Privacy Policy

Last updated: 8/21/2025

1. Overview

TimeCapsule respects your privacy and provides data control tailored to three modes of usage:

  • Local-only: No data leaves your device
  • External API usage: With your own API keys
  • Cloud-based usage: Through purchased credits (hosted processing)

2. Information We Collect

2.1 Local Users

  • All processing and data are stored locally in your browser or device.
  • We do not access, transmit, or analyze your documents or interactions.

2.2 BYOA/API Key Users

  • We may temporarily process prompts and responses via your chosen API provider.
  • Your API keys are stored only if explicitly permitted and encrypted at rest.
  • We do not retain document content unless necessary for a specific session or feature.

2.3 Credit-Based Users

  • We collect basic authentication data (email, name) via OAuth providers.
  • Prompts and results may be stored temporarily for credit accounting, debugging, or improving user experience.
  • All data is automatically deleted from our servers after 30 days.

3. Cookie Usage

  • Essential Cookies: Used for authentication, session management, and core functionality.
  • Analytics Cookies (Optional): Used only with consent. These help us improve performance and UX. No cross-site tracking.

4. How We Use Your Data

  • To provide requested services (AI generation, document interaction)
  • To personalize your experience and provide support
  • To comply with legal requirements or respond to lawful requests

5. Data Security

  • All transmissions use HTTPS
  • Sensitive data (API keys, tokens) are encrypted
  • Local-first architecture is prioritized whenever possible
  • All data is automatically deleted from our servers after 30 days

6. Your Rights

6.1 For EU Users (GDPR)

  • Right to access, correct, delete, or restrict your data
  • Right to data portability and to object to processing

6.2 For California Users (CCPA)

  • Right to know what data we collect and how we use it
  • Right to delete personal information and opt-out of sale (we don't sell data)

7. Data Retention

  • Analytics: Retained for 26 months (if opted-in)
  • Session and auth: Retained while active or until deletion
  • Uploaded documents: Not stored unless explicitly uploaded for collaboration or sharing
  • All server data: Automatically deleted after 30 days

8. Updates

This policy may change as our features evolve. We'll notify you of material changes via in-app notification or email.

9. Contact

For questions about this privacy policy, email us at contact@bubblspace.com

← Back to Home