Privacy Policy

Overview

At No Time, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, and protect your data when you use our time tracking application.

The No Time app is operated by EMGY, located at Oost-indiëplaats 2611BS Delft, The Netherlands. You can contact us via email at info@no-time.me.

Information We Collect

Account Information

• Email address (for account creation and authentication)
• Occupation (optional, to improve time entry parsing)
• Account creation date

Time Tracking Data

• Time entries (descriptions, duration, timestamps)
• Project names and organization
• Activity types and custom categories
• Voice recordings (temporarily processed for transcription)

Usage Analytics

• App usage patterns (features used, session duration)
• Device type and operating system version (iOS/Android)
• Crash reports and error logs
• Subscription status and billing information

Legal Basis for Processing Your Information

Under the General Data Protection Regulation (GDPR), we process your personal data under the following legal bases:

• Performance of a Contract: We process your data to provide and maintain the services you signed up for, as outlined in our Terms of Service. This includes creating your account, tracking your time, syncing your data, and managing your subscription.
• Legitimate Interests: We process your data for our legitimate interests, such as improving our app, analyzing usage patterns to develop new features, ensuring the security of our services, and preventing fraud, provided that these interests do not override your fundamental rights and freedoms. This includes analytics data and error logs.
• Consent: For optional data, such as your occupation, or for certain communications, we rely on your consent. You can withdraw your consent at any time.
• Legal Obligation: We process your data to comply with legal obligations, such as maintaining Terms of Service acceptance records, tax and accounting requirements, and responding to lawful requests from authorities.

Specific Legal Basis by Data Type

• Core app functionality (time entries, projects, sync): Performance of a Contract
• Subscription management and billing: Performance of a Contract
• Analytics, security, and app improvement: Legitimate Interests
• Optional features (occupation, marketing): Consent
• Terms of Service acceptance and tax records: Legal Obligation

How We Use Your Information

Service Delivery

• Provide time tracking and analytics features
• Process voice recordings for transcription
• Generate productivity insights and reports
• Sync data across your devices

Account Management

• Create and maintain your account
• Process subscription payments through Apple App Store and Google Play Store
• Provide customer support
• Send essential service updates (security notifications, account changes)
• Send optional communications (product updates, announcements) which you can opt out of via the app

Improvement and Analytics

• Improve app performance and fix bugs
• Develop new features based on usage patterns
• Analyze app performance and user experience

Data Security, Retention, and Breach Notification

Data Storage and Security

Your data is stored securely on Supabase servers located in Central EU (Frankfurt, Germany) with enterprise-grade security. All data is encrypted both in transit (using TLS) and at rest using industry-standard encryption protocols.

Data Retention

We retain your personal data according to the following specific periods:

• Account data and time entries: Until account deletion, plus 30 days for legal obligations
• Voice recordings: Immediately deleted after transcription (not stored)
• Terms of Service acceptance records: 7 years for legal compliance
• Subscription and billing data: As required by tax and accounting laws

We may retain data longer when required to comply with legal obligations, resolve disputes, or enforce our agreements.

Data Breach Notification

In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authorities without undue delay, in accordance with applicable law.

Data Sharing and Third Parties

No Data Selling

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Service Providers (Data Processors)

We work with trusted service providers who act as data processors on our behalf. They help us operate the app and are contractually bound to protect your data. These include:

• Supabase: Database and backend services. Privacy Policy
• OpenAI: We use the OpenAI API for AI-powered parsing and transcription. OpenAI acts as our subprocessor and is prohibited from using your data to train its models under our Data Processing Agreement. Data submitted via the API is not stored by OpenAI after processing. You can review OpenAI's API Data Usage Policy here.
• RevenueCat: Subscription management and analytics. Privacy Policy

Third-Party Data Controllers

In some cases, you may interact with third parties who are separate data controllers. For example, when you make a purchase, your payment is processed by Apple via the App Store or Google via Google Play Store, which act as data controllers for your billing information under their own terms and privacy policies: Apple Privacy Policy and Google Privacy Policy.

Legal Requirements

We may disclose information when required by law, to protect our rights, or to ensure the safety and security of our users.

Your Rights and Choices

Data Access and Portability

• Request a copy of your personal data
• Export your time tracking data as CSV
• Review your account information in the app

Data Correction and Deletion

• Update your profile information in the app
• Delete individual time entries or projects
• Request complete account deletion

Communication Preferences

You can manage your email communication preferences at any time through the app. Go to Personalization > Account > Communication to opt out of optional emails such as updates and announcements. Essential service emails (such as account security notifications) cannot be disabled.

• Opt out of optional emails via the Communication setting in the app
• Control in-app notification preferences
• Essential service communications will still be sent for security and account management

Withdrawing Your Consent

Where we rely on your consent to process your data, you can withdraw it at any time. You can do this by adjusting your in-app settings or by contacting us directly at info@no-time.me. Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal.

Right to Lodge a Complaint

If you are in the European Economic Area (EEA), you have the right to lodge a complaint with a data protection authority about our collection and use of your personal data. Our lead supervisory authority is the Dutch "Autoriteit Persoonsgegevens". You can contact them via their website at autoriteitpersoonsgegevens.nl or by mail at:

Automated Decision-Making and AI

We use AI, powered by the OpenAI API (not ChatGPT or other consumer-facing OpenAI products), to parse your time entries from natural language and to provide productivity insights. While this involves automated processing, it does not result in decisions that have a legal or similarly significant effect on you. You always have the ability to review and edit the automatically generated time entries.

Should you include personal data in your time entry descriptions or voice recordings, this information will be temporarily processed by OpenAI's API to provide the service.

Cookies and Tracking Technologies

As a mobile application, we do not use traditional browser cookies. However, our app incorporates Software Development Kits (SDKs) from our third-party service providers (like RevenueCat for analytics and Supabase for backend functionality). These SDKs may collect technical data and device identifiers to help the app function correctly, analyze performance, and prevent fraud. This processing is performed for our legitimate interests in operating and improving our service. You can learn more by reviewing the privacy policies of our third parties.

Children's Privacy

Our app is not intended for children. In the European Economic Area, this means individuals under the age of 16 (or the lower age that a member state has provided for). In the United States, this means children under 13. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately so we can take appropriate action.

International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction. We take all steps reasonably necessary to ensure that your data is treated securely. For transfers of data outside the European Economic Area (EEA), we rely on appropriate safeguards, such as Standard Contractual Clauses and adequacy decisions, to ensure your data is protected.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy in the app and updating the "Last updated" date. Your continued use of the app after changes are posted constitutes acceptance of the new policy. Previous versions of this policy are available upon request.