Privacy Policy

We value your privacy and data. By using BetterCalendar, you agree to this policy. At any time, you may delete your account, and everything in it from the app settings page. We cannot recover your data after this happens. 

Privacy Policy

Privacy Policy for Timeline

Last Updated: November 5, 2025

Effective Date: November 5, 2025

Introduction

Timeline ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how our iOS application collects, uses, stores, and protects your information.

Important: Timeline uses cloud storage to sync your data across your devices. While we use industry-standard security measures, your data is stored on our servers. We will never sell your data or use it for advertising.

Information We Collect

1. Account Information

What we collect:

• Anonymous user identifier (generated automatically by Firebase Authentication)

• Device tokens for authentication

• Account creation date

• Last sign-in date

Why we collect it:

• To create and maintain your account

• To sync your data across your devices

• To secure your information

How it's stored:

• Stored in Firebase Authentication (Google Cloud Platform)

• Encrypted in transit and at rest

• Not linked to your personal identity unless you choose to add an email

2. Calendar Data

What we collect:

• Calendar events from your device's Calendar app

• Event titles, descriptions, start times, end times, durations

• Event locations and addresses

• Event recurrence patterns

• Event notes and attachments

• Event types you assign (work, personal, appointment, meeting, travel, meal, exercise, entertainment, other)

• Event colors and custom properties

Why we collect it:

• To display your events in Timeline's timeline view

• To show events on the integrated map view

• To sync your events across all your devices

• To provide backup and restore functionality

How it's stored:

• Stored in Google Cloud Firestore (Google Cloud Platform)

• Encrypted in transit using TLS/SSL

• Encrypted at rest using AES-256 encryption

• Isolated per user account (other users cannot access your events)

Your control:

• You grant calendar access when first launching the app

• You can revoke access anytime in iOS Settings → Privacy & Security → Calendars → Timeline

• You can delete events individually or all at once

• You can delete your account to remove all data from our servers

3. Custom Places

What we collect:

• Place names and descriptions

• Geographic coordinates (latitude/longitude)

• Custom icons (SF Symbols identifiers or emoji characters)

• Place categories (home, work, gym, restaurant, store, park, school, other)

• Personal notes about places

• Creation and modification timestamps

Why we collect it:

• To display your custom places on maps

• To sync your places across devices

• To associate places with events

How it's stored:

• Stored in Google Cloud Firestore

• Encrypted in transit and at rest

• Isolated per user account

4. Contact Location Associations

What we collect:

• Associations between contact identifiers and geographic locations

• Custom icons for contact locations (home, work, other)

• Contact names (read from your device's Contacts app)

• Contact addresses (read from your device's Contacts app)

Why we collect it:

• To display contact locations on the map

• To sync contact location associations across devices

How it's stored:

• Contact associations stored in Google Cloud Firestore

• We store only the contact identifier and location data, not full contact details

• Actual contact data remains on your device; we only reference it

Important: We do not upload your full contact information. We only store which contacts you've associated with map locations.

5. Settings and Preferences

What we collect:

• Theme selection (light, dark, system)

• Display preferences (24-hour time format)

• Map display options (show/hide contacts, show/hide custom places)

• Map style preference (standard, satellite, hybrid)

• Weekly start day preference

Why we collect it:

• To sync your preferences across devices

• To provide a consistent experience

How it's stored:

• Stored in Google Cloud Firestore

• Encrypted in transit and at rest

6. Device and Usage Information

What we automatically collect:

• Device model and iOS version

• App version

• Timestamp of last sync

• Error logs (only if app encounters sync issues)

Why we collect it:

• To troubleshoot sync issues

• To ensure compatibility across iOS versions

• To improve app stability

How it's stored:

• Stored in Google Cloud Firestore

• Associated with your anonymous user ID

7. Location Data

What we collect:

• Your current geographic location (only when map view is active)

• Location data is NOT stored on our servers

Why we collect it:

• To display your current location on the map

• To help you position custom place pins accurately

• To center the map on your location

How it's used:

• Processed locally on your device

• Used only to update the map display

• NOT transmitted to our servers or logged

Your control:

• Optional permission requested when you first use map features

• Revoke anytime in iOS Settings → Privacy & Security → Location Services → Timeline

How We Use Your Information

We use the information we collect to:

1. Provide Core Functionality

   • Display and manage your calendar events

   • Show custom places and contact locations on maps

   • Provide timeline and calendar views

2. Sync Across Devices

   • Keep your data synchronized across all your devices

   • Ensure you have access to your information anywhere

3. Backup and Recovery

   • Protect your data from device loss

   • Allow you to restore data on new devices

4. Improve the App

   • Fix bugs and crashes

   • Optimize performance

   • Develop new features

5. Provide Support

   • Respond to your questions and issues

   • Troubleshoot technical problems

Data Storage and Security

Cloud Storage Infrastructure

Google Cloud Firestore:

• Industry-leading cloud database service

• Hosted on Google Cloud Platform

• Data centers in [specify region: US, Europe, etc.]

• SOC 2, SOC 3, ISO 27001 certified

• GDPR and CCPA compliant infrastructure

Security Measures

Encryption:

• In Transit: All data transmitted using TLS 1.3 encryption

• At Rest: All data encrypted using AES-256 encryption

• Keys: Managed by Google Cloud Platform Key Management Service

Access Controls:

• Data isolated per user account

• Users can only access their own data

• Role-based access controls for app infrastructure

• Multi-factor authentication required for administrative access

Firebase Security Rules:

Network Security:

• Firewalls protect database access

• DDoS protection enabled

• Regular security audits

Application Security:

• Secure authentication tokens

• Token expiration and refresh

• Protection against common vulnerabilities (SQL injection, XSS, etc.)

Data Redundancy and Backup

• Firestore automatically replicates data across multiple zones

• Regular automated backups

• Point-in-time recovery available (for disaster recovery)

• 99.999% uptime SLA from Google Cloud

Limitations

While we implement industry-standard security:

• No system is 100% secure

• We cannot protect against compromised account credentials

• We recommend using a strong, unique password

• Enable device security (passcode, Face ID, Touch ID)

Data Sharing and Disclosure

We Do NOT Share Your Data With:

❌ Advertisers or marketing companies

❌ Data brokers

❌ Social media platforms

❌ Analytics companies (beyond basic Firebase Analytics - see below)

❌ Any third party for commercial purposes

We will never sell or rent your personal information.

Third-Party Services We Use

Google Firebase / Firestore

Purpose: Cloud database and authentication

Data Shared: All data described in "Information We Collect"

Privacy Policy: https://firebase.google.com/support/privacy

Compliance: GDPR, CCPA compliant

Location: [Specify: US, Europe, or multi-region]

Firebase Authentication

Purpose: Secure user authentication

Data Shared: Anonymous user ID, authentication tokens

Privacy: Password-less authentication (if applicable) or hashed passwords

Firebase Crashlytics (If Used)

Purpose: Crash reporting to fix bugs

Data Shared: Device model, iOS version, crash logs (no personal data)

Your Control: Can opt-out in app settings

Privacy Policy: https://firebase.google.com/support/privacy

Firebase Analytics (If Used)

Purpose: Understand app usage to improve features

Data Collected: App opens, feature usage, device type (no personal identifiers)

Your Control: Can opt-out in app settings

Privacy Policy: https://firebase.google.com/support/privacy

Apple Frameworks

EventKit: Access to device calendar (data synced to our servers)

Contacts: Read-only access to contacts (only identifiers stored)

MapKit: Map display (map tiles from Apple)

Core Location: Location services (not stored on servers)

When We May Disclose Information

We may disclose your information only in these circumstances:

1. Legal Compliance:

   • To comply with valid legal process (subpoena, court order, warrant)

   • To meet national security requirements

   • As required by applicable law

2. Safety and Security:

   • To protect rights, property, or safety of Timeline, users, or public

   • To detect, prevent, or address fraud or security issues

   • To enforce our Terms of Service

3. Business Transfers:

   • If Timeline is acquired or merged, your data may transfer to new owner

   • You will be notified and given options regarding your data

4. With Your Consent:

   • If you explicitly authorize us to share specific information

Transparency: We have received 0 legal data requests to date.

International Data Transfers

Data Location

Your data is stored on Google Cloud servers in: [Specify region: United States / Europe / Asia-Pacific]

Cross-Border Transfers

If you use Timeline from outside this region:

• Your data will be transferred to and stored in [specified region]

• We use standard contractual clauses approved by regulatory authorities

• Google Cloud Platform complies with EU-US and Swiss-US Privacy Shield frameworks (where applicable)

GDPR Compliance (EEA Users)

For European Economic Area users:

• We rely on standard contractual clauses for data transfers

• Your data is protected by GDPR-compliant safeguards

• You retain all rights under GDPR (see "Your Privacy Rights" below)

UK Users

• Data transfers comply with UK GDPR

• Standard contractual clauses in place

Data Retention

How Long We Keep Your Data

Active Accounts:

• Data retained as long as your account is active

• No automatic deletion while you use Timeline

Inactive Accounts:

• Accounts inactive for [specify: 2 years / 3 years] may be flagged for deletion

• We'll email you (if provided) before deletion

• You can reactivate before deletion deadline

Account Deletion:

• When you delete your account, we permanently delete:

   • All calendar events

   • All custom places

   • All contact location associations

   • All settings and preferences

   • Authentication information

Deletion Timeline:

• Immediate: Data removed from active database

• Within 30 days: Deleted from backup systems

• Within 90 days: Completely purged from all systems

Legal Retention:

• We may retain minimal data if required by law (e.g., financial records if applicable)

• Anonymized analytics may be retained for app improvement

Data After App Deletion

If you delete the app:

• App and local data removed from your device

• Cloud data remains available (so you can reinstall)

• To delete cloud data, you must delete your account within the app first

Your Privacy Rights

Universal Rights

All Timeline users have the right to:

✓ Access: View all your data within the app or request a copy

✓ Correct: Edit any event, place, or setting

✓ Delete: Remove individual items or your entire account

✓ Export: Download your data in machine-readable format

✓ Revoke Permissions: Disable calendar, contacts, or location access

Response Time:

• Simple requests: 5-7 business days

• Complex requests: Up to 30 days

California Residents (CCPA/CPRA)

Under California law, you have the right to:

1. Know: What personal information we collect

See "Information We Collect" section

2. Access: Request copies of your personal information

Use in-app export feature or contact us

3. Delete: Request deletion of your personal information

Use in-app account deletion or contact us

4. Correct: Fix inaccurate personal information

Edit directly in app or contact us

5. Opt-Out of Sale: We don't sell personal information

Not applicable - we never sell data

6. Limit Use of Sensitive Information: Control sensitive data use

We only use data to provide Timeline services

7. Non-Discrimination: Not be discriminated against for exercising rights

All users receive equal service

How to Submit CCPA Request:

• Email: [your-email@example.com] with subject "CCPA Request"

• Or use in-app privacy tools

Verification: We may ask you to verify your identity to prevent fraud

European Economic Area Residents (GDPR)

Under GDPR, you have the right to:

1. Right to Access (Article 15)

   • Request confirmation of data processing

   • Access your personal data

   • How: In-app export or email us

2. Right to Rectification (Article 16)

   • Correct inaccurate data

   • Complete incomplete data

   • How: Edit directly in app

3. Right to Erasure (Article 17) - "Right to be Forgotten"

   • Request deletion of your data

   • How: In-app account deletion or email us

4. Right to Restrict Processing (Article 18)

   • Limit how we use your data

   • How: Contact us to restrict processing

5. Right to Data Portability (Article 20)

   • Receive data in machine-readable format

   • Transfer to another service

   • How: In-app export (JSON format)

6. Right to Object (Article 21)

   • Object to data processing

   • How: Stop using app or delete account

7. Right to Withdraw Consent

   • Withdraw consent at any time

   • How: Revoke permissions in iOS Settings

8. Right to Lodge a Complaint

   • File complaint with supervisory authority

   • Your local data protection authority

Legal Basis for Processing:

• Consent: You create an account and grant permissions

• Contract: Necessary to provide Timeline services

• Legitimate Interest: Improve app functionality and security

Data Controller: [Your Name/Company Name], [Address]

Data Protection Officer: [If applicable, or state N/A]

EU Representative: [If applicable, or state N/A]

UK Residents (UK GDPR)

Same rights as EEA residents under UK GDPR.

UK Supervisory Authority: Information Commissioner's Office (ICO)

Website: https://ico.org.uk

Other Jurisdictions

We respect privacy rights under all applicable laws. Contact us to exercise rights specific to your location.

Children's Privacy (COPPA Compliance)

Timeline is appropriate for users 13 years and older.

Age Restriction

• Timeline requires users to be at least 13 years old

• We do not knowingly collect information from children under 13

• Account creation requires age verification

If We Discover Underage Use

• We will immediately delete the account

• We will permanently delete all associated data

• We will notify parents if contact information is available

Parental Control

• Parents should monitor children's device usage

• iOS Screen Time features can restrict app usage

• Parents can request account deletion by contacting us

COPPA Compliance

If you believe a child under 13 has created an account:

• Email us immediately: [your-email@example.com]

• Subject: "Underage Account Report"

• We will investigate and take action within 24 hours

Cookies and Tracking Technologies

What We Use

Firebase SDK:

• Session tokens for authentication

• Persistent identifiers for data sync

• Stored locally on your device

We Do NOT Use:

• Third-party tracking cookies

• Advertising identifiers

• Cross-site tracking

• Fingerprinting techniques

Your Control

• Clear app data in iOS Settings → Timeline → Clear Cache

• Sign out to remove authentication tokens

Automated Decision-Making and AI

Timeline does not use:

• Artificial intelligence or machine learning on your personal data

• Automated profiling

• Algorithmic decision-making that affects your rights

The app displays data you create—we don't analyze or make decisions about you.

Your Responsibilities

To protect your account:

✓ Use a strong, unique password (if applicable)

✓ Don't share your account credentials

✓ Enable device security (passcode, Face ID, Touch ID)

✓ Keep your device's iOS version updated

✓ Sign out on shared devices

✓ Report suspicious activity immediately

Data Breach Notification

Our Commitment:

• We monitor for security incidents 24/7

• Google Cloud provides automatic threat detection

If a Breach Occurs:

1. Investigation: Immediate assessment of impact

2. Containment: Stop ongoing breach

3. Notification:

   • Affected users notified within 72 hours (GDPR requirement)

   • Email and in-app notification

   • Details about what data was affected

   • Steps you should take

4. Remediation: Fix vulnerabilities

5. Regulatory Reporting: Notify authorities as required by law

Contact for Breach Concerns:

• Email: [security-email@example.com]

• Subject: "Security Concern"

Changes to This Privacy Policy

How We Update

We may update this policy when:

• We add new features

• We change data practices

• Legal requirements change

• Industry best practices evolve

How We Notify You:

1. Update "Last Updated" date at top of this policy

2. In-app notification for material changes

3. Email notification (if we have your email)

4. App Store update notes

Your Options

If you disagree with changes:

• You may stop using Timeline

• You may delete your account

• Contact us with concerns

Continued use after notification constitutes acceptance of changes.

Material Changes

We will NEVER:

• Start selling your data without explicit consent

• Share data with advertisers without notice

• Reduce your privacy rights without giving you opt-out options

Contact Us

General Inquiries

Email: [bettercalsupport@connectitcorp.com]

Response Time: 5-7 business days

Privacy-Specific Requests

Subject Line Suggestions:

• "Data Access Request"

• "Account Deletion Request"

• "Privacy Question"

• "GDPR Request"

• "CCPA Request"

Governing Law

This Privacy Policy is governed by the laws of [Your Jurisdiction, e.g., "California, United States"], without regard to conflict of law principles.

Dispute Resolution

Informal Resolution:

• Contact us first to resolve issues amicably

• We'll work in good faith to address your concerns

Formal Resolution:

• [Choose one: Arbitration / Mediation / Court jurisdiction]

• Example: "Disputes will be resolved through binding arbitration in [City, State] under [Arbitration Association] rules"

Severability

If any provision is found unenforceable, remaining provisions remain in effect.

Entire Agreement

This Privacy Policy and Terms of Service constitute the entire agreement regarding your use of Timeline.

Compliance Certifications

Timeline's privacy practices comply with:

✓ California Consumer Privacy Act (CCPA/CPRA)

✓ General Data Protection Regulation (GDPR)

✓ UK GDPR

✓ Children's Online Privacy Protection Act (COPPA) - 13+ age requirement

✓ Apple App Store Privacy Guidelines

✓ Google Cloud Platform Security Standards

✓ SOC 2 Type II (via Google Cloud)

✓ ISO 27001 (via Google Cloud)

App Store Privacy Nutrition Label

Timeline's App Store privacy label disclosure:

Data Used to Track You

None - We don't track you across apps or websites

Data Linked to You

• ✅ User Content: Events, places, settings (synced to cloud)

• ✅ Identifiers: User ID (for account management only)

• ✅ Usage Data: Basic feature usage (if analytics enabled)

Data Not Linked to You

• Diagnostics: Crash logs (anonymized, if Crashlytics enabled)

Privacy by Design Principles

Timeline follows these privacy principles:

1. Data Minimization: Collect only what's necessary

2. Purpose Limitation: Use data only for stated purposes

3. Storage Limitation: Keep data only as long as needed

4. Integrity and Confidentiality: Strong security measures

5. Transparency: Clear communication about data practices

6. User Control: You control your data and permissions

Your Consent

By creating an account and using Timeline, you:

1. ✓ Acknowledge you have read this Privacy Policy

2. ✓ Understand how we collect, use, and store your data

3. ✓ Consent to data processing as described

4. ✓ Consent to cloud storage of your data on Google Cloud Platform

5. ✓ Understand you can withdraw consent by deleting your account

6. ✓ Confirm you are at least 13 years old

Without consent, we cannot provide Timeline's services.

Summary (Plain Language)

What we collect:

• Calendar events you create or sync

• Custom places and settings

• Contact location associations

Where it's stored:

• Google Cloud Firestore (encrypted and secure)

• Your data is backed up automatically

Who can see it:

• Only you (data is isolated per account)

• Timeline developers CANNOT view your personal data

• Google provides infrastructure but doesn't access your data

How we use it:

• Show your events and places

• Sync across your devices

• Backup your data

What we DON'T do:

• ❌ Sell your data

• ❌ Show you ads

• ❌ Share with third parties

• ❌ Track you