This Privacy Notice explains how Steven Law, trading as Apex Pro Timer("Apex Pro Timer", "we", "us"), collects and processes personal data when you use the Apex Pro Timer website and application (the "Service"). We act as the data controller for personal data described below.
1. Personal data we collect
- Account data — email address, authentication identifiers, and login credentials.
- Service content — timers, workouts, folders, and other content you create or import.
- Support data — messages, attachments, and metadata when you contact us.
- Usage and device data — pages viewed, feature usage, device type, browser, IP address, and approximate location derived from IP.
- Subscription data — plan tier, purchase date, and identifiers shared by our payment provider.
2. Purposes and legal bases
- Provide the Service (contract): account creation, syncing your library, delivering Pro features.
- Customer support (contract / legitimate interests): respond to requests and troubleshoot issues.
- Security and fraud prevention (legitimate interests / legal obligation): protect accounts and the Service.
- Product improvement (legitimate interests): understand usage and improve features.
- Legal compliance (legal obligation): meet tax, accounting, and other obligations.
3. How we share data
We share personal data with:
- Service providers / subprocessors — hosting, database, analytics, and email delivery providers acting on our instructions.
- Paddle.com Market Ltd ("Paddle") — our Merchant of Record for all sales. Paddle processes payments, handles subscription management, calculates and remits sales tax, issues invoices, and provides customer service for billing matters. See Paddle's Privacy Policy.
- Professional advisers — legal, accounting, and compliance advisers when needed.
- Authorities — where required by law or to protect rights, safety, and property.
4. International transfers
Your data may be processed outside your country of residence, including in the United States and the United Kingdom. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.
5. Data retention
We retain personal data only as long as needed for the purposes set out above, to comply with legal obligations, or to resolve disputes. Account data is deleted or anonymised after account closure, subject to legal retention requirements (for example, tax records held by Paddle).
6. Your rights
Depending on your jurisdiction, you may have the right to:
- Access, rectify, or erase your personal data;
- Restrict or object to certain processing;
- Receive a portable copy of your data;
- Withdraw consent at any time where processing is based on consent;
- Lodge a complaint with your local data protection supervisory authority.
To exercise these rights, contact us at the address below. We aim to respond within one month.
7. Security
We use appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, and regular review of our security practices. No system is perfectly secure; please use a strong, unique password.
8. Cookies
We use strictly necessary cookies and local storage to keep you signed in and remember your preferences. We may also use limited analytics cookies to measure aggregate usage. You can manage cookies via your browser settings.
9. Children
The Service is not directed to children under 13, and we do not knowingly collect their data.
10. Changes
We may update this Notice. Material changes will be communicated through the Service.
11. Contact
Questions about this Notice or your data? Contact us via the in-app support link. For billing or payment-related personal data handled by Paddle, visit paddle.net.