TimeFinder
Latest update: April 3, 2026
TimeFinder is a subscription-funded productivity app. We make money when you pay for a subscription, not by monetizing your data.
The full details follow below. For questions, email [email protected].
TimeFinder collects some personal data from its users. This document explains what we collect, why, and what choices you have.
This document contains sections dedicated to users in the European Union, the United States, Switzerland, and Brazil and their respective privacy rights.
Personal Data processed for the following purposes and using the following services:
One provider is active at a time based on the user's selected AI model. No data is sent to any AI provider unless you explicitly enable the AI Assistant. Each provider acts as a data processor under contract. TimeFinder stores a limited internal AI request log for quota enforcement, abuse prevention, and support. Operational cloud logs may also include the full user input and generated prompts for debugging and monitoring.
TimeFinder, LLC
TimeFinder is owned and operated by TimeFinder, LLC, based in the United States.
Contact email: [email protected]
If you need to send a formal privacy or legal notice and require a mailing address, start by emailing [email protected].
Among the types of Personal Data that TimeFinder collects, by itself or through third parties, there are: account identifiers (including anonymous account IDs and signed-in user IDs); email address; first name; last name; country or region; device information; operating system; app version; in-app purchase and subscription status; session data; feature usage events; crash traces and sampled session replay recordings; unique identifiers (UUIDs and installation identifiers); profile picture; advertising identifiers used for install attribution (iOS IDFA when ATT consent is granted, Android GPS Advertising ID); connected-service account metadata and sync settings; support and feedback information; optional AI image attachments and AI request metadata, including full AI request text in operational logs; optional diagnostic data; and user-created content such as Tasks, Appointments, Lists, and settings.
Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection.
Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using TimeFinder.
With your permission, TimeFinder can read events from your device calendars and items from your reminders lists so they can appear alongside your schedule. If you enable import, export, or sync features, TimeFinder stores the selected calendar/list identifiers, sync settings, and related metadata in your account so those features continue working across devices.
TimeFinder also lets you connect third-party services such as Google Tasks, Todoist, and TickTick. If you connect one of these services, TimeFinder stores the credentials and mapping metadata needed to keep the integration working and exchanges the relevant task/list data with that service at your direction.
If you use the AI Assistant, you may also choose to attach images from your camera or photo library. Those images are sent only to the selected AI provider for that request and are not uploaded unless you actually use the AI feature.
If you explicitly enable calendar sync diagnostics from the app's debug tools, additional diagnostic information may be uploaded to Firestore to help investigate sync issues. This can include device details, selected calendar metadata, native sync logs, and truncated event or recurrence details.
Unless specified otherwise, all Data requested by TimeFinder is mandatory and failure to provide this Data may make it impossible for TimeFinder to provide its services. In cases where TimeFinder specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.
Users who are uncertain about which Personal Data is mandatory may contact the Owner.
The TimeFinder website may use cookies or similar technologies for analytics. The mobile app primarily uses SDK identifiers rather than browser cookies. Any such tools are used for the purposes described in this document.
Users are responsible for any third-party Personal Data obtained, published or shared through TimeFinder.
↑ Back to topThe Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data. See the Data Security section for details.
In addition to the Owner, your data may be accessible to the service providers listed in the Third-Party Vendors table. These providers act as processors or service providers on our behalf under contract.
Some data flows are initiated directly by you rather than by TimeFinder alone. For example, if you sign in with Apple or Google, connect Google Tasks, Todoist, or TickTick, or send a support email through your own mail app, the relevant data is exchanged with those services because you chose to use that feature.
The Data is processed at the Owner's operating offices and by the third-party service providers listed in this policy, many of which are located in the United States.
Depending on the User's location, data transfers may involve transferring the User's Data to a country other than their own.
Your data is primarily processed in the United States, where TimeFinder and most of its service providers are located. Some providers may also process data in other countries; refer to each provider's privacy policy (linked in the Third-Party Vendors table) for details.
For transfers of personal data from the European Economic Area, we rely on the European Commission's Standard Contractual Clauses (SCCs) incorporated into our agreements with service providers, and where a provider participates in the EU-U.S. Data Privacy Framework, that framework may also apply. For transfers from the United Kingdom, we rely on the UK International Data Transfer Addendum to the EU SCCs. For transfers from Switzerland, we rely on the SCCs as recognized by the Swiss Federal Data Protection and Information Commissioner (FDPIC). You may request information about the relevant safeguards by contacting us at [email protected].
Unless specified otherwise in this document, Personal Data is kept for as long as needed to provide the service, comply with legal obligations, resolve disputes, enforce agreements, or honor your choices.
We collect and process your data for the following reasons: to provide TimeFinder's features, to understand how the app is used so we can improve it, to fix crashes and bugs, to manage subscriptions and purchases, to power optional AI features, to support connected integrations you enable, to respond to your support requests, and to comply with legal obligations. The specific activities involved are: Analytics, Registration and Authentication, Hosting and Backend Infrastructure, Error Monitoring and Crash Reporting, Subscription and Paywall Management, Content Performance and Features Testing (A/B testing), Beta Testing, Support and Feedback, Connected Third-Party Integrations, Optional Diagnostics, Landing Site Analytics, and AI-Powered Features.
For specific information about the Personal Data used for each purpose, the User may refer to the Policy Summary section above.
TimeFinder offers an optional AI Assistant feature that, when explicitly enabled by the User, sends scheduling context to a third-party AI provider for processing. No data is sent to any AI provider unless you opt in. This includes optional image attachments when you choose to send them.
When you use an AI feature, the selected provider acts as a processor/service provider for that request. TimeFinder also keeps a limited internal request log in Firestore for quota enforcement, abuse prevention, troubleshooting, and support. That Firestore log can include your user ID, the selected provider, request status, image count and size, prompt classification, and a truncated portion of your prompt.
Separately, operational cloud logs used for debugging and monitoring can include the full user input, the generated system/user prompts sent through the AI pipeline, and structured response/error details. Those cloud logs are retained according to our cloud logging configuration. AI image files themselves are not written to the Firestore request-log collection, but metadata about attached images, such as count and total size, may be logged.
Anthropic Claude AI (Anthropic PBC)
When you use AI features with Claude selected, the following data is sent to Anthropic's servers in the United States:
Data Retention: Anthropic retains API data for a limited period for trust and safety purposes, after which it is deleted. Your data is not used to train Anthropic's models. See Anthropic's privacy policy for current retention details.
Legal Basis (GDPR): Consent. You must explicitly opt in to AI features before any data is sent to Anthropic.
Privacy Policy: https://www.anthropic.com/privacy
Data Processing Agreement: https://www.anthropic.com/legal/commercial-terms
OpenAI ChatGPT (OpenAI, L.L.C.)
When you use AI features with ChatGPT selected, your prompts, any images you attach, and relevant scheduling context (existing Tasks and Appointments) are sent to OpenAI's servers for processing.
Personal Data processed: AI prompts entered by User; optional image attachments; Task titles and descriptions; Appointment titles, times, durations, and descriptions.
Place of processing: United States – Privacy Policy – Data Processing Terms.
Data retention: OpenAI retains API data for a limited period for abuse monitoring, then deletes it. User data is not used to train AI models under the API terms. See OpenAI's data processing terms for current retention details.
Google Gemini (Google LLC)
When you use AI features with Gemini selected, your prompts, any images you attach, and relevant scheduling context (existing Tasks and Appointments) are sent to Google's servers for processing.
Personal Data processed: AI prompts entered by User; optional image attachments; Task titles and descriptions; Appointment titles, times, durations, and descriptions.
Place of processing: United States – Privacy Policy – API Terms.
Data retention: Google retains API data for a limited period for detecting violations of its usage policies, then deletes it. User data is not used to train AI models under the paid API terms. See Google's API terms for current retention details.
↑ Back to topTimeFinder offers two main support/feedback paths: a feedback board powered by Featurebase and a user-initiated support email flow.
Featurebase feedback board. When you open the feedback board from inside the app, TimeFinder requests a short-lived token that can include your email address, name, and user ID so the board can identify your account. The app also includes contextual metadata such as platform and app version.
Support email. When you tap the feedback/support email action, TimeFinder prepares an email in your own mail app with helpful troubleshooting context such as your user ID, app version, device details, time zone, and other active devices. That information is only transmitted if you choose to send the email.
↑ Back to topTimeFinder lets you connect third-party services such as Google Tasks, Todoist, and TickTick. These integrations are optional and only operate if you choose to enable them.
When you connect one of these services, TimeFinder stores the credentials, linked account identifiers, mapping metadata, selection preferences, and sync timestamps needed to keep the integration running. It also exchanges the relevant list, task, or project data with that service so imports, exports, and two-way sync can work as expected.
You can disconnect these integrations from the relevant settings screen at any time. Once disconnected, TimeFinder stops using the stored credentials for future sync activity.
↑ Back to topThe following table lists every third-party service that may process your data as part of TimeFinder.
| Vendor | What it does for us | Opt-in / Always on |
|---|---|---|
| Firebase (Google Cloud) | Authentication, database, cloud functions, storage, analytics, Crashlytics, remote config | Always on (core infrastructure); analytics portion respects opt-out |
| Amplitude | Feature usage analytics | Respects opt-out |
| Sentry | Crash reporting, error monitoring, session replay | Always on (anonymous after opt-out) |
| RevenueCat | Subscription management, purchase validation | Always on (required for subscriptions) |
| Superwall | Paywall display and A/B testing | Always on (required for purchase flows) |
| AppsFlyer | Install attribution (which marketing channels lead to installs) | Respects opt-out; iOS requires ATT consent |
| Featurebase | Feedback board | Only when you open the feedback board |
| Anthropic (Claude AI) | AI Assistant (when Claude is selected) | Opt-in only |
| OpenAI (ChatGPT) | AI Assistant (when ChatGPT is selected) | Opt-in only |
| Google (Gemini AI) | AI Assistant (when Gemini is selected) | Opt-in only |
TimeFinder is a subscription-funded app. We make money when you subscribe, not by selling or monetizing your data.
We have never sold personal data and have no plans to do so. We do not build advertising profiles or share your information with data brokers.
The third-party services listed in the Third-Party Vendors table help us operate TimeFinder. These vendors process data on our behalf to perform specific functions. They are not buying your data from us, and their contracts prohibit them from using it for their own independent marketing or commercial purposes.
Some data flows are initiated by you. When you sign in with Apple or Google, connect Google Tasks, Todoist, or TickTick, or send a support email from your own mail app, the relevant data is exchanged with those services because you chose to use that feature. Those services operate under their own privacy policies.
For California residents: because our service providers process data on our behalf under written contracts that meet the CCPA's "service provider" requirements, these data transfers do not constitute a "sale" or "sharing" of personal information under the CCPA.
↑ Back to topTimeFinder provides a built-in analytics toggle in Settings > Data & Privacy. When you turn analytics off, the following changes take effect immediately:
This preference is applied on every app launch and persists until you change it. You can re-enable analytics at any time from the same settings screen.
This in-app toggle applies to the app itself. It does not control analytics on the public marketing website at timefinder.app.
↑ Back to topTimeFinder includes several privacy controls directly in the app.
Users may exercise certain rights regarding their Data processed by the Owner.
In particular, Users have the right to do the following, to the extent permitted by law:
Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. These requests are free of charge and will be answered by the Owner as early as possible and always within one month, providing Users with the information required by law.
↑ Back to topTimeFinder is not directed at children. We do not knowingly collect personal information from children under the age of 16, or a lower age where permitted by applicable local law (but in no case under 13). If we become aware that we have collected personal information from a child below the applicable age threshold, we will take steps to delete that information as promptly as possible. If you believe that a child has provided us with personal information, contact us at [email protected].
↑ Back to topWe take the security of your data seriously. Measures in place include:
In the unlikely event of a data breach that affects your personal data, we will notify affected Users without undue delay and, where required by law, within the timeframes mandated by applicable regulation (e.g., 72 hours for supervisory authority notification under GDPR). Notification will be sent via email to the address associated with your account.
↑ Back to topThis section applies to all Users in the European Union, according to the General Data Protection Regulation (the "GDPR"), and, for such Users, supersedes any other possibly divergent or conflicting information contained in the privacy policy.
The following table maps each processing activity to its legal basis under the GDPR:
| Processing activity | Legal basis |
|---|---|
| Account registration and authentication | Performance of contract |
| Hosting, syncing, and storing your content | Performance of contract |
| Subscription and paywall management | Performance of contract |
| Connected integrations (Google Tasks, Todoist, TickTick) | Performance of contract (you requested the feature) |
| Crash reporting and error monitoring | Legitimate interest (maintaining app stability) |
| Analytics (when enabled) | Consent (via in-app toggle) |
| Install attribution (AppsFlyer) | Consent (ATT on iOS) / Legitimate interest (Android) |
| AI features | Consent (explicit opt-in) |
| A/B testing (Remote Config) | Legitimate interest (improving the service) |
| Support and feedback | Performance of contract / Legitimate interest |
| Data breach notification | Legal obligation |
This section applies to Users in the United Kingdom under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, and supplements the information in this privacy policy.
UK users have the same data protection rights as described in the EU section above, including the rights of access, rectification, erasure, restriction, portability, and objection. International transfers of your data from the UK are subject to the safeguards described in the international transfers section above.
You may lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
↑ Back to topThis section summarizes rights that may be available to Users in the United States under applicable state privacy laws, including the California Consumer Privacy Act (CCPA/CPRA) and, where applicable, similar state laws such as the New Jersey Data Privacy Act. Some of these laws apply only when a business meets specific statutory thresholds.
Even when a particular U.S. state privacy law does not apply to TimeFinder, we will try to honor reasonable access, correction, deletion, export, and opt-out requests from U.S. users whenever feasible and legally appropriate.
We may collect the following categories of personal information about you: identifiers (email address, name, user ID, anonymous account ID, connected-service account IDs), commercial information (in-app purchase history and subscription status), internet or other electronic network activity information (feature usage, session data, crash reports, website analytics), geolocation data at the country/region level, and content you create or choose to send through support, feedback, AI, or connected integrations.
TimeFinder does not "sell" or "share" (as those terms are defined under the CCPA) your personal information for cross-context behavioral advertising or other third-party marketing uses. TimeFinder is funded by subscriptions, not advertising revenue. Our service providers process data on our behalf under written contracts. If you choose to use a connected integration or identity provider, the data exchanged with that service is disclosed because you requested the feature.
TimeFinder may process account login credentials (managed by Firebase Authentication) and the content you create within the app. We use this information only as needed to provide the service and do not use it for purposes that would require offering a right to limit under the CPRA.
You may exercise certain rights regarding your data processed by us. In particular, you have the right to:
To exercise the rights described above, contact us using the details in this document. For us to respond, we may need to verify your identity and confirm that the request relates to your account.
You may designate an authorized agent to submit a request on your behalf. We may require proof of authorization and may still need to verify your identity directly.
If we deny a request that you believe is available to you under an applicable U.S. state privacy law, you may appeal by replying to our response or emailing [email protected] with the subject line "Privacy Appeal" within 30 days of the denial.
↑ Back to topThis section applies to Users in Switzerland under the Swiss Federal Act on Data Protection (FADP) and supplements the rest of this privacy policy.
You have the right to: access your personal data and receive a copy; request correction of inaccurate data; request deletion of your data; request data portability; and object to processing. To exercise these rights, contact us at [email protected].
Your data is transferred to the United States. For transfers from Switzerland, we rely on the Standard Contractual Clauses as recognized by the FDPIC, and where applicable, the Swiss-U.S. Data Privacy Framework.
You may lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) at edoeb.admin.ch.
↑ Back to topThis section applies to Users in Brazil under the Lei Geral de Protecao de Dados (LGPD) and supplements the rest of this privacy policy.
We process your personal data on the following bases under LGPD Art. 7: performance of a contract or preliminary procedures related to a contract (account, content hosting, subscriptions, integrations); consent (analytics when enabled, AI features); legitimate interest (crash reporting, app improvement); and compliance with legal obligations.
You have the right to: confirmation of the existence of processing; access to your data; correction of incomplete, inaccurate, or outdated data; anonymization, blocking, or deletion of unnecessary or excessive data; portability of your data to another service provider; deletion of data processed with your consent; information about public and private entities with which your data has been shared; information about the possibility of not providing consent and the consequences of refusal; and revocation of consent.
Contact us at [email protected]. We will respond within the timeframes required by applicable law.
Your data is transferred to the United States. We rely on the safeguards described in the international transfers section of this policy to protect your data during transfer, in accordance with LGPD Art. 33.
↑ Back to topThis section applies to Users in Australia under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), and supplements the rest of this privacy policy.
Your data is primarily transferred to and processed in the United States by TimeFinder and its service providers. Some providers may also process data in other countries; refer to each provider's privacy policy (linked in the Third-Party Vendors table) for details.
You have the right to: access the personal information we hold about you; request correction of inaccurate, out-of-date, or incomplete information; and lodge a complaint about our handling of your personal information. To exercise these rights, contact us at [email protected].
If you are not satisfied with our response to a privacy complaint, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
↑ Back to topApril 2026: Added a summary section, a named vendor table, and sections for AI features, third-party integrations, analytics opt-out behavior, and data management controls.
Latest update: April 3, 2026