Privacy Policy for Time Blokker

1. Data Controller

We are the data controller for your information. For any privacy-related questions, please contact us at:

As a small business, we are not required to appoint a formal Data Protection Officer (DPO), but all inquiries will be handled by a dedicated person.

2. Data We Collect, Purpose, and Legal Basis

• User-Generated Content: (Tasks, schedules, etc.). Stored locally on your device.
  • Purpose: To enable core app functionality.
  • Legal Basis: Performance of a Contract.
• Purchase Data: (Anonymous user ID, purchase status).
  • Purpose: To manage access to paid features.
  • Legal Basis: Performance of a Contract.
• Analytics Data: (Anonymous, aggregated usage data via Plausible Analytics).
  • Purpose: To improve our Service.
  • Legal Basis: Legitimate Interest. We have balanced our interest in improving the app against your right to privacy by choosing a privacy-first analytics provider.
• Crash & Performance Data: (Anonymized crash reports).
  • Purpose: To identify and fix bugs.
  • Legal Basis: Legitimate Interest.
• Newsletter & Communications Data: (Name, email, message content).
  • Purpose: To send newsletters (if you opt-in) or respond to your inquiries.
  • Legal Basis: Consent (for newsletters); Legitimate Interest (for responding to inquiries).

3. Data Retention

We retain data only for as long as necessary:

• User-Generated Content (Cloud): For as long as you maintain an account with us.
• Purchase Data: For as long as required for financial and tax regulations.
• Analytics Data: Anonymized data may be retained for up to 24 months.
• Crash Logs: Retained for up to 90 days.
• Newsletter Data: Retained until you unsubscribe.
• Communications Data: Retained for as long as needed to resolve your inquiry and for our records.

4. Data Security

We implement reasonable technical and organizational measures to protect your data, such as encryption for data in transit and limiting access to personal data to authorized personnel only.

5. Data Breach Notification

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority (the Dutch Autoriteit Persoonsgegevens) without undue delay, in accordance with our legal obligations.

6. Data Storage & International Transfers

Your data may be processed by third-party services. We strive to use services that process data within the European Economic Area (EEA).

• Plausible Analytics & MailerLite: Process data within the EEA.
• RevenueCat: Processes data in the United States. To ensure compliance with GDPR for data transfers outside the EEA, we rely on a Data Processing Addendum (DPA) with RevenueCat, which incorporates the Standard Contractual Clauses (SCCs) as a valid transfer mechanism.

7. Cookies and Tracking Technologies

Our website or newsletter landing pages may use essential cookies or tracking technologies (e.g., from Plausible or MailerLite) to function and gather analytics. We will provide a cookie notice or banner where legally required.

8. Your GDPR Rights

You have the right to access, rectify, erase, restrict processing of, and object to the processing of your personal data. You also have the Right to Data Portability. To exercise these rights, please contact us at our privacy email address. We will respond to your request within 30 days.

9. Third-Party Data Processors

We use third-party services to operate. These include:

• App Stores:
  • Apple
  • Google
• Purchase Management: RevenueCat
• Analytics: Plausible Analytics
• Newsletter: MailerLite

10. Children's Privacy

Our Service is not intended for anyone under 16. We do not knowingly collect data from children.