Privacy Policy


1. Introduction

With the operation of our website (hereinafter referred to as "website") I process personal data. These are treated confidentially and processed in accordance with the applicable laws - in particular the Basic Data Protection Ordinance (DSGVO) and the Federal Data Protection Act (BDSG-neu) in Germany. With these data protection regulations I want to inform you what personal data I collect from you, for what purposes and on what legal basis I use it and, if necessary, to whom I disclose it. I will also explain to you what rights you have to protect and enforce your privacy.

2. Terms

The data protection regulations contain technical terms which are new in the DSGVO and the BDSG. For your better understanding I will explain these terms in simple words in advance:

2.1. Personal Data

"Personal data" means all information relating to an identified or identifiable person (Art. 4 No. 1 DSGVO). Details of an identified person can be e.g. the name or the e-mail address. However, personal data is also data for which the identity is not immediately obvious, but which can be determined by combining one's own or third-party information and thus finding out who it is. For example, a person can be identified by providing his or her address or bank details, date of birth or user name, IP addresses and/or location data. Relevant is any information that in any way allows an inference to a person.

2.2 Processing

Art. 4 No. 2 DSGVO defines "processing" as any process in connection with personal data. This applies in particular to the collection, collection, organization, arrangement, storage, adaptation or modification, reading, querying, use, disclosure, transmission, dissemination or any other form of provision, comparison or linking, restriction, deletion or destruction of personal data.


3. Person in charge

Responsible for data processing:

Name: Unit Numberfive oHG
Address: Brehmweg 3, 22527 Hamburg, Germany
Phone: +49(0) 40 22861177
E-mail: support [at] tyme-app [dot] com


4. Web page

Within the framework of the website with the URL I process the personal data of you listed in detail in paragraph 5-6 below. I only process your data that you actively provide on the website (e.g. by filling in forms) or that you make available automatically when using our services. Your data will only be processed by me and will not be sold, lent or passed on to third parties. If I use the help of external service providers for the processing of your personal data, this is done within the scope of a so-called order processing, in which I am authorized to instruct our contractors as the customer. For hosting the website I use the external service provider "Host Europe" with the data center in Strasbourg. For more information about the data center and its security standards, please visit

If any of the processing operations listed in paragraphs 5-6 involve the use of other external service providers, they shall be designated therein.

A data transfer to third countries does not take place in principle and is also not planned. I will inform you about exceptions to this principle in the following processing steps.


5. Provision of the website and server log files

5.1 Description of processing

Every time you visit the website, I automatically collect information that your browser transmits to my server. These are also stored in the so-called log files of our system. This is the following data:

  • the browser software you use, as well as its version and language
  • the operating system you are using
  • the website from which you accessed the website (so-called referrer)
  • the sub-pages you visit on our website
  • the date and time of your visit to our website
  • Your Internet Service Provider
  • Amount of data transferred
  • Country and place from where you visited my website
  • Your length of stay on my website

5.2 Purpose

The data is processed to enable the website to be accessed and to ensure its stability and security. Furthermore, the processing serves the statistical evaluation and improvement of my online offer.

The processing is necessary to protect the overriding legitimate interests of the person responsible (Art. 6 para. 1 lit. f DSGVO). My legitimate interest lies in the purpose stated in paragraph 5.2.

5.4 Storage time

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. The log files are deleted after 30 days.

6. Contact form and contact by e-mail

6.1 Description of processing

To contact me I have provided a contact form on my website. In this form you will be asked to enter your e-mail address, your name and a message to me. If you press the "Submit" button, the data will be transmitted to me using SSL encryption (see paragraph 7). The contact form can only be submitted if you accept this data protection policy by clicking the corresponding checkbox. You can also contact me via the e-mail addresses given on the website. In this case, the user's personal data transmitted by e-mail will be processed by me.

6.2 Purpose

By providing a contact form on the website I would like to offer you a convenient way to get in touch with me. The data transmitted with and in the contact form or your e-mail will be used exclusively for the purpose of processing and responding to your request.

The processing is necessary to protect the overriding legitimate interests of the person responsible (Art. 6 para. 1 lit. f DSGVO). My legitimate interest lies in the purpose stated in paragraph 6.2. If the e-mail contact is aimed at the conclusion or fulfilment of a contract, the data will be processed for the fulfilment of the contract (Art. 6 para. 1 lit. b DSGVO).

6.4 Storage time

I will delete the data as soon as they are no longer necessary to achieve the purpose of their collection. This is usually the case when the respective communication with you is finished. Communication is terminated when it can be inferred from the circumstances that your request has been finally clarified. If statutory retention periods prevent deletion, the data will be deleted immediately after the statutory retention period has expired.

7 Tracking-Services

7.1 Description of processing


The TYME-Website uses the usage analysis service "Matomo" ( which is installed on our own servers (see 4.). Via Matomo I can define individual subpages or menu items of our website with so-called "custom events" and collect and evaluate the interaction of the website users with these custom events. With Matomo, I collect usage actions (e.g. clicking on a menu item), as well as the device type, operating system version, and date of the event and send them to our servers. Matomo is used by me exclusively without recording your IP address. Further information on data protection at can be found here: Matomo uses cookies. Cookies are text files that are stored on a computer system via an Internet browser. By means of a cookie, the information and offers on our website can be optimized in terms of the user. Which cookies Matomo stores and for what purpose can be read directly here: You can prevent the setting of cookies by our website at any time by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies.

Google Tag Manager

The TYME website uses the service called Google Tag Manager by Google. "Google" is a group of companies and consists of Google Ireland Ltd (provider of the service), Gordon House, Barrow Street, Dublin 4, Ireland as well as Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and other affiliates of Google LLC. We have concluded an order processing agreement with Google. The Google Tag Manager is an auxiliary service and processes personal data itself only for technically necessary purposes. The Google Tag Manager takes care of loading other components, which in turn may collect data. The Google Tag Manager does not access this data. For more information on the Google Tag Manager, please refer to Google's privacy policy. Please note that American authorities, such as intelligence agencies, could potentially gain access to personal data that is inevitably exchanged with Google due to the Internet Protocol (TCP) when this service is integrated, due to American laws such as the Cloud Act.

Furthermore, cookies that have already been set can be deleted at any time using an Internet browser or other software programs. This is possible in all common Internet browsers. If you deactivate the setting of cookies in the Internet browser used, it may not be possible to fully use all the functions of our website.

7.2 Purpose

The processing takes place in order to evaluate the use of our website. The information obtained in this way serves to improve and further develop our website.

Processing is necessary to safeguard the overriding legitimate interests of the data controller (Art. 6 para. 1 lit. f DSGVO). My legitimate interest lies in the purpose specified in Clause 11.2.

7.4 Recipients and transmission to third countries

Through the use of Matomo, no personal data is transmitted to our servers or third countries.

8 Newsletter

You can optionally subscribe to our newsletter. The registration is optional and has no influence on the functionality of the website.

8.1 Description of processing

We use the service EmailOctopus to send the newsletters. EmailOctopus is a company based in England. The servers on which EmailOctopus stores the data are located in the EU. EmailOctopus is fully compliant with the GDPR. For details, please see the following page EmailOctopus GDPR.

8.2 Purpose

In order to send you news about the TYME app via a newsletter, your email address is required.

The processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). This is given with the activation of the newsletter registration (double opt in). Your consent is optional.

8.4 Storage period and right of objection

You can object to data processing by EmailOctopus at any time by unsubscribing via the unsubscribe link in a newsletter or by sending us an email.


9. Security measures

To protect your personal data from unauthorized access, I have provided the website with an SSL or TLS certificate. SSL stands for "Secure Sockets Layer" and TLS for "Transport Layer Security" and encrypts the communication of data between a website and the user's end device. You can recognize the active SSL or TLS encryption by a small lock logo that is displayed on the far left of the browser's address bar.


10. Rights of the persons concerned

With regard to the data processing described above, you are entitled to the following rights of data subjects:

10.1 Information (Art. 15 DSGVO)

You have the right to ask me to confirm whether I am processing personal data concerning you. If this is the case, you have a right to information on this personal data and on the detailed information listed in Art. 15 DSGVO under the conditions specified in Art. 15 DSGVO.

10.2 Correction (Art. 16 DSGVO)

You have the right to request me immediately to correct any incorrect personal data concerning you and, if necessary, to complete incomplete personal data.

10.3 Deletion (Art. 17 DSGVO)

You have the right to request me to delete personal data relating to you immediately if one of the reasons listed in Art. 17 DSGVO applies in detail, e.g. if your data is no longer required for the purposes I pursue.

10.4 Limitation of data processing (Art. 18 DSGVO)

You have the right to request me to restrict the processing if one of the conditions listed in Art. 18 DSGVO is met, e.g. if you dispute the accuracy of your personal data, data processing will be restricted for the duration that enables us to check the accuracy of your data.

10.5 Data transferability (Art. 20 DSGVO)

You have the right, under the conditions set out in Art. 20 DSGVO, to demand the publication of the data concerning you in a structured, common and machine-readable format.

10.6 Revocation of consents (Art. 7 para. 3 DSGVO)

You have the right to revoke your consent at any time in the case of processing based on a consent. The revocation is valid from the time of its assertion. In other words, it works for the future. The processing does not become retroactively illegal by the revocation of the consent.

10.7 Complaint (Art. 77 DSGVO)

If you believe that the processing of personal data concerning you violates the DSGVO, you have the right of appeal to a supervisory authority. They may exercise this right before a supervisory authority in the EU Member State of their place of residence, of work or of the place where the alleged infringement is alleged.

10.8 Prohibition of automated decisions/ profiling (Art. 22 DSGVO)

Decisions that have legal consequences for you or significantly affect you must not be based solely on automated processing of personal data, including profiling. I hereby inform you that I do not use automated decision making including profiling with regard to your personal data.

10.9 Opposition (Art. 21 DSGVO)

If I process your personal data on the basis of Art. 6 para. 1 lit. f DSGVO (to protect overriding legitimate interests), you have the right to object to this under the conditions set out in Art. 21 DSGVO. However, this only applies if there are reasons arising from your particular situation. After an objection, I will no longer process your personal data unless I can prove compelling reasons worthy of protection for the processing, which outweigh your interests, rights and freedoms. I also do not have to stop the processing if it serves to assert, exercise or defend legal claims. In any case - regardless of a particular situation - you have the right to object at any time to the processing of your personal data for direct advertising.

Last updated: August 2022