Privacy Policy for Time-Out Zone

Effective Date: August 1, 2025

Last Updated: August 1, 2025

1. Introduction

Welcome to Time-Out Zone ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application.

By using Time-Out Zone, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Personal Information You Provide:

  • Email address - for account creation and communication
  • First name and last name - to personalize your experience
  • Payment information - processed securely through Stripe (we do not store payment card details)

Automatically Collected Information:

  • Usage data - how you interact with our application
  • Device information - browser type, operating system, IP address
  • Cookies - to enhance user experience and maintain sessions

3. How We Use Your Information and Our Legal Basis for Processing

We use the information we collect for the following purposes and on the following legal bases:

  • To create and manage your account: We process your name and email address to fulfill our service agreement with you.
    Legal Basis (GDPR): Performance of a contract.
  • To process payments and transactions: We use your payment information to process transactions as part of our service.
    Legal Basis (GDPR): Performance of a contract.
  • To send transactional and service-related emails: This includes account updates, receipts, and important notifications necessary for using our service.
    Legal Basis (GDPR): Performance of a contract.
  • To improve our services and user experience: We analyze usage and device data to understand how our users interact with our application so we can improve it.
    Legal Basis (GDPR): Legitimate interest (to improve and develop our services).
  • To provide customer support: We use your information to respond to your inquiries and resolve any issues.
    Legal Basis (GDPR): Performance of a contract and legitimate interest (to provide a high-quality service).
  • To comply with legal obligations: We may need to process your information to comply with legal and regulatory requirements.
    Legal Basis (GDPR): Compliance with a legal obligation.

4. Third-Party Service Providers

We share your information with trusted third-party service providers who assist us in operating our application:

  • Vercel - Application hosting and infrastructure
  • Supabase - Database hosting and authentication
  • Stripe - Payment processing (Stripe Privacy Policy)
  • SendGrid (Twilio) - Email delivery service (SendGrid Privacy Policy)
  • Bank Transfer Processors - For alternative payment methods

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. If you close your account, we will delete or anonymize your data within 30 days, except where we are required to retain it for legal or regulatory purposes.

6. Your Privacy Rights

Depending on your location, you may have the following rights:

GDPR Rights (EU Users):

  • Access - Request a copy of your personal data
  • Rectification - Correct inaccurate or incomplete data
  • Erasure - Request deletion of your data ("right to be forgotten")
  • Data Portability - Receive your data in a machine-readable format
  • Withdraw Consent - Opt-out of marketing communications at any time

CCPA Rights (California Users):

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we do not sell your data)

CalOPPA Rights (California Users):

  • You have the right to request information about how we share your personal information with third parties

To exercise any of these rights, please contact us at privacy@time-out.zone

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Keep you logged in
  • Remember your preferences
  • Analyze usage patterns
  • Improve security

You can control cookies through your browser settings, but disabling cookies may affect your ability to use certain features.

Do Not Track Signals

California law requires us to let you know how we respond to Do Not Track (DNT) signals. Because there is currently no industry or legal standard for recognizing or honoring DNT signals, we do not respond to them at this time. We will continue to monitor developments around DNT browser technology and the implementation of a standard.

8. Email Communications

We use SendGrid (a Twilio service) to send you:

  • Account verification emails
  • Password reset notifications
  • Transaction receipts
  • Important service updates

You can opt-out of non-essential emails by clicking "unsubscribe" in any email or by contacting us.

9. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit (HTTPS/SSL)
  • Encryption of sensitive data at rest
  • Secure authentication protocols
  • Regular security audits

However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

10. Children's Privacy

Time-Out Zone is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

COPPA Compliance: We comply with the Children's Online Privacy Protection Act and do not collect information from children under 13.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure that appropriate safeguards are in place to protect your data in accordance with applicable laws, including:

  • EU-U.S. Data Privacy Framework
  • Standard Contractual Clauses (SCCs)
  • Adequate data protection mechanisms

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending you an email notification (for material changes)

Your continued use of Time-Out Zone after changes become effective constitutes your acceptance of the revised policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

  • Email: privacy@time-out.zone
  • Company: Epsilion, LLC
  • Address: 254 Chapman Rd Ste 208, Newark, DE 19702, United States

14. Legal Compliance

This Privacy Policy complies with:

  • GDPR (General Data Protection Regulation - EU)
  • CCPA (California Consumer Privacy Act)
  • CalOPPA (California Online Privacy Protection Act)
  • COPPA (Children's Online Privacy Protection Act)

By using Time-Out Zone, you acknowledge that you have read and understood this Privacy Policy.