Privacy Policy

Last updated: December 27, 2025

1. Data Controller

Responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is:

Marvin Länger

Email: m.laenger@mrvn.me

2. Introduction

We take the protection of your personal data very seriously. This privacy policy informs you about the type, scope and purpose of the processing of personal data when using our iOS app "Timelime - Focus Time" (hereinafter "App").

3. Legal Basis for Processing

The processing of your personal data is based on the following legal grounds:

  • Art. 6 Abs. 1 lit. a DSGVO: Consent for processing calendar data
  • Art. 6 Abs. 1 lit. b DSGVO: Processing for the fulfillment of the contract (subscription)
  • Art. 6 Abs. 1 lit. f DSGVO: Legitimate interest to improve the app and prevent fraud

4. Data Collected

4.1 Calendar Data

Timelime accesses your calendar data to identify gaps in your schedule for focused work time. This data is processed locally on your device and is not transmitted to our servers.

4.2 Purchase Information (via RevenueCat)

We collect purchase history information through RevenueCat for subscription management:

  • Transaction IDs and purchase dates
  • Subscription status and expiration dates
  • Product identifiers and pricing information
  • App Store receipt data

4.3 User Identifiers

We generate anonymous user IDs to manage your subscription and app functionality.

4.4 Device and Usage Information

We may collect limited device information:

  • Device model and iOS version
  • Language and currency settings
  • App version and crash reports

5. Purpose of Data Processing

  • App Functionality: Analysis of your calendar to identify focus time gaps
  • Subscription Management: Validation of purchases and management of premium features
  • Analytics: Understanding usage patterns and improving user experience
  • Fraud Prevention: Validation of receipts and prevention of unauthorized access
  • Customer Support: Responding to your inquiries and resolving issues

6. Data Sharing with Third Parties

6.1 RevenueCat

We use RevenueCat for subscription management. RevenueCat processes purchase history data to provide subscription features. RevenueCat's privacy policy can be found at https://www.revenuecat.com/privacy

6.2 Apple App Store

All purchases are processed through the Apple App Store. Apple collects payment information independently, and we do not have access to your payment card details.

7. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Calendar data is processed locally on your device whenever possible
  • Data transmitted to our servers is encrypted using industry-standard protocols
  • Secure data storage and access control following best practices
  • Purchase data is securely processed through RevenueCat's infrastructure

8. Changes to this Privacy Policy

We may update this privacy policy from time to time. We will notify you of any material changes through a notification in the app and by updating the "Last updated" date.

9. Children's Privacy

Timelime is not intended for use by children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

10. International Data Transfer

Your data may be transferred to countries outside the EU/EEA. We ensure that appropriate safeguards are in place to protect your data in accordance with this privacy policy and applicable laws.

11. Your Rights (Art. 15-22 GDPR)

You have the following rights regarding your personal data:

  • Right of Access (Art. 15 GDPR): You have the right to obtain information about the personal data we process
  • Right to Rectification (Art. 16 GDPR): You have the right to request correction of inaccurate data
  • Right to Erasure (Art. 17 GDPR): You have the right to request deletion of your data
  • Right to Restriction of Processing (Art. 18 GDPR): You have the right to request restriction of processing
  • Right to Data Portability (Art. 20 GDPR): You have the right to receive your data in a structured, commonly used and machine-readable format
  • Right to Object (Art. 21 GDPR): You have the right to object to the processing of your data
  • Right to Withdraw Consent (Art. 7 GDPR): You can withdraw your consent at any time with effect for the future

To exercise these rights, please contact us at the email address below.

12. Right to Lodge a Complaint with a Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority about our processing of your personal data. The supervisory authority responsible for us is:

The Hessian Commissioner for Data Protection and Freedom of Information

P.O. Box 3163, 65021 Wiesbaden

Website: datenschutz.hessen.de

13. Contact

If you have any questions about this privacy policy or our privacy practices, please contact us:

Email: m.laenger@mrvn.me