Last updated: May 2026
Owner and Data Controller: TimerPulse – a part of XNA Creatives LLP
Address: Bangalore, India
Contact: support@timerpulse.com
TimerPulse (“we”, “us”, “our”) is committed to protecting your privacy. This policy explains what we collect, why we collect it, and your rights.
Data we collect
- Account data: email address, hashed password, account role, and account timestamps.
- Campaign data: campaign names, timer settings, URLs, and styling/configuration values you create.
- Operational data: logs and diagnostics needed for reliability, security, and abuse prevention.
- Billing/access status: payment-related status flags and order references from provider webhooks.
- Support/contact data: name, email, subject, and message when you contact support.
Data persisted on our systems
For transparency, these categories are stored in TimerPulse databases (and related hosting backups) during normal operation:
- Customer accounts: email address; password (only as a one-way hash); optional display name and billing notes you enter; plan and paid-access flags; login session tokens; encrypted API credentials when you connect Kit, MailerLite, or Birdsend.
- Campaigns: names, timer settings, destination URLs, embed configuration, and styling values you save in the dashboard.
- Timer activity: per-subscriber identifiers supplied by your email platform (for example a contact id or merge token output). Depending on your ESP merge tags, this value may sometimes be an email-like string; we use it only to tie each countdown to a subscriber session.
- Billing pre-registration: if you pay before creating an account, your purchase email may be stored temporarily so access activates when you register.
- Password reset: single-use random tokens until they expire; we never store plaintext passwords.
- Contact form: submissions are sent by email to our support inbox; they are not written to the application database by default.
What we do not collect
- Full payment card data or other complete payment instrument details (payment is handled by third-party order/payment providers).
- Sensitive personal categories (for example health, biometric, or government ID data) for normal use.
- Subscriber names/emails by default for timer operation.
How we use data
- Provide authentication and account access.
- Operate TimerPulse features (timers, links, redirects, analytics views).
- Process account activation/payment state updates.
- Respond to support requests and service communications.
- Protect the service and comply with legal obligations.
Cookies and similar technologies
We use essential cookies for login and security: an httpOnly session cookie, a CSRF cookie, and (where applicable) similar mechanisms. We may also use analytics cookies where enabled and legally permitted. You can manage cookies in your browser settings.
Legal basis (GDPR)
Where GDPR applies, we rely on contract performance, legitimate interests, consent (where required), and legal obligation.
Third parties
We use trusted third-party providers to operate the service, including hosting infrastructure, order/payment processing, and transactional email delivery. These providers may store and process relevant personal data on our behalf in accordance with their own policies and legal obligations. We do not process card details directly and do not sell personal data for monetary value.
Data retention
We retain personal data only as long as needed for service delivery, security, legal compliance, and legitimate business purposes, then delete or anonymize it when no longer needed.
Your privacy rights
Depending on your location, you may have rights to access, correct, delete, restrict, or object to processing, and data portability rights. California residents may have additional CCPA/CPRA rights. To exercise rights, email support@timerpulse.com.
Children’s privacy (COPPA)
Our services are not directed to children under 13 and we do not knowingly collect personal data from children under 13.
CalOPPA and Do Not Track
Users can visit our public pages without creating an account. At this time, our services may not uniformly respond to all browser “Do Not Track” signals.
Security
We use reasonable technical and organizational safeguards, but no transmission or storage method is 100% secure.
Changes to this policy
We may update this policy from time to time. Material updates will be reflected by changing the “Last updated” date.
Contact us
If you have privacy questions, contact support@timerpulse.com.
