Privacy Policy

Effective Date: 12 August 2024 

Taimi Privacy Policy (the “Policy”) explains all the privacy matters you may face when using our website, https://taimi.com and other websites run by Taimi (the “Website”) jointly the “Service”, operated by Grifalop Limited (“Taimi” or “we”). 

Some services which may be employed by either Taimi or you to interact with the Services may have their own privacy rules (third-party privacy policies). Thus, if your personal data is processed by such services, such processing is governed by third-party privacy policies, not this present Policy.

This Privacy Policy explains what personal data is collected when you use our websites and the services provided through them, how such personal data will be processed.

By using our service, you promise us that (i) you have read, understand and agree to this privacy policy, and (ii) you are over 18 years of age. If you do not agree, or are unable to make this promise, you must not use the service. 

  • Changes and Updates to Policy
    •

    Reasons of Updates. We may revise the Policy according to new developments or advances in legislation and the broader data protection landscape from time to time, so please check this page regularly to ensure you’re always up -to-date with any changes.

    Communication on Updates. If we make any changes hereto that, in our sole discretion, are substantial, we will notify you by email (to the address associated with your profile) or via the App, post a notice within Taimi Services or make a notification appear in your profile when you next log in to Taimi before amendments become effective.

  • Your Data Controller and Data Processors; Service providers, Contractors and Third Parties Accessing Data
    •

    Information about who processes your data and with whom we may share your data is considered to be one of the most vital points you should know, so we place this article here, in the Policy's beginning. In this section, we also explain what third-party sources we may use to receive your data from.

  • Roles and Definitions. The first you should know is information about your data controller and processors. The data controller is an entity that determines the purposes and means of the processing of the data. The data processor is an entity that processes the data on behalf of the controller. A third party is a person whose access to the data depends on their rights or duties.
  • Data Controller; EU Representative; Data Protection Officers:
    1. in this current case, your data controller is Grifalop Limited, 705, Spyrou Araouzou & Koumantarias, Fayza House, 5th floor, office No.: 2, 3036, Limassol, Cyprus; email: legal@taimi.com
    2. our EU Representative – for General Data Protection Regulation (GDPR) compliance purposes – is Itolivo Limited, a company with its registered address at 705, Spyrou Araouzou & Koumantarias, Fayza House, 5th floor, office No.: 2, 3036, Limassol, Cyprus, email: eu@taimi.com;
    3. our UK Representive is AMORIGIN LIMITED with its registered address at Ibex House, 61 Baker Street, Weybridge, England, KT13 8AH;
    4. our Data Protection Officer (DPO),  please email: gdpr@taimi.com. If you are an EU/UK citizen or a resident, feel free to contact our EU DPO in case you have any questions Please note that this email is designated strictly for data protection inquiries, and other types of questions will not be addressed.
  • Data Processors. We engage partners to carry out specific services or business functions on our behalf using their technologies and resources, based on our instructions. This cooperation may involve, in particular, processing your data using their software development kits (SDKs), APIs, cookies, and other technologies. Consequently, your information is transferred and processed on their servers (usually without a partner's direct access to the specific pieces of information) on our behalf for our purposes. 

    • Such type of processing of personal data may be regarded as sharing of information with third parties. We strive to conclude specific data processing agreements with all such parties to establish the rules for processing of your data specifically on our behalf and limited to it. Our partners help us operate, provide, improve, integrate, customize, support, and market our Service.

    We share personal data with third parties that we hire to provide services or perform business functions on our behalf, based on our instructions. We process your personal information using the following types of service providers (and in certain cases, their subprocessors):

    1. Cloud storage providers

    To host personal data and enable our Service to operate and be distributed we use Amazon Web Services, which is a hosting and backend service provided by Amazon. You may read more on Amazon’s security practices on its website.

    1. Gateway service providers and payment processing partners

    We use various payment processing and payment gateway providers that help us connect with different banks and payment systems around the world. These providers allow us to offer our customers a wide range of payment options and ensure fast and smooth transactions. Due to the large number of payment processing providers we work with, we cannot list them all here. Each payment processing provider has its own terms and conditions and privacy policy that may apply to the transactions they process. 

    1. Processing orders providers

    Shopify is an e-commerce service that allows us to create and manage our online store. In particular, Shopify allows us to display our products, process payments, and track orders and inventory. Some of your information such as your name, email address, shipping address and payment details are transferred to Shopify when you make a purchase on our online store. The transfer is required to enable us to fulfill your order and provide you with a smooth shopping experience. Read more about Shopify’s approach to privacy in its Privacy Policy.

    1.  Communication services providers 

    Zendesk provides us with customer service software, which enables us to handle your inquiries and requests via email, chat, phone and other channels. Thus, when you contact us via any of these channels, some of your information is automatically transferred to Zendesk. The transfer is required to provide you with timely and effective support. Read more about Zendesk’s approach to privacy on their website.

    1. Third Parties: Law Protection and Enforcement Bodies; Attorneys-at-Law.

    Taimi is a place free of any kind of abuse, violence, laws and third-party rights infringement. We designed Taimi as a safe harbor for people to be themselves and express their emotions. We do our utmost to protect our biggest value, sense of security of our users, so we may disclose your data to third parties in the following cases: 

    1. we will cooperate with law enforcement inquiries from within or outside your country of residence where we are required to by law, where there is an investigation into alleged criminal behaviour or to protect the vital interests of a person. We may share any personal data that we hold about you, depending on the nature of the request or the issue that we are dealing with;
    2. we will disclose your data if it’s necessary so as to comply with a judicial proceeding, court order, or legal request of a state body (a law protection or enforcement body). We may share any personal data that we hold about you, depending on the nature of the request or the issue that we are dealing with;
    3. we may also cooperate with all third parties to enforce their intellectual property or other rights in the event we are notified of an offence by one of our users. Still, we will share your data if we receive respective and motivated legal request of such by the third party’s attorney-at-law, proving your violation only. We may share any personal data that we hold about you, depending on the nature of the request or the issue that we are dealing with. Please note, if we find no proof sufficiently established in an inquiry, we will not disclose your data;
    4. society may be cruel at times; wrong words or actions of others may hurt. Still, this is not a reason to harm yourself. Here, at Taimi, we believe that every issue can be fixed, and we are ready to share contact details of our partners who may offer professional help. If we detect suicidal behavior by our users, we may report such a case to the police or professional non-governmental organization, so as to prevent our users from making the biggest mistake of their lives. We may share your name, contact details and geolocation with those bodies;
    5. we may transfer your data to a respective law protection or enforcement body if we detect illegal activity or we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, fraud, or situations involving potential threats to the safety of any person. We may share any personal data that we hold about you, depending on the nature of the violation or the issue that we are dealing with; and finally
    6. we will share your data with our lawyers, a court, arbitrators, or any authorized professional etc. if we detect your conduct is in breach of Taimi’s Terms of Service or any integral parts thereto or in order to protect the rights and property of Taimi, its affiliates, or the public or to comply with legal and regulatory obligations.
  • Taimi’s Approaches toward Children’s Privacy
    •

    The Site is intended for a general audience and not directed to children under thirteen (13) years of age. We do not knowingly collect personal information as defined by the U.S. Children’s Privacy Protection Act (“COPPA”) in a manner that is not permitted by COPPA. If you are a parent or guardian and believe we have collected such information in a manner not permitted by COPPA, please contact us by email at legal@taimi.com and we will remove such data to the extent required by COPPA.

  • Collection of Personal Data
    •

    In this article we explain what data we collect (categories and a full list of data), sources we get your data from, purposes for which the data is used and our legal basis to process your data. Here, we also share some useful data privacy tips with you. 

    For the users who are California residents, you may find more information about the collection of categories of personal information and sensitive personal information in section 8.1-8.2. hereof.  

  • Purposes of Data Processing; Personal Data Collected; Source; Legal Basis:

    •  

    Purpose

    Personal Data Collected

    Source

    to make the Website work properly and provide you with access to it

    IP address; User Agent (CCPA categories A and F)

    we automatically get these from your device

    to reply to your request sent via the Website (or directly via email)

    Name; email address; IP address; your message, including any data you decided to share with us ( CCPA categories A, B and H);

    we receive this data from you

    to process your requests and claims 

    name; email address; IP address; your message, including any data you decided to share with us (CCPA categories A, B and H)

    we receive this data from you

    to prevent, detect and fight fraud or other illegal or unauthorized activities

    your photos; driver’s license, passport data; phone number, email address; any data that we hold about you, depending on the issue that we are dealing with (CCPA categories A-D, F, G, and I)

    we may get data from you

    to ensure legal compliance with our policies, laws; exercise our rights; assist law protection and enforcement bodies

    any data that we hold about you, depending on the issue that we are dealing with (CCPA categories A, B, D, F, G, and I)

    we may get data from you, third parties or automatically collect them from your device

    to carry out anti-fraud and anti-spam procedures

    name; email address; phone number; IP address and IP session information; username; cardholder name; payments received; type of payment; user ID; (CCPA categories A, B)

    you provide this information to us and we automatically collect it from your device (IP address and IP session information, user agent ID, location, user ID)

    to process and fulfill your orders

    name; email address; phone number; IP address

    (CCPA categories A, B, F, G, and K)

    you provide this information to us

     

    to commercial notifications

    name; email address 

    (CCPA categories A, B)

    you provide this information to us

     

  • Duration and Location of Processing; Cross-Border Data Transfer
    •
  • Retention. Taimi is committed to processing your personal data while they are actually useful and necessary to offer you a quality service through their processing. Therefore, Taimi will make all reasonable and timely efforts to minimize the processing and retention time for your personal data.

    • Even if you request the erasure of your personal data, Taimi will have the right to store and retain them for the time necessary to comply with the legal obligations that apply, as well as to make them available to the competent authorities in the different matters that are applicable.

    Generally, we delete or anonymize your information, including sensitive information indicated for California Residents, upon the termination of your profile in the Taimi app or within two years. 

  • Location of Servers. Our servers are based in the USA and EU, so your data may be processed and hosted outside the EU. We inform you that we use EU servers to collect and process EU and UK residents’ data and we use USA servers to collect and process data of users from the rest of the countries. 
  • Cookies and similar tracking technologies
    •

    The types of cookies and other tracking technologies are placed by Shopify on the website that you are visiting. Please see more details in this Cookie Policy

  • Your Data Privacy Rights
    •

    Being a data subject, you have the following rights:

    1. a right to request access to your data: you can ask us what personal information of yours is being processed, as well as for clarifications on the information described above, i.e. purpose of collecting and processing, period of processing, third parties that have access to information. To exercise this right, please contact us at support@taimi.com. Please find more details in section 11 hereof; 
    2. a right to request us to rectify your personal information: you can ask all the inaccurate personal information concerning you been corrected. You can also complete the personal information if you feel there is a need to do so. To exercise this right, please contact us at support@taimi.com or use a specific area of your profile. Additionally, we are happy to note that there is the alternative way to amend your data. You control your Taimi profile, so are able to correct or update (other than your mobile number and location (the latter is automatically updated)) your information at any time by just logging in to Taimi and using the respective settings; 
    3. a right to request us to erase personal information: you can request us to erase such data in the following circumstances: (i) where you believe it is no longer necessary for us to hold that personal data, (ii) where we process it on the basis of your consent and you wish to withdraw your consent, (iii) where we process your personal data on the basis of our legitimate interest and you object to such processing, (iv) where you no longer wish us to use your personal data to solicit you commercially, or (v) where you believe that we are unlawfully processing your personal data. In most cases we will erase it ourselves, unless otherwise required by legislation. To exercise this right, please contact us at support@taimi.com;
    4. a right to withdraw your consent for the collection and processing of your data by us: you can revoke your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. To exercise the right, please contact us at support@taimi.com;
    5. The right to give post-mortem instructions: you have the right to set out instructions for the retention, deletion and disclosure of your data after your death.
  • Notice to California Residents 
    •

    This Section here applies to California consumers only. This section also provides additional details about how we process personal data of California consumers and the rights available to them under the California Consumer Privacy Act of 2018, Cal. Civ. Code §§ 1798.100–1798.199, the California Privacy Rights Act and the associated regulations (collectively, the “CPPA”).

  • Categories of Personal Data. For the users who are California residents, you may find the categories of personal information Taimi collects and the business purposes and the sources for which your personal information is collected in section 4.1 hereof. You also may find a data on categories of your personal data from a statutory list set forth under the CCPA that we may collect:
    1. identifiers such as a real name, alias, unique personal identifier, online identifier, internet protocol address, email address, account name, driver’s license number, passport number or other similar identifiers (CCPA category A);
    2. personal information, as defined in the California customer records law, such as name, physical characteristics or description, telephone number, passport number, driver’s license or state identification card number, education, employment, bank account number, credit card number, debit card number, or any other financial information, medical information (CCPA category B);
    3. characteristics of protected classifications under California or federal law (if you choose to provide them), such as age, gender identity, sexual orientation, race, religion, political views (CCPA category C);
    4. commercial information, including records of products or services purchased or other purchasing or consuming histories or tendencies (CCPA category D); 
    5. internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement (CCPA category F);
    6. geolocation data, such as mobile device location (CCPA category G);
    7. audio, electronic, visual and similar information, such as photos and videos (CCPA category H);
    8. professional or employment-related information (CCPA category I);
    9. inferences drawn from any of the personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics or a summary of these characteristics (CCPA category K).
  • Sensitive personal information. In addition to the collection of personal data listed in section 4.1.. You also may find the categories of your sensitive personal information under the CPPA and the business purposes for which such information is collected. 

    • Categories of sensitive information collected 

    Purpose

    email 

    to process your requests and claims; to send commercial messages 

     

  • Selling/Sharing of your personal information. The definition of “sale” under CPPA is broad and covers many common business activities, even when the personal Information is not exchanged for money.  Taimi does not sell personal information for monetary consideration; however, we may share certain personal information with third parties under circumstances which might be deemed a “sale” or “share” under CPPA for “interest-based advertising” or “cross-context behavioral advertising.” In other words, Taimi may share your personal information with a third party to help serve you with personalized content or ads that may be more relevant to your interests, and to perform other advertising-related services.  

    •  We disclose your personal information, including sensitive information, with processors, service providers and contractors indicated hereof for business purposes that it is not defined as a “sale” or “share” under CPPA. We enter a contract with them that describes the purpose and requires the recipient to both keep that personal Information, including sensitive personal information, confidential and not use it for any purpose except as described in the contract.

  • Your rights. For the users who are California residents, you have the following rights in addition to those listed in section 7 above. 
    1. The right to know what personal information is being collected and the right to know what personal information is sold or shared. You have the right to request, twice within a 12-month period, the following information about the data we have collected about you during the past 12 months: 
    1. The categories of personal information Taimi has collected about you.
    2. The categories of sources from which the personal information is collected.
    3. The business or commercial purpose for collecting, selling, or sharing personal information.
    4. The categories of personal information that Taimi sold or shared about you and the categories of third parties to whom the personal information was sold or shared, by category or categories of personal information for each category of third parties to whom the personal information was sold or shared. 
    5. The categories of third parties to whom Taimi discloses personal information.
    6. The specific pieces of personal information it has collected about that consumer. 
    1. The right to delete your personal information or correct inaccurate personal information. You may request Taimi to delete any personal information about you that Taimi has collected. You also have the right to request Taimi to correct inaccurate personal information about you, taking into account the nature of the personal information and the purposes of the processing of the personal information.
  • How to Submit a Request. To submit a request for information required to be disclosed and a request for deletion or correction, please contact us by email at support@taimi.com or go through our website at this available link https://taimi.com/support  

    • Right to limit the use of your sensitive personal information. You may direct Taimi, that collects your sensitive personal information indicated in section 8.2. hereof, to limit the use or disclosure to that use which is necessary to perform the Services.  

    If you choose to exercise any of your privacy rights under the CPPA, you have the right not to receive discriminatory treatment by Taimi.

    You are always welcome to request “.pdf” copy of this Policy or any other integral part of Taimi’s Terms of Use (as well as Taimi’s Terms of Use themselves); just let us know by sending your request to support@taimi.com. 

    To help protect your privacy and maintain security, we take steps to verify your identity before granting you access to your data or complying with your request. If requests from a consumer are manifestly unfounded or excessive, in particular because of their repetitive character, we may either charge a reasonable fee, taking into account the administrative costs of providing the information or communication or taking the action requested, or refuse to act on the request and notify you the reason for refusing the request. 

    You may also use an authorized agent to submit your request. If you do, we may ask for evidence that you have provided the agent valid power of attorney or other written permission to submit requests on your behalf, and we may also take steps to verify your identity. Owing to a sensitive nature of your data, we reserve the right to reject, at any time, requests concerning your data submitted by any third party.

  • Notice to Virginia Residents 
    •

    Consumers residing in Virginia are afforded certain additional rights with respect to their personal information under the Virginia Consumer Data Protection Act (VCDPA). If you are a Virginia resident, this section applies to you. 

  • Our collection and use of personal information. You may find the categories of personal information Taimi collects and the purposes and sources for which your personal information is collected in section 4.1. hereof.
  • Exercising your consumer rights: You have the right to request (1) to confirm whether or not a controller is processing the consumer's personal data and to access such personal data; (2) To correct inaccuracies in the consumer's personal data, taking into account the nature of the personal data and the purposes of the processing of the consumer's personal data; (3) To delete personal data provided by or obtained about the consumer; (4) To obtain a copy of the consumer's personal data that the consumer previously provided to the controller in a portable and, to the extent technically feasible, readily usable format that allows the consumer to transmit the data to another controller without hindrance, where the processing is carried out by automated means; (5) to opt out of the processing of the personal data for purposes of targeted advertising.

    • You may exercise your rights by contacting us at support@taimi.com. See more details in section 10 below. We will not discriminate against you if you exercise your rights under the VCDPA. You may contact us at support@taimi.com if you want to appeal Taimi`s refusal to take action on your request. The appeal process is conspicuously available and similar to the process for submitting requests. Taimi will have 60 days of receipt of an appeal to inform you in writing of any action taken or not taken in response to the appeal. If the appeal is denied, you may contact the Attorney General to submit a complaint.

  • Sale of personal information. We do not sell your personal information. We do not exchange your personal data for monetary consideration with third parties, so no opt-out choice is necessary for that.
  • Data Subjects’ Access and Erasure Requests
    •
  • Method for Submitting Requests. If you are a California or Virginia consumer, you may exercise your privacy rights under sections 8 or 9. 
  • Timeframes. In the event you submit your request to us, we will act as follows: 
    1. within 10 business days following confirmation of receipt of your letter, we shall request that you provide us with relevant data for a verification procedure;
    2. if you are a California or Virginia consumer, we will have 45 calendar days following the date of your request to process your request. In the event of your failure to pass the verification process within 45 calendar days, we may deny your request or prolong the term of processing up to an additional 45 calendar days; please be sure that we will notify you about our decision;

    We regularly monitor our systems for possible vulnerabilities and attacks and review our information collection, storage, and processing practices to update our physical, technical, and organizational security measures.

    TO THE MAXIMUM EXTENT ALLOWED BY APPLICABLE LAW, WE EXPRESSLY DISCLAIM ANY REPRESENTATION OR WARRANTY, WHETHER EXPRESS OR IMPLIED, WITH RESPECT TO ANY BREACHES OF SECURITY, DAMAGE TO YOUR DEVICE, OR ANY LOSS OR UNAUTHORISED USE OF YOUR REGISTRATION INFORMATION OR OTHER DATA.

    We would be glad to hear from you. If you have any questions regarding this Policy, please contact us at support@taimi.com or legal@taimi.com.