SUBSCRIBE
  • 0

    No products in the cart.

Home » Privacy Policy

Privacy Policy

by Darry Chin

Name and contact details of the controller responsible for processing and the company data protection officer

This Data Protection Policy applies to data processing by:

Controller: TIMEZONE365 PTE LTD (hereinafter “timezone365”)
71 UBI ROAD 1 OXLEY BIZHUB #08-34 SINGAPORE 408732

Attn: Data Protection Department,
E-mail: admin@timezone365.com
Phone: (+65)88900622

The data protection officer of timezone365 is contactable at the above address.

Collection and storage of personal data and the nature and purpose of its use

When visiting the website

When you visit timezone365.com, the browser you are using on your device automatically sends information to the server for our website. This information is temporarily stored in a log file. The following information is automatically collected and subsequently automatically deleted after a period of 20 weeks:

  • the IP address of the querying computer
  • the date and time of access
  • the name and URL of the retrieved file
  • the website from which access is occurring (referrer URL),
  • the session ID
  • the user agent
  • the browser used and in some cases the operating system of your computer and the name of your access provider.

We process the aforementioned data for the following purposes:

  • to ensure a trouble-free connection with the website
  • to ensure convenient use of our website and optimize our platform
  • to monitor and ensure system security and stability.
  • to detect and prevent attacks on our website, and
  • for other internal statistical and administrative purposes.

We never use collected data to reference you as a person. In the event of an attack on our network infrastructure, however, your IP address will be identified in order to assert or defend against legal claims.

We process data according to our legitimate interests in line with the General Data Protection Regulation (GDPR). Our legitimate interests proceed from the data collection purposes specified above. We also use cookies and analytics services when you visit our website. For further details see our  Data Protection Policy.

Registering as a user on our platform

Buyers, private sellers, and commercial merchants can create a user account on our platform. The mandatory data required to set up a user account must be entered in the below detail. This data is processed

  • to identify you as our contract partner
  • to enter into, structure, execute, and amend contracts with you governing the use of our platform and services offered thereupon
  • to assess the plausibility of the data entered
  • to contact you as necessary with any questions, and
  • to assert any claims against you as necessary.

The data specified are processed upon your placement of an inquiry for the purposes outlined above and are required for use of the platform in accordance with GDPR standards, and thus required for the fulfillment of the contract and of pre-contractual actions.

In addition, you must provide your taxpayer ID number if you use our platform to sell items. The legal basis for collecting your taxpayer ID number of GDPR. Our legitimate interest required under this clause is reporting obligations under tax law arising from the Singapore Platform Transparency Act and thus the prevention of administrative offenses. If you are not a reportable seller within the meaning of the Singapore Platform Transparency Act, your taxpayer ID number will be deleted upon expiry of the reporting period, unless you have consented to storage beyond this point in accordance with GDPR. For more information on the processing of your taxpayer ID number, see 3(a).

You may have the option of providing voluntary information/data depending on the type of user account. We process voluntarily provided information/data in accordance with our legitimate interests in line with GDPR. This information/data is used to facilitate contact with you and ensure rapid clarification of any questions.

After deletion of your user account your data are automatically deleted to prevent further use unless, in accordance with GDPR standards, it must be stored for a longer period of time pursuant to retention and documentation requirements under tax or commercial code (HGB, StGB, AO), or if you have consented to storage for a longer period of time in line with GDPR.

i) timezone365 user accounts

The following mandatory data must be entered to register as a user (buyer) and set up a user account:

  • a valid email address
  • a password of your choice.

These constitute the login data for your user account.

You can also provide this voluntary user data:

  • Your first and last name
  • A profile picture
  • Your address (street, postcode, city/town, country)
  • Your phone number.
Private sellers

To place sale offers as a private seller you must first have a user account (see i)). To place a sale offer on the platform you must enter the following data:

  • Your first and last name
  • Your address (street, postcode, city/town, country)
  • Your phone number
  • Your date of birth, as well as
  • Your taxpayer ID number

Registering for the sale via the trustee service

To sell your goods with Stripe, you must first register for the Stripe Service to receive your payment.

By registering for the Escrow Service, you are applying for an escrow account with the payment service provider Mangopay (https://www.mangopay.com/) of Leetchi SA (company seat at 59 Boulevard Royal, L-2449 Luxembourg). This account is then used to process your payouts within the framework of the Escrow Service.

In accordance with anti-money laundering and counter-terrorism finance laws, Leetchi Corp. is obligated to identify every seller on the basis of specified documents and other information.

When registering for the trustee service, the following data and documents are thus collected from you and forwarded to Leetchi Corp. S.A.:

  • Family name, first name, email address, date of birth as well as nationality and country of residence.
  • Information about which bank account should be used for the payments.
  • A copy of a valid official ID document:
    • Your identity card (front and reverse) for everyone, passport for foreigners resident in your country or abroad.
    • Within the EEA: Passport or national ID card or driving license. A residence permit for people from third-party countries.
    • Outside of the EEA: Passport or driving license for the USA and Canada.
Vendors

The following data must be entered to register as a commercial merchant:

  • Your company name
  • A contact person (first and last name)
  • Your address (street, postcode, city/town, country)
  • A phone number
  • A valid email address
  • A username of your choice
  • A password of your choice
  • Your taxpayer ID number(s)
  • Your commercial registration number

The following information is optional:

  • A fax number
  • A cell phone number
  • A website

To activate two-factor authentication for your dealer account, you will receive an email message upon creating your account. This involves sharing your email address to conduct two-factor authentication using the email provided.

The legal basis for the processing of personal data of the GDPR. TIMEZONE365 PTE LTD’s legitimate interests required by this clause are the general improvement of the marketplace’s security and the associated optimization of the transaction process.

We using our in-build email system for conducting this form of two-factor authentication. We have signed a data processing agreement with TIMEZONE365 PTE LTD as laid out in the GDPR. With this agreement, TIMEZONE365 PTE LTD guarantees that they process data on our behalf in accordance with the General Data Protection Regulation and, thus, protect the rights of the data subject.

TIMEZONE365 PTE LTD is located in Singapore. For Singapore citizens, this means the transfer of their phone numbers to a third country. Data transfer to Singapore is permitted since Timezone365 has signed standard data protection clauses as laid out in of the GDPR, thus guaranteeing a sufficient level of data protection of the GDPR. Furthermore, TIMEZONE365 PTE LTD. has implemented additional measures to ensure adherence to an appropriate level of data protection.

By registering as a professional dealer on timezone365, it is possible that we will send you print mail to keep you up to date on the latest watch trends. This involves forwarding the following personal data to the corresponding service provider:

  • Your first and last names
  • Your address

The legal basis for the processing of personal data of the GDPR. TIMEZONE365 PTE LTD’s legitimate interest required by this clause is the implementation of direct mail. This is a legally recognized legitimate interest under the act of the GDPR.

It is also possible to register as a professional dealer via the contact form displayed as an advertisement on Facebook. We use the data you provide us to contact you about registration as a professional dealer on timezone365. If you use the contact form, the following personal data will be processed:

  • Your first and last name
  • Your email address
  • Your business phone number

The legal basis for the processing of personal data is the act of the GDPR. TIMEZONE365 PTE LTD’s legitimate interest required by this clause is the communication stated above.

When contacting you, the data you provide us will be stored in our server, the CRM solution. We have signed a data processing agreement with us. as laid out in the Act of the GDPR. This agreement guarantees that they process data on our behalf in accordance with the General Data Protection Regulation and, thus, protect the rights of the data subject.

TIMEZONE365 PTE LTD. is located in Singapore. For non-Singapore residents, this means the transfer of personal data to a third country. Data transfer to Singapore is permitted since we have signed standard data protection clauses as laid out in the Act of the GDPR, thus guaranteeing a sufficient level of data protection per the Act of the GDPR. Furthermore, TIMEZONE365 PTE LTD. has implemented additional measures to ensure adherence to this level of data protection.

Using the internal chatroom on our platform

As a registered user, you are able to use the internal messenger provided on the website to communicate with us or with a dealer/buyer/private seller on the platform. Registration is required to use the internal messenger on the platform.

When you use our internal messenger on the platform, messages that you send will be scanned and analyzed by us, both automatically and manually. The purpose of doing so is to

  • prevent fraud,
  • detect any illegal activities and violations of our general terms and conditions,
  • and improve our communication and customer services.

The basis for this data processing is our legitimate interests pursuant to the Act of GDPR. The GDPR recognizes data processing for the aforementioned purposes as a legitimate interest.

You can manage messages you have sent and received on your own or submit a request to have them deleted by us. In the event of a fraud attempt, illegal activity, or a violation of our general terms and conditions, we may continue to store any relevant messages based on our legitimate interests pursuant to the Act of GDPR for use as evidence and for establishing, exercising or defending our legal rights, even after you have submitted a deletion

Automated customer profile creation

We create a customer profile for your user account in order for you to use our platform as a registered user/merchant. We categorize your customer profile and supplement it with additional data so that you only receive information likely to be of interest to you. To do so we utilize this data:

  • Your personal information (e.g., your basic profile information);
  • The length of your membership;
  • Statistical information (e.g., the type, frequency, and intensity of your website’s usage); and
  • A history of the listings, brands, and sellers you’ve visited.

We process the aforementioned data for the following purposes:

  • For statistical evaluation
  • For market research
  • To ensure smooth functioning of the platform and to design the platform around user needs
  • To personalize our services, and
  • To deliver advertising to you that is exclusively targeted to your actual or predicted needs so as to eliminate irrelevant advertising.

We process data in accordance with our legitimate interests in line with the Act of GDPR. Data processing for the aforementioned purposes is a recognized legitimate interest in accordance with the GDPR.

You may file an objection to the creation of a user profile and/or the evaluation and personalization of our services or advertising at any time by clicking on this link, in which case processing will be stopped and your user profile will be immediately deleted unless you have consented to longer data retention per Act of GDPR.

You may alternatively file an objection at any time via e-mail.

Using the Stripe Service

A user account is required to initiate and complete purchases from dealers/private sellers with our Stripe Service. Furthermore, you must provide the following information:

  • Your first and last name,
  • your address (street, postcode, city/town, country) and
  • your phone number.

The listed information is processed by us for the following purposes:

  • to check and identify who the dealer/private seller’s contract partner is;
  • to support the justification, content design, and execution of the purchase contracts; and
  • where required to make the necessary contact with you in case of further queries.

In case you request a purchase offer with a dealer/private seller or conclude a purchase contract with the dealer/private seller, we also transfer your personal data to the dealer/private seller for the purposes stated above.

The processing of your aforementioned data takes place upon your request and is required in accordance with the Act of GDPR for the aforementioned purposes for the use of the platform and thus for the fulfillment of the contract and pre-contractual measures.

Registering for our newsletter

We use your e-mail address to send you our personalized regular newsletter if you have expressly consented thereto in accordance with the Act of GDPR. To receive the newsletter it suffices to provide your e-mail address.

To receive more personalized newsletter content you can create a customer profile about you based on your collected personal data. This data relates to personal preferences such as product affinities observed on the basis of orders, interests, purchase decisions, preferred shopping time, etc., and is automatically processed and analyzed so that relevant offers are predicted for you. Profiling may also be performed without consent on the basis of the Act of GDPR given a legitimate interest.

We may also use your e-mail address without your express consent to send you information about similar products of our company if you are an existing customer and have not objected to the use of your e-mail address. Processing for purposes of marketing to existing customers is done on the basis of our legitimate interests in accordance with the Act of GDPR. Processing of your e-mail address for the purpose of direct marketing is a statutorily recognized interest under the GDPR.

In either case, you can unsubscribe at any time, such as via a link at the end of each newsletter.

For the purpose of mailing our newsletter, we use our in-build tool developed by us, 71 UBI ROAD 1 OXLEY BIZHUB #08-34 SINGAPORE 408732. Data is transferred in accordance with the EU Commission’s so-called standard contractual clauses to ensure an adequate level of data protection. And we did not use a third-party service to send our newsletter to you. We will use your email address to send you personalized newsletters with offers, deals, and the latest releases. Once we have your email address, you will receive these newsletters; no other action is needed.

Using our contact form

You can use a form provided on the website to contact us with questions or contact a merchant or private seller. If you wish to ask your question to a merchant or private seller, we forward your contact inquiry to them. For the use of the contact form, the following data is required, without exception:

  • a valid e-mail address and
  • Your specific question or message.

We process the aforementioned data for the following purposes:

  • to identify you
  • to answer your question, and
  • for forwarding to the relevant merchant or private seller as necessary.

Additionally, you can voluntarily provide your name and telephone number to enable quicker contact.

When you use our contact form, we may scan and analyze your message. This is done for fraud prevention purposes and to generally improve communication and customer service.

Data is processed upon placement of your inquiry, and such processing is required for the above purposes to fulfill the contract and pre-contractual actions in accordance with the Act of GDPR. Data from contact inquiries is also processed on the basis of our legitimate interests per the Act of GDPR. These interests proceed from the aforementioned purposes.

Personal data we collect when you use the contact form is automatically deleted upon completion of your inquiry.

When contacting us via WhatsApp

We also offer you the option of contacting us via WhatsApp using a widget, which is visible when you use timezone365 under “You have questions”. To use this service, you must provide the following information:

  • Your cellphone number
  • Your specific question or message

We process the data listed above for the following purposes:

  • to identify you
  • to reply to your message

We may also be able to view your WhatsApp profile image due to your privacy settings.

When you contact us via WhatsApp, we may also scan and analyze your message. We do so to prevent fraud and generally improve communication and customer service.

When you contact us via WhatsApp, your data is processed on the legal basis of the Act of GDPR. Our legitimate interest required to do so is based on facilitating contact and enhancing the effectiveness of our response to your questions and the above-mentioned purposes.

Your messages will be received by a smartphone dedicated to contact with you. Your contact with us will not be saved and any personal data we collect will be deleted manually once your concerns have been addressed.

We use the services of WhatsApp, Inc. for this form of contact. We have concluded an order processing agreement with WhatsApp, Inc. in accordance with the Act of GDPR. This contract guarantees that WhatsApp, Inc. processes the data on our behalf in accordance with the General Data Protection Regulation and protects the rights of the data subject.

Spam Protection

We use Google reCAPTCHA v2, a tool developed by Google, to determine whether interactions on our website are performed by humans or automated machines. This way, we can protect our website from automated spam, spying, and misuse.

In order to do this, Google automatically selects from a set of browser challenges based on telemetry and user behavior during a session on our website. This data includes but is not limited to the following:

  • Your IP address
  • Information about your system configurations
  • Information about your operating system
  • Your device settings (e.g., language and browser settings, header, user agent)

Furthermore, Google uses private access tokens for the same purpose. These tokens are provided by device manufacturers and help Google confirm whether visitors to our website are indeed human. This means that data can be verified without being captured again by Google.

If Google’s purely data-driven analysis does not produce clear results, the website visitor is prompted to perform another action (e.g., Check Box). This interaction serves as a final check in determining whether a website visitor is human.

Google. does not process the data for its own purposes. Furthermore, cookies, which are used to collect or store information, are neither set nor searched for in the course of the analysis.

The processing of personal data within the context of our spam protection procedure through the use of Google is lawful pursuant to the Act of GDPR. The legitimate interest required thereunder ensues from the abovementioned purpose(s) and the general increase in the security of the marketplace associated with this procedure.

For more information, please read Google’s data privacy policy.

Virtual Meeting Platforms

Zoom

To conduct interviews for our user studies, we use the Zoom software from Zoom Video Communications, Inc. (55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA). We use Zoom to communicate with timezone365 users and sellers who have agreed to participate in our research. When you use Zoom, different types of data are processed, and the scope of the data depends on the information you provide before and during your participation in the Zoom meeting. Ultimately, the following personal data may be subject to processing:

  • Display Name
  • Email address
  • Profile picture
  • Meeting metadata (date, time, meeting ID, and device and hardware information)
  • Participant’s IP address
  • Text, audio, and video data

For the duration of the Zoom meeting, data from the microphone and video camera on your device is processed to enable video display and audio playback. However, you can turn off the camera or mute the microphone yourself at any time in the Zoom application.

You can also dial into Zoom meetings using a phone. In this case, the following personal data will also be processed:

  • Phone number
  • Country
  • Other connection data, e.g., IP address of the device used, if applicable

The legal basis for the processing of personal data is the Act of the GDPR. Our legitimate interest required by this clause lies in efficiently conducting virtual meetings as part of our user studies.

If you have provided your consent on the basis of the Act of the GDPR, we will record the Zoom meeting. In this case, an MP4 file of all video, audio, and presentation recordings; an M4A file of all audio recordings; and a text file of the Zoom meeting chat will be stored internally on our servers in order to evaluate the user study.

We have signed a data processing agreement with Zoom Video Communications, Inc. as laid out in Act of the GDPR. With this agreement, Zoom Video Communications, Inc. guarantees that they process data in accordance with the General Data Protection Regulation and protect the rights of the data subject.

Zoom Video Communications, Inc. is located in the United States of America. For those outside of the USA, this means the transfer of personal data to a third country. This data transfer is permitted since TIMEZONE365 PTE LTD and Zoom Video Communications, Inc. have signed standard data protection clauses as laid out in the Act of GDPR, thus guaranteeing a sufficient level of data protection. Furthermore, Zoom Video Communications, Inc. has implemented additional measures to ensure adherence to an appropriate level of data protection. As an additional security measure on our end, we have configured our Zoom settings so that all data from virtual meetings are stored in data centers in the European Economic Area or in secure third countries such as Canada and Japan.

Teams

In order to conduct virtual meetings and webinars and to communicate via chat, we use the Microsoft Teams communication platform (hereinafter: Teams) from Microsoft Ireland Operations Limited (70 Sir John Rogerson’s Quay, Dublin 2, Ireland). We communicate via Teams with external parties and timezone365 users and sellers who have agreed to participate in our studies. When using Teams, various types of data are processed, and the scope of the data depends on the information you provide before and during your participation in the Teams meeting. Ultimately, the following personal data may be processed:

  • Display Name
  • Email address
  • Profile picture
  • Meeting metadata (date, time, meeting ID, and device and hardware information)
  • Participant’s IP address
  • Text, audio, and video data

For the duration of the Teams meeting, data from the microphone and video camera on your device is processed to enable video display and audio playback. However, you can turn off the camera or mute the microphone yourself at any time in the Teams application.

You can also dial into Teams meetings using a phone. In this case, the following additional personal data will be processed:

  • Phone number
  • Country
  • Other connection data, e.g., IP address of the device used, if applicable

The legal basis for conducting Teams meetings is the Act of GDPR, insofar as the meetings take place within the context of a contractual relationship.

If we have not concluded a contractual relationship with you, the legal basis for processing your personal data is the Act of GDPR. In this case, our legitimate interest lies in the effective facilitation of Teams meetings and conducting our user studies in a user-based manner.

If we intend to record a Teams meeting, we will communicate this intention transparently in advance. The meeting will only be recorded if you have given us your consent in accordance with the Act of GDPR.

We have signed a data processing agreement with Microsoft Ireland Operations Limited as laid out in Article 28 of the GDPR. With this agreement, Microsoft Ireland Operations Limited guarantees that they process data in accordance with the General Data Protection Regulation and protect the rights of the data subject.

Microsoft Ireland Operations Limited is the European subsidiary of the Microsoft Corporation located in the United States of America (One Microsoft Way, Redmond, WA 98052-6399, USA). For those outside of the USA, this means the transfer of personal data to a third country. This data transfer is permitted since Chrono24 GmbH and Microsoft Ireland Operations Limited have signed standard data protection clauses as laid out in Article 46, Paragraph 2, Point (c) of the GDPR, thus guaranteeing a sufficient level of data protection. Furthermore, Microsoft Ireland Operations Limited has implemented additional measures to ensure adherence to an appropriate level of data protection. As an additional security measure on our end, we have also configured our Teams settings so that all data from virtual meetings are stored in data centers in the European Union.

Rights as data subject:

You have the right:

  • to revoke the consent you have granted us at any time in accordance with the Act of GDPR. This applies non-retrospectively so that without your consent we are no longer allowed to process data thereafter
  • to request information about the personal data that we are processing in accordance with the Act of GDPR. In particular, you are entitled to receive information about the processing purposes, the types of personal data, the types of recipients to whom your data has been disclosed, the intended storage retention period, about your rights to demand correction, deletion, processing restriction and to file objection, about your complaint rights, the source of your data if not collected by us, and whether automated decision-making is utilized, including profiling, along with relevant details as appropriate
  • to demand the correction of incorrect personal data and the addition of incomplete personal data we have stored, in line with the Act of GDPR
  • to demand the deletion of your personal data stored by us, except if the processing is necessary to exercise freedom of expression speech and information rights, to fulfill a legal obligation, for reasons of public interest, or to assert or defend against legal claims or exercise rights, in line with Act of GDPR
  • to demand the restriction of your personal data from processing in accordance with the Act of GDPR if you dispute the correctness of the data or processing is unlawful but you reject its deletion and we no longer need the data yet you require the data in order to assert or defend against legal claims or exercise rights, or if you have filed an objection to processing in accordance with Act of GDPR
  • to receive your personal data from us in a commonly used, structured, machine-readable format, and to request such to be sent to a different data controller in line with the Act of GDPR
  • to lodge a complaint with a supervisory authority in line with Article 77 GDPR. Generally, you should contact the supervisory authority for your primary place of residence, your place of work, or our company headquarters.

Right to file an objection

If your personal data are processed on the basis of legitimate interests in accordance with Article 6 para. 1 sentence 1 item f GDPR, you have the right to file an objection against the processing of your personal data pursuant to Article 21 GDPR given reasons for doing so which pertain to your special circumstances or the objection pertains to direct advertising. In the latter case, you enjoy a general right to file an objection which we will act upon without your having to outline any special circumstances.

To exercise your right to file objection it suffices to send a corresponding e-mail to admin@timezone365.com.

Data security

We utilize the widely used TLS (Transport Layer Security) method for our website in combination with the highest level of encryption supported by your browser. TLS is a secure and proven standard utilized in online banking, for example. A secure TLS connection is indicated among other things by the letter ‘s’ appended on the ‘http’ (i.e. https://..) in the address bar of your browser, and by a lock icon appearing at the bottom of your browser.

We furthermore implement appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction, and unauthorized access by third parties. The security measures we implement are continuously upgraded to remain in line with technological progress.

If you register with us as a user, you can only access your user account after entering your personal password. You should always keep your access data confidential and close the browser window when you have finished communicating with us, especially if you share your computer with others.

We take company-internal data protection very seriously as well. We bind our staff and commissioned service provider firms to uphold confidentiality and comply with data protection regulations.

The version of and changes to this Data Protection Policy

This Data Protection Policy is the latest, valid version, last updated in September 2023.

Changes to our website and offers marketed via the website and changes in legal or regulatory requirements may necessitate updating of this Data Protection Policy. You can view and print out this page the latest updated version of this Data Protection Policy at any time on the website

@2021 - All Right Reserved. Designed and Developed by PenciDesign

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy