Your data is in best hands with yourself

How we store and process data - Directory for IT administrators and data protection officers

Florian Schwarzbeck, Managing Director,
Only I myself see what timeBro records - and no third party.
Florian Schwarzbeck, Managing Director,
Jochen Schlaier, Managing Director,
This is a guarantee for our employees that no one can access their data.
Jochen Schlaier, Managing Director,

Directory of processing activities

The following describes which services timeBro offers and which personal data are processed in the process.

The communication of all our services always takes place in HTTPS (SSL-encrypted).

Registration of an account or user

is required for timeBro software, customer portal, communication with the customer.

  • E-mail address (authentication and communication)
  • Password (authentication; stored as hash value)
  • User ID (identification in all timeBro services)
  • Machine ID (identification of the device, creation of tokens/refresh tokens).

Access to this data is granted to selected timeBro IT administrators.

Payment data for timeBro services

is required for processing payments, invoicing and accounting.

  • Cardholder
  • Email address
  • Customer ID
  • Order ID
  • Account details
  • Credit Card Details
  • Credit Card Expiry Date
  • CVC Code
  • Date/time/amount of transactions
  • Place
  • Billing Recipient
  • Billing address

Billing data is processed by CHARGEBEE INC. and DATEV eG.
Payment data is processed by Stripe Inc. and CHARGEBEE INC. according to the PCI DSS standard.

timeBro Cloud

Required for user authorisation and storage of log files

  • Email address
  • Password
  • User ID
  • Refresh Token
  • Chargebee Subscription ID (to query whether a valid timeBro user licence is available)
  • Logs Files on events and errors of the timeBro software (do not contain any personal data)

timeBro Connected Apps

Is required if the user wants to exchange data with other software providers.

Access data to external providers and data imported from external providers are generally only stored on the user's respective device.

An exception are connections to time recording in ERP or project management systems. A connection to these systems usually requires the timeBro middleware in the timeBro Cloud to translate the data structures between the timeBro app and the connected system. The user authorises timeBro to access these systems on his behalf. This authorisation is stored in encrypted form in the timeBro Cloud. TimeBro employees have neither access to the access data in the middleware nor to the third-party systems.
No personal data is stored in the logs of the middleware.

timeBro Support

is required to receive technical support or to provide feedback to the timeBro team.

  • Email address
  • User ID
  • Account ID
  • Operating System Version
  • timeBro App Version
  • timeBro App Settings
  • CPU information of the device used

In cases of technical support, the user has the option of transmitting his log files and database to timeBro Support via the timeBro App. This is voluntary and can only be done by the user. At timeBro, only the support employee in charge of the respective support case has access. The data is deleted once the support case is closed.

timeBro App

is installed on the user's computer and used for time recording.

The timeBro App records the activities that take place on the respective device via the timeBro Tracking Core programme and stores these exclusively locally in a database.

Monitoring impossible

No network connection between users – no possibility to monitor employees.

Stored on device only

No cloud access to recorded times – database only on your device.

German servers & GDPR

We guarantee servers in Germany – certified according to ISO/IEC 27001:2013.

Start your 14-day free trial now

You don't have to provide any payment information. The trial period does not turn into a subscription.

Try our tracking for yourself. You lose nothing. Especially not time.