Privacy

Your rights

You have the right to ask for confirmation as to whether the data in question is being processed and for information about this data as well as for further information and a copy of the data in accordance with Article 15 of the GDPR.

In accordance with Article 16 of the GDPR, you have the right to demand the completion of the data concerning you or the correction of the incorrect data concerning you.

In accordance with Article 17 of the GDPR, you have the right to demand that the data in question be deleted without delay, or, alternatively, to require a restriction of the processing of data in accordance with Article 18 of the GDPR.

You have the right to request that the data relating to you provided to us be obtained in accordance with Article 20 of the GDPR and to request that it be transmitted to other persons responsible.

You also have the right under Article 77 GDPR to file a complaint with the competent supervisory authority.

You have the right to revoke granted consent in accordance with Article 7 (3) GDPR with future effect

You may at any time object to the future processing of your data in accordance with Article 21 of the GDPR. The objection may in particular be made against processing for direct marketing purposes.

If you have any questions about this which are not answered by this privacy policy, you can always contact us under the contact information specified in the imprint.

Installed Apps

When using TimeLimit, TimeLimit captures which Apps are installed. That includes:

This data is stored on your device.

If you are using the connected mode and you select a child user as an user of a device, then this list will be synchronized with the server of TimeLimit. This data will be stored there, sent to all devices assigned to your family and stored on these devices.

Categories

You can create categories in TimeLimit, for which you can select time limits and apps. A category includes:

This data is stored on your device.

If you are using the connected mode and you select a child user as a user of a device, then this list will be synchronized with the server of TimeLimit. This data will be stored there, sent to all devices assigned to your family and stored on these devices.

If you are using the connected mode, then a timestamp of the last change rounded to 48 hours is saved for usage duration entries. This is used to delete old usage duration entries.

Devices

When you use TimeLimit, TimeLimit captures the status of your device. This includes:

This data is stored on your device.

If you are using the connected mode and you select a child user as a user of a device, then this list will be synchronized with the server of TimeLimit. This data will be stored there, sent to all devices assigned to your family and stored on these devices. The TimeLimit Server can use the user id and if the user chose to not get asked for the password again for the authentication.

If you are using the connected mode, then the server saves the timestamp of the last connection from a device rounded to 12 hours. This is used to show in the device list if a device was not connected for a long duration and for automatically deleting old users.

Actions

When you use TimeLimit, there are actions like changing of settings or saving the used time. These actions are exeucted directly in the local mode.

If you are using the connected mode, then these actions are stored on your device until TimeLimit sent them to the Server. The Server of TimeLimit does not store these actions, but applies them to the data which is stored on it. From there, the changed data is sent to all device assigned to your family and it's stored on this devices.

Temporarily allowed Apps

You can allow Apps in TimeLimit temporarily. Then, the package name of the allowed App is stored as long as the App is allowed.

This data is not transmitted.

Users

You can add multiple users (parents and children) in TimeLimit.

A user includes:

This data is stored on your device.

If you are using the connected mode and you select a child user as a user of a device, then this list will be synchronized with the server of TimeLimit. This data will be stored there, sent to all devices assigned to your family and stored on these devices.

Device connection status

If you chose to show the connection status of on device at the other devices, then - if the device is connected - a message is sent to all devices linked with the family. This data is not saved.

Connection to the Server

In the connected mode, TimeLimit keeps an websocket connection to the server. This is used to trigger a synchronization when changes were made on other devices. This connection exists in the connected mode if:

Network time verification

TimeLimit provides the option to ignore the local clock and request the time via the Internet. If the feature is enabled, a request is frequently sent to the TimeLimit server.

Device authentication token

If you are using the connected mode, every device gets a random token for the authentication. This token is stored on your device and on the server.

When you remove a device, then the authentication token is stored at a list which contains all old authentication tokens. This old token is not linked with any other data.

Shown hints

TimeLimit shows some hints only once/ does not show them again if you selected that. The hints which should not be shown again are stored on your device. This data is not transmitted.

Foreground app detection config

You can change some parameters which are used for detecting the currently used App. This parameters are only saved at your device and are not transmitted.

Premium version

In the connected mode, if and until when the premium version is valid is stored on the server. If or until when the full version can be used is sent to your devices and stored there.

If you buy the premium version, the new values are saved.

Additionally, every purchase is logged and stored permanently. A log entry includes:

Additionally, the terms of use and privacy of the payment service which you are using applies.

last time at which the screen was one

TimeLimit regulary saves the last time at which the screen was on at your device. This is not transmitted. This is used for automatically switching to the default user.

Usage stats access/ GET_TASKS permission

Depending on the Android version, TimeLimit uses the permission for the usage stats access or the GET_TASKS permission. These are only used to detect the currently used App. Based on the currently used App, the App is blocked, allowed, or the remaining time is calculated.

The currently used App is not transmitted, but the resulting change of the remaining usage time is transmitted.

Device admin/ device owner

This permission is (depending on the configuration) used to detect or prevent an uninstallation of TimeLimit.

Depending on the coniguration, this permission is used to lock the device after a manipulation.

Depending on the Android version and the configuration:

Notification access

TimeLimit uses the notification access to block notifications of blocked Apps. Notifications and their contents are not saved.

Accessibility service

TimeLimit uses an accessibility service to press the home button before showing the lock screen. This fixes blocking in some cases.

Logging of requests

By default, requests sent to the TimeLimit server are not logged. If there is a good reason (server is overloaded, technical issues, ...) the logging of requests can be enabled. Then, the executed action (e.g. query time, upload actions, do purchase), the IP address, the time and the used client are stored temporarily. This data is deleted as soon as it is not needed anymore.

Add device tokens

If you would like to add a device in the connected mode, you get a random text which you enter on the device which should be added. These tokens are assigned to your family ID on the server and are deleted as soon as they were used. If the tokens were not used they are deleted after 3 hours.

Mail authentication tokens

When authenticating a mail address, "you" (the client) gets a token for the authentication of the next requests. These tokens are assigned to your mail address stored on the server, These tokens are deleted after 3 hours.

Sign in with Google

To authenticate, you can sign in with Google. TimeLimit only uses the mail address which is assigned to the Google account.

The login could be logged by Google. The privacy terms of Google apply.

Sign in by mail

To authenticate, you can sign in with a mail address. In this case, a mail will be sent to the specified address. We can't control the storage of the mail at the transport and at your inbox.

When signing in by mail, the specified mail address and the system language is transmitted. The system language is only used to localize the sent message and is not saved.

The mail address, the sent code and an authentication session token are saved for 3 hours to allow authenticating. Due to backups, these addresses are saved for a longer time.

The mail server saves logs which contain the mail addresses for 24 hours. There is no backup of this logs.

Additionally, the mail address and the number of authentication attempts are saved for up to 24 hours to prevent too many requests.

Server

The TimeLimit server is hosted by NetCup. There is an commissioned data processing contract. The server location is Germany.

Backups

To reduce the risk of data loss, backups of the database of the TimeLimit server are created regulary. These backups contain all data that is saved at this time and are saved for up to 2 weeks. The backups are encrypted with a asymmetrically and the private key is not saved at the server. These backups are only used to recover data after a technical failure.

Deletion of old users

Data of old users may get deleted if the premium version expired 90 days ago and no device assigned to the family has connected during the last 90 days.

Background Sync

You have the option to enable the background sync. If you enable it, your device periodically sends a request to the TimeLimit server to request the current status.

It is saved at your device if you have enabled the background sync.

Notifications

In connection with the background sync, TimeLimit can show notifications at the devices. For that, the following is saved at your devices (independent if you enabled the background sync):

Contacts

It's possible to select a contact whitelist. This list is only saved at the device and is not transmitted.