Privacy Policy
This Privacy Policy applies to personal data that is collected and processed by AppWell LLC, a limited liability corporation with a principal address at 59 Bay Vista Drive Mill Valley, CA 94941 ("AppWell"), and covers the following applications (AppWell, TimeWell, and any other applications or sites linked to this policy). This Privacy Policy does not apply to information from which no individual can reasonably be identified (anonymized information).
AppWell, as a Controller, collects and processes personal data relating to interactions on the Website (as defined in the Terms of Service). This Privacy Policy describes how AppWell uses and protects any information that you give us.
AppWell believes in full transparency, which is why our Privacy Policy is simple and easy to understand.
We strongly urge Customers to read this Privacy Policy and make sure that you fully understand and agree with it. If you do not agree to this Privacy Policy, please do not access or otherwise use the Website.
If a term is capitalized, and not defined in the Definitions section of this Privacy Policy, its meaning is found in the Definitions section of the Terms of Service.
  1. Definitions
  2. Data AppWell Collects
  3. When AppWell is a Controller
  4. When AppWell is a Processor
  5. Personal Data of those located in the UK, the EEA, or Switzerland
  6. Data Commitments
  7. Personal Data Protection
  8. Personal Data Sharing
  9. International Transfers of Data
  10. How Long Your Data is Stored
  11. Your Data Rights
  12. California Resident Data Rights
  13. Updates to the Privacy Policy
  14. Contact Us
1. Definitions
When we say "Application" we mean any AppWell software licensed by the Customer.
When we say "Customer” we mean the person or company that signs up to use AppWell SaaS applications.
When we say “End User” we mean a natural person that is authorized by the Customer to use the applicable Appwell service.
When we say "cookies" we mean small pieces of data stored on your device (computer or mobile device). This information is used to track your use of the Website and to compile reports on website activity. For further information about the use of cookies and how you can manage them, please email us at
When we say "consent" we mean your explicit consent on the processing of personal data. Persons who are 15 years of age or older may give free consent to the processing of their personal data. However, the User of AppWell has to be of age of majority as defined in Terms of Service.
When we say “Controller” we mean the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
When we say “Data Protection Law” we mean the data protection law applicable to your jurisdiction such as the EU or UK GDPR, Swiss Data Protection law or the CCPA.
When we say "Processor" we mean any natural or legal person who processes the data on behalf of the Controller.
When we say "processing" we mean any operation or set of operations which is performed on personal data or sets of personal data. This includes activities such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
When we say "personal data" or "data" we mean any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, either directly or indirectly.
2. Data AppWell Collects
We may collect and receive information about you and your Authorized Users in various ways including:
3. When AppWell is a Controller
AppWell is a Controller when collecting and processing personal data as detailed in the table below.
Data AppWell Collects Purpose of Processing Legal Basis Retention Email address, name, password, location data, timestamp, description of project Website account creation and maintenance under the Terms of Service, Request for a product demo. For End Users - Necessary for the End User to access the Application(s) that Customer has licensed. Processing is necessary for the performance of the Agreement (as defined in Section 1 of the Terms of Service). Without providing an email address, password and time zone, the User may not create the User Account. For marketing activities, such processing is based on the consent of the user. Until the account is deleted in accordance with the Terms of Service. Customer Financial Data such as name, address, bank account and payment card details. When subscribing to any of the Paid Plans or when changing any Paid Plan in accordance with the Terms of Service, this information is being collected by a third party processor. Processing is necessary for the User's performance of the Agreement which includes providing Additional Features based on the selected Paid Plan. We keep only the last four digits of the credit card number under subscription billing info until such Agreement is terminated and for the period necessary to comply with the applicable financial and tax accounting and other statutory obligations in accordance with the applicable law (Section 22 of the Terms of Service). Additional Data Customer decides to share with AppWell If Customer sends an inquiry to or contacts AppWell for support via another medium, AppWell will collect data Customer chooses to share. Processing of personal data is either necessary to provide a Service, or the processing is based on Customer’s consent. If the processing is based on Customer’s consent, we keep the information until Customer withdraws consent or for one year, whichever date comes first. Information necessary for identification To allow Data Subjects to exercise their rights in accordance with this Privacy Policy, as defined in Section 10. Processing is necessary for compliance with a legal obligation which the Controller is subject to. We keep this information for a period of one year. Other personal data For the prevention and detection of fraud, money laundering or other crimes or to respond to a binding request from a public authority or court. The processing is necessary to comply with legal and regulatory obligations. In accordance with the applicable statutory deadlines.
4. When AppWell is a Processor
AppWell acts as a Processor when processing the personal data of End Users to provide the Services. AppWell does not intend to process or collect the sensitive information of End Users, such as Protected Health Information, as defined by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), credit card information, or social security numbers.
See the table below to see what information AppWell processes as a Processor.
Data AppWell Collects Purpose of Processing Legal Basis Retention Information relating to products sold by Customer such as amount of purchase, general location data, and category of item purchased Necessary to calculate tax rates for the Customer Processing of personal data is necessary to provide a service Data is stored in the aggregate and anonymized. Information entered by End User (this information does include sensitive information such as To search for data to populate a pdf form Processing of personal data is necessary to provide a service End User data is not stored by AppWell
When AppWell engages subprocessors, it requires them to enter into contracts that are no less restrictive than the terms of this policy and any data processing agreement between you and AppWell.
By using the Service, your End Users may disclose, share, record, or otherwise provide their User Content to AppWell. The extent to which personal data is processed while using the Service also depends on the AppWell applications that you decide to use.
AppWell does not analyze, disclose, retain or access such User Content unless an End User (including an Enterprise as a User) sends a request for support and, in these cases, the access is limited to enabling the functioning of the Service.
When acting as a Processor, AppWell will process personal data according to your direction. In this scenario, you are primarily responsible for the personal data of End Users.
5. Personal Data of those located in the UK, the EEA, or Switzerland
If your End Users or you fall under the scope of application of the GDPR or similar data protection legislation with AppWell as a Processor based outside the EEA, the United Kingdom, or Switzerland you can request a copy of our Data Processing Addendum ("DPA"). Contact us at with any additional questions.
6. Data Commitments
AppWell will never:
7. Personal Data Protection
We take administrative, technical, organizational and other measures to ensure the appropriate level of security of personal data we process. To determine whether a measure is adequate and which level of security is appropriate, we consider the:
Measures we apply include:
8. Personal Data Sharing
AppWell utilizes external processors for certain processing activities. We use information audits to identify, categorize and record all personal data that is processed outside the company, so that the information, processing activity, processor and legal basis are all recorded, reviewed and easily accessible.
We have strict due diligence procedures and measures in place and review, assess and background check all processors prior to forming a business relationship. We obtain company documents, certifications, references and ensure that the processor is adequate, appropriate and effective for the task we are employing them for.
We audit their processes and activities prior to and during the contracting period to ensure compliance with the data protection regulations and review any codes of conduct that oblige them to confirm compliance.
Upon request, we can provide a list of processors and sub-processors with whom we share your personal data.
9. International Transfers of Data
We may transfer Customers’ personal data to servers located in the United States. This transfer is necessary to fulfill the contract for Services between AppWell and its Customers.
10. How Long Your Data is Stored
The period for which we store personal data depends on the specific purpose for the processing of personal data, as explained in detail in Section 4. We retain personal data for as long as reasonably necessary for legal or business purposes.
In determining data retention periods, we consider any applicable laws or regulations and contractual obligations. When we no longer need personal information, or when a Customer requests that we delete their information, where this is legal, we will securely delete or destroy it.
However, as an exception to the retention periods in Section 4 the data may be processed to determine, pursue or defend claims and counterclaims.
11. Your Data Rights
These Data Rights apply to Customers only. If you are an End User of one of AppWell’s applications, please contact the Customer who is licensing the Service to exercise your data rights. If you are a Customer email to exercise your rights.
You can send us a request for a copy of the personal data we hold about you. We have ensured that appropriate measures have been taken to provide a concise, transparent, intelligible and easily accessible report, using clear and plain language. Such information is provided in writing free of charge. It may be provided by other means when authorized by the Data Subject and with prior verification as to the subject's identity.
Information is provided to the Data Subject at the earliest convenience, but at a maximum of 30 days from the date the request was received. Where the retrieval or provision of information is particularly complex or is subject to a valid delay, the period may be extended by two further months where necessary.
If the personal data we have about an Authorized User is incorrect, the Authorized User has the right to request that we correct that data. When notified of inaccurate data by an Authorized User, we will rectify the error within 30 days and inform any third party of the rectification if we have disclosed the personal data in question to them.
You have the right to request from us that your personal data is deleted in certain circumstances including:
However, this right does not apply where, for example, the processing is necessary:
If the accuracy of the personal data is contested, you consider the processing is unlawful but you do not want it erased, we no longer need the personal data but you require it for the establishment, exercise or defense of legal claims or you have objected to the processing and verification, you can exercise your right to the restriction of processing.
Where a Customer has provided personal data to us, the Customer has the right to receive such personal data back in a structured, commonly used and machine-readable format, and to have such data transmitted to a third-party Controller without hindrance but in each case only where:
If you have provided your consent to the collection, processing and transfer of your personal data, you have the right to fully or partly withdraw your consent. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there is another legal ground for the processing.
If you have any concerns or requests in relation to your personal data, please contact us at and we will respond as soon as possible but not later than within 30 days.
12. California Resident Data Rights
This Section supplements the information contained in the AppWell's Privacy Policy and applies solely to visitors, users, and others who reside in the State of California and fall under the scope of the California Consumer Privacy Act ("consumers" or "you") when they visit the Website or use the Services. Under this Notice AppWell complies with the California Consumer Privacy Act of 2018 ("CCPA").
Any capitalized but undefined term in this Notice shall have the meaning given to it in the CCPA, Definitions section of the Terms of Service, Privacy Policy and Cookie Policy.
This Notice makes an integral part of our Privacy Policy and Terms of Service.
For more details about the personal information AppWell has collected over the last 12 months please see Section 4 of the Privacy Policy - Personal Data We Process.
The categories of personal information that are listed in Section 4 are obtained by AppWell in accordance with Section 3 of the Privacy Policy - What Data Do We Collect About You And When?
AppWell collects personal information for the purposes described in Sections 3 and 4 of the Privacy Policy - AppWell as Controller.
AppWell shares personal information with the categories of third parties described in Section 8 of this Privacy Policy.
Please note that AppWell uses third-party cookies for advertising purposes as further described in our Cookie Policy.
AppWell does not sell personal information, including the personal information of anyone under 18 years of age.
This section describes Customer rights under the CCPA and explains how to exercise those rights. These rights may be exercised by Customers when AppWell operates as a Controller.
If your inquiry or exercise of any of the consumer's rights relates to the data on a Workspace processed as explained in Section 4.2 of the Privacy Policy, please contact the owner of the relevant Workspace via which your personal data has been processed.
In the event AppWell receives a request for exercising any of these rights directly from a consumer, we are obliged to notify the owner of the relevant Workspace before responding to such a request.
You have the right to request that we disclose certain information to you about AppWell's collection and use of your personal information over the past 12 months, i.e.:
We will disclose this information to you once we receive and confirm your verifiable consumer request.
You have the right to delete your personal information AppWell collected. AppWell will delete your personal information from the records once we receive and confirm your verifiable consumer request unless a CCPA exception applies.
We may deny your deletion request subject to the exceptions in CCPA §1798.105, i.e. if retaining the information is necessary for AppWell or our service providers to:
  1. Complete the transaction for which AppWell collected the personal information, provide a good or service that the Customer requested, take actions reasonably anticipated within the context of AppWell's ongoing business relationship with a Customer, or otherwise perform our contract with the Customer.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if the Customer previously provided informed consent.
  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on a Customer’s relationship with us.
  8. Comply with a legal obligation.
  9. Make other internal and lawful uses of that information that are compatible with the context in which the Customer provided it.
If a Customer’s request is justified, AppWell will also direct their service providers to delete a Customer’s personal information as well.
AppWell will not discriminate against a Customer for exercising any of its CCPA rights. Unless permitted by the CCPA, AppWell will not:
The CCPA requires businesses that sell personal information to allow consumers the ability to opt-out of the selling of their personal information.
Again, AppWell does not sell personal information.
To exercise the rights to access, data portability, and deletion, please submit a verifiable consumer request at or contact us via our Contact page.
Consumers are entitled to make a request for access or data portability twice within a 12-month period.
To exercise its rights, a Customer may send a request by itself or use an authorized agent.
If AppWell cannot verify a Customer’s identity or authority to make the request and confirm the personal information related to the Customer, AppWell cannot respond to such Customer’s request or provide the Customer with personal information.
We try to respond to consumers' requests within 45 days of their receipt. Sometimes, AppWell may need more time to respond to the request (up to 90 days total from the moment we receive the request) when AppWell will inform the consumer of the reason and extension period in writing.
Customers are not obliged to create an account with AppWell in order to make a verifiable consumer request. AppWell will deliver its written response to the registered email associated with the account if you have an account with AppWell. Please note that any information AppWell provides will only cover the 12-month period preceding the consumer's request receipt. If we cannot comply with a Customer’s request, we will provide an explanation.
If a consumer files a data portability request, AppWell will select a format that is readily usable and should allow the transmission of the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to verifiable consumer requests unless it is excessive, repetitive, or manifestly unfounded. If AppWell determines that the request warrants a fee, AppWell will:
13. Updates to the Privacy Policy
AppWell reserves the right to change this Privacy Policy at our sole discretion. If AppWell makes any changes, we will publish the new rules on this web page. If the update is material, AppWell will notify Customers directly with the contact information that Customer provided AppWell.
Where a Customer has previously consented to AppWell’s Privacy Policy, the Customer’s continued use of the Website after AppWell makes changes is considered acceptance of the updated rules.
14. Contact Us
If Customers have any questions about this privacy policy or wish to exercise their data rights, they are invited to email us at; or mail us at: 59 Bay Vista Drive Mill Valley, CA 94941. Our Data Protection Officer can be reached at
© Timewell