Privacy Policy

Hours OÜ, Estonian registry code 16434060 (hereinafter Hours) owns and operates time tracking software (hereinafter the Software), which can be used through the websites www.hours24.com and www.hours.ee or through a digital mobile application (Hours - Time tracking).

This Hours Privacy Policy forms part of the Hours Terms of Service together with the Hours Cookie Policy and the information and instructions published on the Hours websites (hereinafter jointly referred to as the Terms). Use of the Hours software cannot be registered without agreeing to the Terms.

Information collected

1. Hours collects and processes the following data about users (hereinafter „Personal Data“):

• electronic identification data (IP addresses, cookies);
• identification data (name);
• correspondence between the User and Hours;
• contact details (phone, e-mail);

2. Hours does not collect data about the content of the Employees, hours worked or employment contracts entered by the User.

3. Hours keeps the Employees' data entered through the Software confidential. Hours only sees and collects the Users' registration data (company name, e-mail). Hours does not have access to the Employees' data (personal data, content of employment contracts, time worked, salary, etc.), and therefore does not collect, store or process any information entered by the User about an Employee.

Entering personal data into the Hours software

4. Disclosing Personal Data to Hours is voluntary, but may be unavoidably necessary in order to use the Software. Therefore, if the User decides not to disclose Personal Data to Hours, then Hours cannot provide the service to the User.

5. Hours is not aware of which Personal Data the User stores, collects and processes through the Software. Hours does not have direct access to this Personal Data, except where the User has granted Hours permission to do so or where it is unavoidably necessary, in particular for the User in connection with the use of the Software.

6. The User has the right to change, supplement, correct and delete the data and Personal Data they have entered independently at any time, and does not need to notify Hours of such changes.

Controller and processor

7. The User of the Software is the controller of the Personal Data, Hours is the processor.

8. Hours does not own, control or manage the use of the Personal Data that the User stores or processes when using the Software. Only the User has access to the Personal Data they have saved about Employees.

9. Since Hours does not collect the Users' Personal Data nor determine its use, and Hours also does not determine the purposes, means or use of collecting such Personal Data, Hours does not act as a controller within the meaning of the European Union General Data Protection Regulation (EU 2016/679, hereinafter GDPR) and does not have the controller obligations arising from the GDPR.

10. With regard to the User Data containing Personal Data, Hours qualifies only as a processor, to which the relevant requirements for a processor set out in the GDPR apply. Hours does not independently transfer or otherwise make available to third parties the User Data containing Personal Data, except where the User themselves gives clear permission to do so.

11. Hours processes the Personal Data of the Software Users referred to in point 1 in order to provide the service to the User or to ensure the provision of the service and/or in accordance with the consent given by the User. The User has the right to withdraw the consent given for the processing of Personal Data at any time. The withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.

12. Under the GDPR, the User is the controller of the Personal Data with regard to any Customer Data containing Personal Data, which means that the User controls the manner of collection and use of the Personal Data, and the determination of the purposes and means of processing.

13. Hours is not liable for the content of the User Data or the materials uploaded into the Software by the User, or for any other information.

14. Hours is not liable for the manner in which the User collects, processes, discloses or distributes the Personal Data of themselves and of the Employees.

Transfer of data

15. Hours does not transfer the Users' Personal Data to third parties without the User's relevant request or clear consent. The system automatically stores the Employees' data on the Hours cloud servers; the Hours team does not have access to the content of the Employees' data.

16. Hours uses the collected Personal Data only for the purposes set out in the law or in this Privacy Policy, including for the following purposes: providing the Software; collecting payment; providing user support; improving the Software and the features offered therein.

17. Hours may transfer only the following information about Users without the User's consent:

• Publicly available information about the User;
• Information that does not identify the person;
• Information required by law and law enforcement authorities;
• Information transferred to an acquirer, legal successor or transferee in the course of a merger, acquisition, sale of assets or other transaction, and in the event of insolvency or bankruptcy, during which information is transferred to one or more third parties as part of the company's assets, only on the condition that the recipient of the data undertakes to comply with this Privacy Policy.

Disclosure of data

18. Hours has the right to disclose personal data or other information that, in good faith, is relevant or necessary in order to:

• take precautionary measures against liability;
• protect itself or others from fraud, malicious or unlawful use or activity;
• investigate and defend itself against any claims or allegations of third parties;
• protect the security and integrity of the Software;
• protect its property or other interests, enforce contracts;
• protect the rights, property or safety of others.

Retention of data

19. Hours retains only the User data referred to in point 1 until the end of the customer relationship or for as long as the User's account is active, or for a limited period of time, for as long as is necessary, as follows:

• the content of closed accounts is deleted within 3 months from closure;
• information related to invoices is kept for 7 years in accordance with Estonian accounting requirements;
• information about legal transactions between the User and Hours is retained for 10 years in accordance with the general limitation periods established for Estonian civil claims.

20. To terminate the customer relationship and delete the collected data, the User must submit a relevant application to Hours at the e-mail address info@hours.ee.

Deletion of data at the User's request

21. The User has the right to request the deletion of the data collected about them (in particular the Personal Data referred to in point 1) from the Hours Software and system.

22. The relevant written request for the deletion or blocking of data must be submitted to the e-mail address info@hours.ee.

23. The User has the right to request the deletion of only their own Personal Data. Hours cannot delete the data of any User at the request of a third party and without the request and consent of that same user themselves.

24. If Hours has doubts about the legitimacy of the request or the maliciousness of the request, the identity of the person submitting the request or their right of representation, Hours has the right to require the User to provide additional verification of their identity, for example by signing the request digitally or sending a copy of a document to Hours.

Updating the Privacy Policy

25. Hours asks Users to visit the Hours website regularly in order to stay up to date with the latest updates to the Privacy Policy, the Terms of Service and the Cookie Policy.

26. Hours publishes all changes on its website and does not separately notify all Users of changes.

Hours contact

27. If you have any questions, you may contact Hours OÜ:

Hours OÜ
E-mail: info@hours.ee