Privacy Policy

Laendletech AI Solutions FlexCo
Vorarlberg, Austria
Email: info@laendletech.at

When you use Timora, we may collect the following categories of personal data:

• Account data you provide: name, email address, phone/WhatsApp number, password (hashed)
• Google account data obtained via OAuth: name, email address, and calendar data (event titles, times, attendees) from Google Calendar — only with your explicit consent
• Appointment and booking data: services, dates, times, staff assignments
• WhatsApp messages exchanged with the Timora booking assistant
• Technical data: IP address, browser type, device info, access logs

We use your data solely to provide, maintain, and improve Timora's user-facing functionality:

• Processing and managing appointment bookings
• Synchronising appointments with your Google Calendar or Microsoft Outlook
• Sending automated booking confirmations and reminders via WhatsApp
• Operating the AI booking assistant to understand and respond to customer requests
• Displaying booking analytics in your dashboard

We do not use Google user data for advertising, profiling, retargeting, data brokering, credit assessment, or training AI models unrelated to Timora's functionality.

We share Google user data only with the following categories of service providers, and only to the extent necessary to provide or improve Timora's user-facing functionality:

• Cloud and hosting providers — for secure infrastructure and application hosting
• AI service providers — to process booking requests on our behalf
• Logging and monitoring providers — for error tracking and service reliability
• Public authorities — only where legally required

We do not sell, rent, or trade Google user data. We do not share Google user data for advertising, profiling, data brokering, or any purpose other than providing or improving Timora.

All third-party providers are contractually bound by data processing agreements (DPAs) that limit their use of personal data to the purposes specified by us and require them to implement appropriate security measures.

We implement the following technical and organizational measures to protect the confidentiality, integrity, and availability of your data — including Google user data:

• Encryption — all data is encrypted in transit (TLS) and at rest.
• Access controls — production access is restricted to authorized personnel using role-based permissions and multi-factor authentication.
• Audit logging — security-relevant events are logged and monitored.
• Data retention and deletion — personal data is kept only as long as necessary; you may request deletion at any time via info@laendletech.at.
• Data Processing Agreements — all sub-processors are bound by GDPR-compliant contracts.
• Incident response — we maintain procedures to detect, investigate, and report data breaches within GDPR timeframes.

• Consent (Art. 6(1)(a) GDPR) — For accessing your Google Calendar via OAuth. You can revoke consent at any time by disconnecting Google Calendar in your Timora settings or via your Google Account permissions.
• Contract performance (Art. 6(1)(b) GDPR) — For processing bookings, managing your account, and providing the Timora service.
• Legitimate interest (Art. 6(1)(f) GDPR) — For security monitoring, fraud prevention, and service improvement.

Under the GDPR, you have the following rights regarding your personal data:

• Right of access (Art. 15)
• Right to rectification (Art. 16)
• Right to erasure (Art. 17)
• Right to restriction of processing (Art. 18)
• Right to data portability (Art. 20)
• Right to object (Art. 21)
• Right to withdraw consent at any time (Art. 7(3))

To exercise any of these rights, please contact us at info@laendletech.at. You also have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehoerde, dsb.gv.at).

Timora's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date. If we change how we use Google user data, we will notify affected users before the change takes effect.

If you have questions about this privacy policy or how we handle your data, please contact:

Laendletech AI Solutions FlexCo
Email: info@laendletech.at

For additional legal information about Laendletech AI Solutions FlexCo, see laendletech.at/datenschutz