Privacy Policy
Effective date: July 4, 2026
This privacy policy describes how the TimeWarp app ("the app", "we", "us") handles your information. TimeWarp is built and operated by Biteforest.
The short version
TimeWarp is local-first. If you never sign in, the app works exactly as it always has: all of your data — photos, warp point locations, and settings — stays on your device, and nothing is sent to us or anyone else.
TimeWarp also offers an optional account so you can back up your warp points and photos to the cloud and sync them across your devices. Cloud features are off until you choose to sign in. When you do, the data described below is stored on our cloud infrastructure so we can sync it back to you — and you can delete all of it at any time.
What the app accesses on your device
- Camera: used only when you actively take a photo at a warp point. Photos are saved to the app's private storage on your device. They are uploaded to the cloud only if you are signed in (see below).
- Location (GPS): used to tag each photo with the coordinates where it was taken, and to detect when you are near one of your saved warp points so the app can remind you to take a new photo. Location is read on your device. If you are signed in, a photo's coordinates are stored with that photo in the cloud as part of sync; if you are signed out, location never leaves your device.
- Notifications: the app schedules local notifications on your device when you are near a saved warp point. These are generated on your device and are not delivered through any push-notification service.
- Storage: photos and app data are written to the app's private storage area on your device.
If you sign in: information we store in the cloud
Signing in is optional and is only required to use backup and multi-device sync. If you create an account, we store:
- Account identity: an account identifier and the email address associated with your sign-in method (Sign in with Apple, Google, or an emailed link). If you use Sign in with Apple and choose to hide your email, we only receive Apple's private relay address.
- Your warp points and photos: the photos you capture, their capture time, and the GPS coordinates tagged to each photo and warp point, plus warp point names and reminder settings. This is your own content, stored so it can be backed up and synced to your other signed-in devices.
We do not sell your data, do not use it for advertising, and do not include any third-party analytics, advertising, or tracking SDKs in the app.
Google user data
This section describes how TimeWarp accesses, uses, stores, and shares Google user data, in accordance with the Google API Services User Data Policy. Google user data is involved only if you choose "Continue with Google" to sign in. If you do not use Google sign-in, TimeWarp never requests or receives any Google user data.
Data we access. When you sign in with Google, we request only
Google's basic non-sensitive sign-in scopes
(openid, email, and profile). Through these
scopes Google provides us with:
- Your email address and whether Google has verified it;
- Your basic profile information — your name and profile picture, if present on your Google account; and
- Your Google account identifier (a unique ID that lets us recognize your account on return visits).
We request no sensitive or restricted scopes. TimeWarp does not access your Gmail, Google Drive, Google Calendar, Contacts, Photos, or any other Google service or data beyond the basic sign-in information listed above.
How we use it. We use this Google user data for a single purpose: authentication — to create and identify your TimeWarp account so you can back up your warp points and photos and sync them across your devices. We do not use Google user data for any other purpose.
How we store it. Your email address and account identifier are stored in our authentication system, operated by our backend processor Supabase (see below), so we can recognize your account when you return. This is the same account record described in "If you sign in" above.
How we share it. We do not sell, rent, or share your Google user data with third parties, and we do not use it for advertising or to train any AI or machine-learning models. It is disclosed only to Supabase, strictly as a data processor that stores it on our behalf to operate the sign-in and sync service.
TimeWarp's use of information received from Google APIs adheres to the Google API Services User Data Policy, including its Limited Use requirements.
Deleting your Google data. You can permanently delete your account and all associated data — including the email address and identifier obtained through Google sign-in — at any time using "Delete account & cloud data" in Settings (see "Your control over your data" below). You can also revoke TimeWarp's access to your Google account at any time from your Google Account permissions page.
Service providers
When cloud features are enabled, we use the following processors strictly to operate the service:
- Supabase — our cloud backend, which hosts the database and file storage that hold your synced warp points and photos, and handles account authentication. Data is stored on Supabase infrastructure in the United States.
- Apple and Google — only if you choose "Sign in with Apple" or "Continue with Google," to verify your identity at sign-in. See the "Google user data" section above for exactly what Google data is accessed and how it is used. Their handling of that sign-in is governed by their own privacy policies.
Sharing
If you use the in-app share feature to share a photo or timelapse, that content is handed off to whichever share target you select (e.g. messages, social apps, email). Once shared, the receiving app's privacy policy governs that content. We are not involved in or able to see what you share.
Children
TimeWarp is not directed at children under 13 and does not knowingly collect information from children.
Your control over your data
- You can delete an individual warp point inside the app to remove it and all of its photos.
- If you are signed in, you can choose "Delete account & cloud data" in Settings to permanently delete your account and all of your warp points and photos from our cloud. This removes your data from our database and file storage.
- You can sign out at any time to stop syncing; your data remains on your device.
- You can uninstall the app to delete all photos and data stored on that device.
- If you are in a region with data-protection rights (such as the EEA or California), you may request access to or deletion of your personal data by emailing us; the in-app deletion above accomplishes a full erasure directly.
Data retention
We retain your synced data for as long as your account exists. When you delete your account, your warp points, photos, and account record are removed from our systems.
Changes to this policy
If we change this policy in the future, we will update the effective date at the top of this page. The current version will always be available at this URL.
Contact
If you have any questions about this privacy policy or the app, please email dev@biteforest.art.