Last updated on 06 Oct 2025
Welcome to When ("we" or "us"). This Privacy Policy is designed to help you understand how we collect, use, disclose, and safeguard your personal information when you use our website and related services.
3. How Do We Collect User and Visitor Personal Data
4. What Personal Data Do We Collect About the User and Visitor
5. For What Purposes Do We Use User and Visitor Personal Data
6. How Long is Personal Data Stored
7. Security of Stored Personal Data
11. Changes to This Privacy Policy
12. Jurisdiction for Conflict Resolution
1. General Information
This Privacy Policy contains information about the collection, use, storage, processing and protection of personal data of users and visitors of the time tracking platform, with the purpose of demonstrating absolute transparency on the subject and clarifying to all interested parties about the types of data that are collected, the reasons for the collection and how users can manage or delete their personal information.
This Privacy Policy applies to all users and visitors of the time tracking platform and forms part of the General Terms and Conditions of Use of the time tracking platform, duly registered with the CNPJ under number 26.471.734/0001-42, located at 171 Paulista Avenue, 4th floor, Bela Vista, São Paulo, SP, Brazil. 01.311-00, hereinafter referred to as Zenika Applications LTDA.
This document was prepared in accordance with the General Data Protection Law (Law 13,709/18), the Internet Civil Rights Framework (Law 12,965/14) (and EU Regulation 2016/6790). Furthermore, the document may be updated as a result of regulatory updates, so users are encouraged to consult this section periodically.
2. Definitions
For better understanding, we provide below the definitions of the terms that we will use in this document:
USER: The person who has access to and uses all the platform's exclusive features and screens.
VISITOR: Anyone who has access to the platform's public screens.
PLATFORM: System built and developed on the web in order to provide one or more services.
3. How Do We Collect User and Visitor Personal Data
The user's and visitor's personal data is collected by the platform as follows:
When a user creates an account/profile on the time tracking platform: this data includes basic identification information, such as: full name, email address, calendar information, workplace, and account synchronization. This information allows us to identify the user and visitor, ensuring greater security and well-being for their needs. Users and visitors are aware that their profile on the platform will be accessible to all other users and visitors of the time tracking platform.
When a user or visitor accesses the time tracking platform: interaction and access information is collected by the company to ensure a better user and visitor experience. This data may include keywords used in a search, the sharing of a specific document, comments, page views, profiles, the URL from which the user or visitor originated, the browser they use, and their IP addresses, among other information that may be stored and retained.
Through a third party: The time tracking platform receives data from third parties, such as Notion, Slack, Toggl, and Clockify, when a user integrates or imports data from their profile on one of these sites. The use of this data is previously authorized by the user with the third party in question.
4. What Personal Data Do We Collect About the User and Visitor
The user and visitor personal data collected are the following:
Data for creating an account/profile on the time tracking platform: full name, email, calendar information, work location, and account synchronization.
Data for navigation optimization: page access, interaction with the public scheduling page, form completion, keywords used in searches, usability, accessibility, IP address.
Newsletter: The email address registered by visitors who choose to subscribe to the Newsletter will be collected and stored until the user requests to unsubscribe.
Contract-related data: Upon formalization of a purchase and sale or service provision agreement between the platform and the user/visitor, data related to the execution of the contract, including communications between the company and the user, may be collected and stored.
5. For What Purposes Do We Use User and Visitor Personal Data
The user and visitor personal data collected and stored by the time tracking platform is intended for:
User and visitor well-being: to improve the product and/or service offered, facilitate, streamline, and fulfill the commitments established between the user and the company, enhance the user experience, and provide specific features based on the user's basic characteristics.
Platform improvements: to understand how the user uses the platform's services to assist in business and technical development.
User profile prediction: to automatically process personal data to evaluate platform usage.
Registration data: to allow the user access to certain platform content, exclusive to registered users.
Contract data: to provide legal certainty to the parties and facilitate the conclusion of the transaction.
The processing of personal data for purposes not provided for in this Privacy Policy will only occur with prior notice to the user, so that the rights and obligations set forth herein remain applicable.
6. How Long is Personal Data Stored
The user's and visitor's personal data is stored by the platform for the period necessary to provide the service or fulfill the purposes outlined in this document, as provided for in Article 15, Section I, of Law 13,709/18.
Data may be removed or anonymized at the user's request, except in cases where the law provides for other processing.
Furthermore, users' personal data may only be retained after the end of their processing in the following circumstances, as outlined in Article 16 of the aforementioned law:
I - compliance with a legal or regulatory obligation by the controller;
II - study by a research organization, ensuring, whenever possible, the anonymization of personal data;
III - transfer to a third party, provided that the data processing requirements outlined in this Law are met;
IV - exclusive use by the controller, with third-party access prohibited, and provided that the data is anonymized.
7. Security of Stored Personal Data
The platform is committed to implementing technical and organizational measures to protect personal data from unauthorized access and from destruction, loss, alteration, communication, or dissemination.
Credit card data is encrypted using Transport Layer Security (TLS) technology, which helps protect web applications from data breaches and other attacks and ensures secure and confidential data transmission. Data transmission between the server and the user is encrypted and encrypted.
The platform is not responsible for the sole fault of a third party, such as in the case of a hacker or cracker attack, or the sole fault of the user, such as when the user transfers their data to third parties. The website undertakes to notify the user in the event of any breach of security of their personal data.
Personal data stored is treated confidentially, within the limits of the law. However, we may disclose users' personal information if we are required by law to do so or if the user violates our Terms of Service.
8. Data Sharing
User data is shared only with data relating to posts made by the user themselves; these actions are shared publicly with other users.
User profile data is shared publicly in search engines and within the platform, and users are allowed to privately display their profile, displaying only the information they desire.
8.1 - Will the Stored Personal Data Be Transferred to Third Parties?
Personal data may be shared with third parties: Notion Labs, Inc., and Slack Technologies, LLC.
These third parties receive data to the extent necessary to enable them to perform the contracted services.
Regarding third-party service providers, such as payment transaction processors, please note that each has its own privacy policy. Therefore, we recommend reading their privacy policies to understand what personal information these providers will use.
These providers may be located or have facilities in different countries. Under these circumstances, the personal data transferred may be subject to the laws of the jurisdictions in which the service provider or its facilities are located.
By accessing our services and providing your information, you consent to the processing, transfer, and storage of this information in countries other than your own.
When you are redirected to a third-party application or website, you are no longer governed by this Privacy Policy or our platform's Terms of Service. We are not responsible for the privacy practices of other websites and recommend that you read their respective privacy statements.
9. Cookies or Navigation Data
Cookies are text files sent by the platform to the user's or visitor's computer and stored there, containing information related to website navigation. This information is related to access data, such as location and time of access, and is stored by the user's or visitor's browser so that the platform server can read it later to personalize the platform's services.
Users and visitors to the time tracking platform acknowledge and accept that a navigation data collection system may be used, which involves the use of cookies.
Persistent cookies remain on the user's or visitor's hard drive after the browser is closed and will be used by the browser on subsequent visits to the website. Persistent cookies can be removed by following your browser's instructions. Session cookies are temporary and are deleted when the browser is closed. You can reset your web browser to refuse all cookies, but some platform features may not function properly if the ability to accept cookies is disabled.
10. Consent
By using the services and providing personal information on the platform, the user consents to this Privacy Policy.
By registering, the user acknowledges and may exercise their rights to cancel their registration, access and update their personal data, and guarantees the accuracy of the information provided.
The user has the right to withdraw their consent at any time by contacting contact@whenhq.com
11. Changes to This Privacy Policy
We reserve the right to modify this Privacy Policy at any time. We recommend that users and visitors review it frequently.
Changes and clarifications will take effect immediately upon their publication on the platform. Users will be notified when changes are made. By using the service or providing personal information after any changes are made, users and visitors acknowledge and agree to the new rules.
In the event of a merger or sale of the platform to another company, user data may be transferred to the new owners to ensure the continued existence of the services offered.
12. Jurisdiction for Conflict Resolution
Brazilian law will be fully applied to resolve disputes arising from this instrument.
Any disputes must be filed in the courts of the district of São Paulo, expressly excluding any other court, no matter how privileged.