Last update 17 December 2026
Who we are
timeisticking.art is an online information resource developed as part of the IDAlert research project (https://idalertproject.eu/)
The website is hosted by IONOS in the European Union, which provides the technical infrastructure (web server, security and availability services) for the site.
The data controller for this website in the context of IDAlert communications is the IDAlert project coordination. For any questions about this notice or about your data protection rights, you can contact Three o’clock at hello@threeoclock.co, acting as the main contact point for data protection matters relating to timeisticking.art.
Cookies and tracking
This website does not set any cookies on your device and does not use any similar tracking technologies (such as local storage, tracking pixels or fingerprinting) for marketing or cross‑site tracking purposes.
We do not use advertising technologies, embedded social media plugins or third‑party trackers on this site.
Because we do not place non‑essential cookies or use third‑party trackers, we do not display a classic cookie consent banner.
If this changes in the future (for example, if we add new services that use cookies), we will update this notice and, where required, ask for your prior consent before setting any non‑essential cookies.
Privacy‑friendly analytics
This website uses Independent Analytics, a privacy‑friendly analytics tool that runs entirely on the same server as the website.
Independent Analytics does not communicate with external servers, does not store personal data, and does not use any cookies to track visitors, making it easier to comply with GDPR.
The analytics are used only to understand aggregated usage of the website (for example, which pages are visited and how often) in order to improve content and technical performance.
Because no personal data are stored and no cookies or similar identifiers are used, this analytics setup does not create individual user profiles and does not require a cookie consent banner for analytics purposes.
Server logs and hosting
When you visit the website, the hosting provider (IONOS) may automatically collect and store limited information in server log files for security, technical and abuse‑prevention purposes, such as IP address, date and time of access, pages visited and technical error information.
These logs are processed under the legal basis of legitimate interest to ensure the security and stability of the service and are retained only for as long as necessary for those purposes, after which they are deleted or irreversibly anonymised.
We do not have access to identified visitor profiles and do not combine server log data with other information to identify individual visitors.
QR codes and QRFY
In some offline materials we use QR codes generated with the QRFY application, which redirect you to pages on timeisticking.art or to other IDAlert online resources.
According to the provider’s documentation, any data processed by QRFY for basic QR‑code usage is anonymised and does not allow the identification of individual users; we do not receive any information that directly identifies you when you scan a QR code.
If, in the future, QR codes link to third‑party services (for example, external survey tools or event platforms), those services will have their own privacy notices explaining how they handle personal data and cookies.
Please refer to those third‑party notices before submitting any information.
Contact email
If you contact the project team by email using the address published on timeisticking.art, your message will normally include your email address, name (if provided in the email client or signature) and any other information you choose to share.
This information is used only to read and respond to your enquiry, manage any follow‑up actions you request, and, where relevant, document project‑related interactions in line with IDAlert’s obligations.
The legal basis for this processing is the legitimate interest in handling incoming requests and communicating with stakeholders about the project, or, where your request relates to the exercise of data protection rights, the legal obligation to respond.
Emails and related correspondence are kept only for as long as necessary to respond to you and to document the exchange in line with applicable retention rules, after which they are securely deleted or archived in a restricted manner.
If you contact the project team by email, please avoid sharing sensitive personal data unless this is strictly necessary and you have a clear legal basis for doing so.
If, in the future, the website offers a structured contact form instead of direct email, this notice will be updated to describe any additional processing.
No forms and no user accounts
This website does not include contact forms, comment functions, newsletters, user accounts or other interactive features that would allow you to submit personal data directly via the site.
If such features are added in the future, this notice will be updated to explain the purpose of processing, the legal basis, retention period and your rights, and – where required – your explicit consent will be collected before processing your data.
Interactions via social media
The IDAlert project maintains official accounts on social media platforms (such as X/Twitter, LinkedIn, Instagram or others) to share updates and engage with stakeholders.
If you choose to follow, like, comment on or message these accounts, the relevant platform will process your personal data under its own privacy policy and terms, which you should consult directly on that platform.
We may see your public profile information and any messages or comments you send to the IDAlert social media accounts and use that information only to respond to your requests, manage events or monitor engagement with the project, in line with the platform’s rules and our project obligations.
We do not export or combine social media data into separate marketing databases, and we will not use social media interactions to send you direct marketing without your prior consent.
Your data protection rights
Where personal data are processed in connection with this website, our contact email or our social media channels, you may have the following rights under the GDPR, subject to legal conditions: access, rectification, erasure, restriction of processing, objection, and data portability.
To exercise these rights or to ask questions about this notice, you can contact Three o’clock at hello@threeoclock.co, which will help coordinate your request with the relevant IDAlert partners.
You also have the right to lodge a complaint with your local data protection authority if you believe that the processing of your personal data infringes applicable data protection law.
Changes to this notice
This Privacy & Cookies Notice may be updated from time to time, for example if new features, cookies or third‑party services are added to the website or to the IDAlert communication channels.