure, please submit the required information here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/.

The Federal Trade Commission has jurisdiction over Clockwise’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

If your dispute or complaint related to your Personal Data that we received in reliance on the Data Privacy Framework cannot be resolved by us, nor through the dispute resolution mechanism mentioned above, you may have the right to require that we enter into binding arbitration with you under the Data Privacy Framework “Recourse, Enforcement and Liability” Principle and Annex I of the Data Privacy Framework.

9. Changes to this Privacy Policy

We’re constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time as well, but we will alert you to material changes by placing a notice on the getclockwise.com website, by sending you an email, and/or by some other means. Please note that if you’ve opted not to receive legal notice emails from us (or you haven’t provided us with your email address), those legal notices will still govern your use of the Services, and you are still responsible for reading and understanding them. If you use the Services after any changes to the Privacy Policy have been posted, that means you agree to all of the changes. Use of information we collect is subject to the Privacy Policy in effect at the time such information is collected.

10. Contact Information

If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your Personal Data, your choices and rights regarding such use, please do not hesitate to contact us at:

If you are located in the EU or UK, VeraSafe has been appointed as Clockwise's representative in the EU and UK for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the EU and Article 27 of the UK General Data Protection Regulation, and as such VeraSafe can be contacted in addition to support@getclockwise.com, only on matters related to the processing of personal data.

For inquiries from the EU, please contact VeraSafe in one of the following ways:

  • Via contact form
  • Via telephone at: +420 228 881 031 (tel:+420228881031).
  • Via mail: VeraSafe Ireland Ltd. Unit 3D North Point House North Point Business Park New Mallow Road Cork T23AT2P Ireland

For inquiries from the UK, please contact VeraSafe in one of the following ways:

  • Via contact form
  • Via telephone at: +44 (20) 4532 2003.
  • Via mail: VeraSafe United Kingdom Ltd. 37 Albert Embankment