How is Timely's data processed and protected?

Privacy Handbook An overview on GDPR and what happens with your data in Timely.

Memory AS, Timely’s parent company, is a registered company in Norway, which is a member of the European Economic Area (EEA). Norway has adopted the EU directive 1995/46/EC in its laws.

The standard Terms of Service for Memory, including the integrated Data Processing Agreement, was recently updated to achieve compliance with the General Data Protection Regulation (GDPR). The GDPR also applies to Norway.

Data is processed and stored in the EU by our sub-supplier and sub-processor, Amazon Web Services (AWS). AWS services are GDPR compliant, so transfer of data to it is in compliance with EU law.

The Standard Contractual Clauses are legal mechanisms for safe transfer of personal data from an EU-controller (you) to (sub)processors outside the EU/EEA. Since our parent company, Memory AS, is a Norwegian company, the obligation to implement such additional safeguards does not apply to Memory AS — it only applies to our sub-suppliers.