Privacy Policy

Effective Date: 2025-09-01
Last Updated: 2025-09-01

Your privacy is important to us. Time Garden is built on a simple principle: your journal entries and personal insights belong to you, not to us or any cloud service. This policy explains what minimal information we collect and how we protect your privacy.

What Time Garden Does NOT Collect

Let's start with what makes Time Garden different: Your journal entries, AI conversations, and personal insights never leave your device. All AI processing happens locally via Ollama on your computer. We cannot read your journal because we never have access to it. Your thoughts remain completely private.

What We Do Collect

We only collect information we truly need to provide Time Garden to you:

• Email address: To send you Time Garden downloads and important updates
• Name: For personalized support and purchase receipts (collected by LemonSqueezy)
• Basic purchase information: Order details, license status, and country/region (for tax compliance)
• Website analytics: Anonymous traffic data via privacy-friendly analytics to improve our website

We never collect: Your journal content, AI conversations, vault data, device contents, or personal files. Time Garden runs locally and we have no access to your actual journaling data.

LemonSqueezy as Our Merchant of Record

We use LemonSqueezy LLC (Salt Lake City, Utah) as our Merchant of Record for all transactions. This means:

• LemonSqueezy collects your data: They collect your email, name, payment details, and location during checkout
• We get access through their platform: We can view customer information (name, email, country) through our LemonSqueezy seller dashboard to provide support and deliver licenses
• They handle payments and compliance: LemonSqueezy processes payments, handles taxes, manages refunds, and ensures compliance in all countries
• Email delivery: LemonSqueezy delivers purchase receipts, download links, and can send our newsletters on our behalf

LemonSqueezy has their own privacy policy governing how they handle your data, which you should review at lemonsqueezy.com/privacy. We have a Data Processing Agreement with LemonSqueezy ensuring your data is handled according to GDPR standards.

How We Use Your Information

We use the information we access to:

• Deliver Time Garden downloads and license keys
• Provide customer support and technical assistance
• Send important product updates and security notifications
• Send optional newsletters with journaling tips and new features (easily unsubscribable)
• Improve our website and user experience
• Comply with legal requirements and tax obligations

We will never sell your data, share it with advertisers, or use your email for unrelated marketing.

Data Sharing and Processing

We work with minimal trusted partners:

• LemonSqueezy LLC: Our Merchant of Record - processes payments, handles customer data, delivers emails, and manages tax compliance (US-based, GDPR compliant)
• Website hosting: Our website is hosted with privacy-friendly analytics (no tracking cookies)

Your journal data is never shared because it never leaves your device. Customer information is only shared between us and LemonSqueezy for legitimate business purposes (order fulfillment, support, compliance).

International Data Processing

Since LemonSqueezy is based in the United States, your customer information may be processed in the US. However, LemonSqueezy is GDPR compliant and has appropriate safeguards in place for EU data protection. Your most important data - your journal entries and AI conversations - never leaves your local device regardless of your location.

Your Rights (GDPR & Privacy Laws)

Under GDPR, CCPA, and other applicable privacy laws, you have the right to:

• Access: Request a copy of the personal data we have about you
• Correction: Ask us to correct inaccurate information
• Deletion: Request deletion of your personal data
• Portability: Receive your data in a portable format
• Opt-out: Unsubscribe from marketing emails anytime
• Restrict processing: Limit how we use your data

To exercise these rights, contact us at business@timegarden.app. We'll respond within 30 days. Remember: your journal data is already under your complete control since it stays on your device.

Data Security & Retention

We protect your data with appropriate technical and organizational measures including secure hosting, access controls, and encrypted connections. Customer data is retained as long as necessary to provide services, comply with legal obligations, and resolve disputes.

Retention periods:

• Active customers: Data retained while you use Time Garden
• Marketing emails: Deleted 30 days after unsubscribing
• Purchase records: Kept for tax/legal requirements (typically 7 years)
• Support requests: Retained for 2 years unless deletion requested

Cookies & Website Tracking

Our website uses minimal, privacy-friendly analytics without cookies or cross-site tracking. We don't use advertising cookies, social media pixels, or invasive tracking technologies. Website analytics data is anonymized and used solely to improve user experience.

Student Privacy

Students who request free AI licenses must provide verification (student ID, .edu email, or enrollment documentation). This information is used solely to verify student status and provide the free license. Student information is handled with the same privacy standards as paying customers.

Children's Privacy

Time Garden is designed for users 16 and older. We don't knowingly collect personal information from children under 16. If we discover we have collected such information, we'll delete it immediately.

Changes to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. Material changes will be communicated via email to registered users with 30 days notice. Continued use of Time Garden after changes indicates acceptance.

Contact Information

Privacy questions & data requests: business@timegarden.app
Technical support: support@timegarden.app
Our location: Hamburg, Germany
LemonSqueezy (Merchant of Record): Salt Lake City, Utah, USA

If you're not satisfied with our response to privacy concerns, you can contact the appropriate data protection authority in your country.

This privacy policy complies with GDPR, German BDSG, CCPA, and applicable international privacy laws. We believe privacy policies should be clear and actionable, not confusing legal documents that hide important information.