GDPR Compliance - TimeGate Booking Systems

TimeGate Booking Systems is committed to protecting the privacy and data rights of all users, especially those in the European Economic Area (EEA). This page outlines our compliance with the General Data Protection Regulation (GDPR).

Our GDPR Commitment

We take data protection seriously and have implemented comprehensive measures to ensure compliance with GDPR requirements. Our commitment includes:

Transparent data collection and processing practices
Robust security measures to protect personal data
Respect for individual data rights
Lawful bases for all data processing activities
Regular audits and updates to our data protection practices

Your Data Rights Under GDPR

If you are located in the EEA, you have the following rights regarding your personal data:

Right to Access

You have the right to request a copy of all personal data we hold about you. We will provide this information in a commonly used, machine-readable format.

Right to Rectification

You can request correction of any inaccurate or incomplete personal data we hold about you.

Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data under certain circumstances, such as when:

The data is no longer necessary for the purposes it was collected
You withdraw consent and there is no other legal basis for processing
You object to processing and there are no overriding legitimate grounds
The data has been unlawfully processed

Right to Restriction of Processing

You can request that we limit how we use your personal data in certain situations, such as when you contest the accuracy of the data or object to processing.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.

Right to Object

You can object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your residence, place of work, or place of alleged infringement.

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: support@sipshadowlane.com
Subject: GDPR Data Rights Request

We will respond to your request within 30 days.

Lawful Basis for Processing

We process personal data only when we have a lawful basis to do so. Our lawful bases include:

Consent: You have given clear consent for us to process your personal data for specific purposes
Contract: Processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
Legal Obligation: Processing is necessary for us to comply with the law
Legitimate Interests: Processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those interests

Data Protection Measures

We implement appropriate technical and organizational measures to ensure data security:

256-bit SSL/TLS encryption for data in transit
AES-256 encryption for data at rest
Regular security audits and penetration testing
Access controls and authentication mechanisms
Employee training on data protection
Data breach notification procedures
Regular backups and disaster recovery plans

International Data Transfers

When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place:

Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions recognizing recipient countries' data protection standards
Additional security measures to protect data during transfer

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in our Privacy Policy or as required by law. Retention periods vary based on:

The nature of the data and its purposes
Legal and regulatory requirements
The need to retain data for legal defense
Your relationship with us

Data Protection Officer

For questions about our GDPR compliance or to exercise your data rights, you can contact our Data Protection Officer:

Email: support@sipshadowlane.com
Address: 4-3-15 Nishishinjuku, Shinjuku-ku, Tokyo 160-0023, Japan

Updates to This Page

We may update this GDPR compliance page from time to time to reflect changes in our practices or legal requirements. We encourage you to review this page periodically.

Last updated: January 15, 2025