time24
← Back to Home

Legal

Privacy Policy

Effective date: March 4, 2026

1. Introduction

time24(“we”, “our”, or “us”) operates a Getting Things Done (GTD) task management application (the “Service”). This Privacy Policy explains what information we collect, how we use it, and the choices you have. By using the Service you agree to the practices described here.

2. Information We Collect

2.1 Account information

When you register, we collect your email address and an encrypted password (or, if you sign in with Google, only a Google-issued identifier — we never see your Google password).

2.2 Task and project data

All tasks, projects, notes, and preferences you create are stored in our database, isolated to your account via Supabase Row Level Security (RLS) policies.

2.3 Google Calendar data

If you choose to connect Google Calendar, the Service requests the https://www.googleapis.com/auth/calendar OAuth scope. We use this access exclusively to:

  • Create calendar events for tasks you explicitly schedule within the app.
  • Update or delete those events when you change or remove the corresponding task.
  • Read existing events on the connected calendar solely to detect scheduling conflicts for tasks you are actively scheduling — no event data is stored beyond what is needed to display conflict warnings in the moment.

We do not read, store, index, analyse, or share the contents of your Google Calendar for any other purpose.

2.4 Usage data

Standard server logs (IP address, browser type, pages visited, timestamps) may be retained for up to 30 days for security and debugging purposes only.

3. Google API Services User Data Policy

time24's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we confirm that:

  • We only request Google user data that is necessary to provide the calendar scheduling feature described above.
  • We do not use Google user data to serve advertisements.
  • We do not allow humans to read your Google data unless you have given explicit consent, it is necessary for security purposes, or it is required by law.
  • We do not transfer your Google user data to third parties except as necessary to provide the Service (e.g., our hosting infrastructure), and never for advertising or data-broker purposes.

4. How We Use Your Information

  • To provide, maintain, and improve the Service.
  • To authenticate you and keep your account secure.
  • To sync tasks with Google Calendar when you have enabled the integration.
  • To respond to support requests you initiate.
  • To comply with legal obligations.

5. Data Sharing and Third Parties

We do not sell, rent, or share your personal data with third parties for marketing or advertising purposes.

We use the following sub-processors solely to operate the Service:

  • Supabase — database, authentication, and file storage (EU/US infrastructure).
  • Google LLC — OAuth authentication and, optionally, Google Calendar API.
  • Netlify — hosting and edge compute.

Each sub-processor is bound by their own privacy and security commitments.

6. Data Retention

Your account data is retained for as long as your account is active. You may delete your account at any time from the Settings page, which permanently removes all associated tasks, projects, and preferences. Google Calendar tokens are revoked and deleted upon disconnecting the integration or deleting your account.

7. Security

All data is encrypted in transit (TLS 1.2+) and at rest. Row Level Security (RLS) policies on our database ensure that each user can only access their own data — no server-side bypass is possible without explicit policy changes. OAuth tokens for Google Calendar are stored encrypted and scoped to your account only.

8. Your Rights

Depending on your jurisdiction you may have the right to access, correct, port, or delete your personal data. To exercise these rights, email us at vchornyy12@gmail.com. We will respond within 30 days.

9. Children

The Service is not directed to children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us data, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users by email and update the effective date above. Continued use of the Service after changes constitutes acceptance of the revised policy.

11. Contact

Questions about this policy? Contact us at vchornyy12@gmail.com.

← Back to HomeTerms of Service →