Privacy Policy

1. Scope of this Policy

This Privacy Policy applies to:

• Our websites and web application
• Our marketing and analytics activities related to the Services
• Communications we send from Timeliner email addresses and phone numbers

This policy does not apply to third-party websites, tools, or services that you may connect to Timeliner. Their privacy practices are governed by their own policies.

2. Business Accounts, Roles, and Responsibilities

Timeliner is primarily a business (B2B) platform.

Customer Data

When organizations use Timeliner to manage projects, media, and client approvals, they may upload or manage data about other individuals. This includes clients, collaborators, and team members. In these cases, the organization that controls the workspace determines what data is uploaded and how it is used.

Account and Platform Data

Timeliner independently processes certain data for account management, billing, security, analytics, and product improvement purposes.

If you are an invited user or client reviewer accessing content through a business workspace, requests related to project content, approvals, or deletion may need to be handled by the workspace administrator.

3. Information We Collect

Information You or Your Workspace Provide

Depending on how you use the Services, we may process:

• Account and workspace information: name, email address, role, workspace details
• Invited user and client information: names, email addresses, permissions
• Project and workflow data: tasks, statuses, deadlines, briefs, notes, and reference links
• Media and feedback data: video, audio, images, raw footage, comments, annotations, timestamp feedback, and voice notes
• Payment tracking numbers: numeric records showing how much is owed to or by users (no bank or card details are stored by Timeliner for this purpose)
• Support communications: messages and information you send to us when contacting support

Information Collected Automatically

When you use the Services, we may collect:

• IP address and general location derived from IP
• Browser type, device type, and operating system
• Pages or screens viewed and interaction events
• Referring URLs and timestamps

Payments

Subscription payments are processed by Stripe. Payment card information is handled directly by Stripe according to their own security and privacy practices.

4. Magic Links and Auto-Login

Timeliner supports access through magic links that allow users to open specific media or app experiences without entering a password. Anyone who has access to the link may be able to access the related content until the link expires or is revoked. Users should treat magic links as confidential.

5. How We Use Information

We use information to:

• Provide and operate the Services
• Manage accounts, permissions, and authentication
• Enable project workflows, reviews, and approvals
• Process subscriptions and billing
• Provide customer support
• Send service notifications by email or messaging from Timeliner accounts and numbers
• Monitor performance and improve the product
• Detect, prevent, and address technical issues, abuse, and fraud
• Measure and improve marketing effectiveness

6. Legal Bases for Processing (EEA/UK Users)

If you are located in the European Economic Area or the United Kingdom, we process personal data based on:

• Contractual necessity – to provide the Services you request
• Legitimate interests – to operate, secure, and improve the Services
• Consent – where required for cookies or marketing technologies
• Legal obligations – where required by law

7. Sharing and Disclosure of Information

We may share information:

With Service Providers

We use third-party providers to operate the Services, including:

• Amazon Web Services – AWS (cloud infrastructure, media processing, and storage)
• Cloudflare (CDN, file storage, and security)
• Vercel (application hosting and edge delivery)
• Supabase (database and authentication services)
• Google Analytics and Google Tag Manager (website and app analytics and tag management)
• Meta Pixel (advertising measurement)
• GoHighLevel (GHL) and Resend (communications and email delivery)
• Stripe (payment processing)

These providers may process personal data only to perform services on our behalf.

Within Your Workspace

Workspace administrators and authorized users may access information based on assigned roles and permissions.

Legal and Safety Reasons

We may disclose information if required to comply with law, protect rights and safety, or investigate fraud, abuse, or security incidents.

Business Transfers

If Timeliner is involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction.

8. Cookies and Tracking Technologies

We use cookies, pixels, and similar technologies to operate the Services, analyze usage, and measure marketing performance. Detailed information is provided in our Cookie Policy.

You may control cookies through your browser settings or through consent tools where required by law.

9. Data Retention

If an account or workspace is canceled, we generally delete stored data after 30 days. Some information may be retained longer if required for legal compliance, billing, dispute resolution, or security purposes.

10. Data Export

At this time, automated data export tools are not available in the Services.

11. International Data Transfers

Timeliner operates globally. Information may be processed in the United States and in other countries where our service providers operate. We take reasonable steps to protect data transferred across borders.

12. Security

We take reasonable technical and organizational measures designed to protect information in the Services. However, no system can be guaranteed to be completely secure, and we cannot guarantee absolute security.

13. Children's Privacy

The Services are not intended for children, and we do not knowingly collect personal information from children.

14. Your Rights and Choices

Depending on your location, you may have rights to:

• Access personal information
• Request correction or deletion
• Object to or restrict processing
• Withdraw consent where applicable

If your data is part of a business workspace, requests related to project content may need to be handled by the workspace administrator.

To submit a request, contact: contact@timeliner.io

15. Communications

We may send:

• Service communications such as account, billing, security, and product updates
• Marketing communications where legally permitted

You may opt out of marketing emails using unsubscribe links or by contacting us, but you may still receive essential service messages.

16. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date and provide notice if required by law.

17. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

• Know what personal information we collect and how it is used
• Request deletion of your personal information
• Opt out of the “sale” of your personal information (we do not sell personal information)
• Not be discriminated against for exercising your privacy rights

To exercise these rights, contact us at contact@timeliner.io.

18. Contact Us

If you have questions or requests regarding this Privacy Policy or your personal data: