Skip to content

Privacy policy

What personal data Timemark collects, how it is used, and your privacy rights.


Effective date: July 1, 2026 · Last updated: July 2, 2026

This policy explains what personal data Timemark collects, how we use it, who we share it with, and the choices and rights you have. It covers the Timemark mobile app, the Teamspace web portal at teamspace.timemark.com, and our websites.

Timemark is operated by OCEAN GALAXY PTE. LTD. (UEN: 202305760Z), located at 25 SEAH STREET, #02-01, SINGAPORE 188381.

Timemark is one product. It has a free capture core that lets you take trusted work photos, plus an optional Teamspace layer that lets a team collect and organize those photos. If you only capture photos locally and do not upload them to Timemark, we do not store those photos. The data we handle, and our responsibility for it, depend on which features you use. The next section explains how.

This policy explains personal data processing. It does not limit how you may use your own photos, exports, reports, Photo Codes, verification results, or other lawful Timemark outputs under the Terms of service.

Commercial use: You may use lawful Timemark outputs for personal, business, and commercial purposes, whether you use Timemark alone or in a Teamspace. A Business plan adds team features such as shared Teamspace, centralized billing, higher limits, integrations, and admin controls. You do not need Business only because a photo, report, export, Photo Code, or verification result is used for work.

How we handle your data, and whether we are legally the controller or only a processor, changes with how you use Timemark. Under privacy laws, an individual whose data is handled is a data subject.

In this table, “who controls” means practical control over photos or team content inside the product. It is separate from Timemark’s legal privacy role shown in the last column.

How you use TimemarkWhat Timemark handlesWho controls the photos or team contentTimemark’s privacy role
Standalone capture on your deviceServer-time requests, optional location lookups, Photo Code or verification requests, and limited technical data needed to run and improve the App. Your local photos are not uploaded just because you take them.You, for photos that stay on your deviceWe are the controller for the limited data we receive. We cannot access photos that stay only on your device.
Personal connected features, such as Plus, Cloud Backup, share links, reports, or exportsPurchase status, linked storage connection details, photos or reports you choose to back up, host, share, or export, and support messages you send usYouWe are the controller, except where a connected destination acts under its own terms.
Teamspace, a Team, Projects, Business, EnterpriseTeam photos, visible watermark content, project docs, Checklist records, Attendance records, project addresses, member details, exports, share links, sync settings, and webhook settingsThe team (the Team Owner or organization)We are a processor acting for the team for Customer Data, and a controller for account, billing, security, and service operation data.

If you only capture photos locally and do not upload them to Timemark, your photos and their location data stay on your device and are not sent to Timemark, so we cannot access them. We may still receive limited technical data through the app, as described in SDKs, cookies, and tracking technologies.

When you use Timemark as part of a team, the team controls the photos and member data collected in that team. Our handling of that data is governed by our Data Processing Addendum (DPA) terms. For a plain summary of who owns what, see Who owns your photos.

Timemark does not collect the same data from every user. The categories below apply only when you use the matching feature.

You can take watermarked photos without signing in or creating an account. For standalone capture, Timemark does not collect your email address or account details.

To create a photo or video, the app may use:

  • Timemark server time, requested from Timemark servers, instead of relying first on device time.
  • Device location, if you allow location permission and turn on fields such as address, coordinates, map, weather, altitude, or compass.
  • Microphone access, if you allow microphone permission while recording video with sound.
  • Template settings, notes, tags, logo, business card text, and other fields you choose to show.
  • Photo Codes delivered from Timemark servers and stored in a local code pool. Photo Codes do not expire by design. Photo Code records do not store a user identifier, but may store verification data associated with the code, such as the time and location used for verification.

The photo file, visible watermark, notes, and location shown on a standalone photo stay on your device unless you choose to upload, back up, share, export, or add the photo to a team. Showing time or location on the photo does not by itself mean Timemark stores that photo, timestamp, address, or GPS coordinate as a server-side photo record.

Some fields still require network services. Address lookup, weather, and location-based trusted time may use device location through Timemark or a service provider. Server-time, Photo Code, verification, diagnostics, analytics, security, and similar service requests may also create technical logs needed to run and protect Timemark.

Account, billing, connected storage, and support information

Section titled “Account, billing, connected storage, and support information”

We collect the following only when you use the relevant feature:

  • Account details, such as email address, sign-in account name, account identifier, or optional profile details, when you sign in for Teamspace, connect a cloud account, use account features, or contact support.
  • Connected storage details, such as the provider, account, folder, permission scope, and authorization tokens needed to connect Google Drive, OneDrive, SharePoint, or another destination you choose. Authorization tokens are stored securely.
  • Purchase status, receipt identifiers, subscription status, and seat information when you or your team buys or manages a paid plan. App Store, Google Play, Stripe, and Waffo may handle payment data, billing contact details, tax records, invoices, and billing records under their own terms.
  • Support messages, attachments, contact details, and related metadata when you contact us.

Subscribing to Plus or taking photos in the standalone App does not by itself require a Timemark account. Signing in matters for Teamspace, connected storage, some account features, support, or carrying a Plus entitlement to another device.

In selected regions, the App may let you invite team members from your device contacts. Contacts access is optional and is requested only when you choose that invite flow. If you authorize it, the App reads contact names and phone numbers on your device only to display contacts locally and open your system SMS app with an invite message. Contact phone numbers used this way are not uploaded to Timemark servers, and we do not use them for account matching, analytics, advertising, or marketing.

Uploaded, backed up, shared, exported, and Teamspace content

Section titled “Uploaded, backed up, shared, exported, and Teamspace content”

When you upload, sync, back up, host, share, export, or add photos or records to a team, Timemark may process:

  • Photo files, including visible watermark content burned into them.
  • Watermark fields shown on those photos, such as time, address, coordinates, weather, altitude, compass, map, tags, notes, logo, business card details, project name, and project number (PID #).
  • Reports, ZIP, PDF, Excel, KMZ, Collage, share links, and other outputs you create.
  • Teamspace project records, project addresses, project docs, Checklist records, Attendance records, member details, roles, permissions, sync settings, export settings, and webhook settings.
  • Photo Codes and verification data needed to check photo authenticity. Photo Codes do not expire by design. Photo Code records do not store a user identifier, but may store time, location, and similar verification data associated with the code.
  • Device model or app context when it is saved with a photo, needed for verification, or needed for diagnostics.

Personal Cloud Backup sends photos to the Google Drive or OneDrive account you connect. Team Sync, SharePoint, Google Drive, webhooks, exports, and share links send data to destinations you or your team choose. Those copies are then governed by the destination service or by whoever receives the link or export.

The app and our websites collect some technical data automatically, including through third-party SDKs:

  • Crash and diagnostic data through Firebase Crashlytics, such as device model, operating system, crash logs, app state, memory state, and related diagnostic context.
  • Time synchronization requests needed to provide trusted Timemark server time for the watermark. These requests may use device location when location-based trusted time is enabled. Timemark does not keep a separate time-synchronization log with its own retention period.
  • Product analytics, advertising, attribution, and ad monetization data through SDKs that help us understand how people use, find, install, and pay for Timemark, where permitted by your device settings and applicable law.
  • Basic usage, security, abuse-prevention, and server log data needed to run the service.

A full list of the SDKs and third-party services we use, what each one does, and what data it may receive is maintained in Third-party services.

Location is at the center of what Timemark does. Many photos are taken to show that work happened at a specific place and time. The time field comes from Timemark server time, and the location fields come from device location.

If a photo stays only on your device, the location shown on that photo stays in the local file. Timemark does not store a separate server-side location history just because the app displayed GPS, address, map, or weather on the photo.

Timemark or its service providers may receive, store, or disclose location separately where a feature needs it, such as address lookup, weather, time synchronization, maps, Attendance Mode, a team project address, Teamspace map and export features, webhooks, share links, exports, or Photo Code verification. Address lookup may use Apple system geocoding and Timemark services. Weather and time synchronization use Timemark services when those fields are enabled.

You stay in control of how much location detail appears:

  • You can turn individual location fields on or off in the watermark template before you capture.
  • You can change or revoke the app’s location permission in your device settings. Note that the core purpose of the app depends on location, so turning it off limits what Timemark can do.

Precise location is treated as sensitive personal information under some laws when we receive or process it. See Your privacy rights for how this affects your choices.

We use personal data to:

  • Provide the capture, watermark, sync, and export features you use.
  • Back up your photos to your own cloud account when you enable Cloud Backup, or sync a team’s photos when a Team Owner enables that.
  • Generate and verify Photo Codes so photos can be checked for authenticity.
  • Process payments and manage subscriptions and seats.
  • Support team invitations you initiate, including on-device contact selection where that feature is available.
  • Diagnose crashes and keep the service reliable and secure.
  • Measure how our advertising performs and how people find Timemark.
  • Respond to your support requests.
  • Meet legal obligations and protect against fraud or abuse.

We do not use the content of your photos, project docs, Checklist records, or team data to train advertising profiles or AI models unless you separately agree.

We do not monitor, review, or classify Customer Data to determine your industry, project type, or use case, except where needed to provide the service, protect Timemark, enforce the Terms of service, or comply with law.

If you are in the European Economic Area or the United Kingdom, we rely on these legal bases:

  • Performance of a contract: to provide the features you sign up for, including capture, sync, billing, and Photo Codes.
  • Legitimate interests: to keep the service secure, diagnose crashes, and understand how Timemark is found and used, balanced against your rights.
  • Consent: for advertising and attribution tracking, and where required for access to precise location. You can withdraw consent at any time.
  • Legal obligation: to comply with tax, accounting, and other laws.

The Timemark app includes third-party SDKs:

  • Crash and diagnostics (Firebase Crashlytics): collects device and crash data to help us fix problems, including device model, operating system, crash logs, app state, memory state, and related diagnostic context.
  • Push notifications (Firebase Cloud Messaging): supports notification delivery.
  • Analytics, advertising, and attribution: includes SensorsAnalytics, Firebase Analytics, Facebook / Meta, TikTok Business, Apple Search Ads attribution, Google Play Install Referrer, and Android ad mediation or ad network SDKs where used and permitted. These help measure app usage, installs, purchases, attribution, and ad performance.

On iOS, the app asks for your permission through Apple’s App Tracking Transparency prompt before any advertising identifier is used. You can change this later in your device settings.

Our websites use cookies, pixels, or similar technologies for basic functionality, analytics, and advertising measurement, including Google Analytics and Meta advertising pixels where enabled.

Where permitted, advertising and attribution SDKs may use Apple or Google mobile advertising identifiers, or similar mobile identifiers, for personalized advertising, attribution, analytics, or ad monetization.

Because advertising and attribution SDKs can share identifiers with third parties, some laws treat this as “sharing” for cross-context behavioral advertising. You can opt out through your device settings. See Your privacy rights.

For a practical list of SDKs, payment providers, sign-in providers, linked storage destinations, and other third-party services, see Third-party services.

We share personal data only as described here.

Service providers (sub-processors). We use trusted vendors to run Timemark, such as cloud hosting providers (AWS and Alibaba Cloud in Singapore), payment and merchant-of-record providers (Stripe, Waffo), sign-in and storage providers (Google, Microsoft), reverse geocoding, weather, crash diagnostics, analytics, and advertising measurement. They may only use the data to provide their service to us. Cloud hosting providers receive photo content only where Timemark hosts that content, such as Teamspace data, Timemark-hosted share links, reports, or other server-side features you use. Local-only photos are not stored with our cloud hosting provider. A current list is maintained in Third-party services.

Sharing you direct. When you connect Timemark to a destination you control, your data flows there at your instruction and is then governed by that service, not by Timemark:

  • Personal Cloud Backup to your own Google Drive or OneDrive.
  • Team Sync of a project’s photos to a team’s Google Drive or SharePoint.
  • Webhooks that send photo data to an endpoint your team configures.
  • Share links and exports (ZIP, PDF report, Excel, KMZ, Collage) that you create and distribute.

Anyone with an active share link can view the shared content. Once a photo, file, or record leaves Timemark through one of these, we no longer control who can see it. Deleting the item from Timemark does not delete copies that already synced, downloaded, or were shared.

If you only save a photo locally and do not upload, sync, share, or export it through Timemark, Timemark does not disclose that photo file to service providers.

Within your team. If you capture photos for a team, other members can see them according to the team’s roles and permissions, which the team sets.

Legal and safety. We may disclose data if required by law, or to protect the rights, safety, and security of users, the public, or Timemark.

Business transfers. If Timemark is involved in a merger, acquisition, or sale of assets, data may be transferred as part of that deal, subject to this policy.

Depending on where you live, you have rights over your personal data as a data subject.

If you are in the EEA or UK (GDPR), your data subject rights let you:

  • Access a copy of your data.
  • Correct inaccurate data.
  • Delete your data.
  • Restrict or object to certain processing.
  • Receive your data in a portable format.
  • Withdraw consent at any time.
  • Lodge a complaint with your local supervisory authority.

If you are in California or another U.S. state with similar privacy laws, your consumer rights may let you:

  • Know what personal information we collect and how it is used.
  • Delete your personal information.
  • Correct inaccurate personal information.
  • Opt out of the sale or sharing of your personal information.
  • Limit the use of sensitive personal information, including precise location.
  • Not be discriminated against for exercising your rights.
  • Use an authorized agent or appeal certain decisions where local law gives you that right.

If you are in Brazil, Mexico, or another Latin American jurisdiction with similar data protection laws, your rights may include:

  • Confirm whether we process your personal data.
  • Access, correct, delete, or anonymize personal data where applicable.
  • Ask about data sharing and international transfers.
  • Object to or restrict processing where the law allows.
  • Withdraw consent where processing is based on consent.

If you are in Singapore, the Philippines, Malaysia, Thailand, Indonesia, Vietnam, or another Southeast Asian jurisdiction with similar privacy laws, your rights may include:

  • Access or correct your personal data.
  • Withdraw consent where processing is based on consent.
  • Ask how your personal data is used or disclosed.
  • Complain to the relevant privacy authority where local law allows.

Email privacy@timemark.com with the subject “California privacy opt-out” to opt out of sale or sharing for advertising and attribution, or to limit eligible sensitive personal information.

For mobile advertising identifiers and personalized ads, use the controls provided by your device platform. Setting names may vary by OS version and region.

To exercise any right, contact us at privacy@timemark.com. If you use Timemark in a team and your request concerns team-controlled Customer Data, Timemark will assist the Customer or Team Owner, who controls that data, rather than deciding the request ourselves except where the law requires us to act directly.

Photo Code records are not indexed by a user identifier. If you want us to delete verification data stored for a Photo Code, email privacy@timemark.com with the Photo Code or enough information to locate the record. We will delete the photo metadata associated with that Photo Code from Timemark servers, such as time, place, coordinates, and device model information. After deletion, Photo Code verification will no longer return that record.

This is our notice at collection under the CCPA. In this table, “collected” means information Timemark receives or can access, including information the app accesses on the device to provide a feature. Collection does not always mean Timemark stores a separate server-side record. Visible time or place text shown on an uploaded photo is part of the uploaded photo content. Ordinary local capture may use Timemark server time and device location, but it does not mean Timemark stores a separate GPS or timestamp record for the locally saved photo. The disclosure column includes service providers, sub-processors, and destinations you choose, such as connected cloud storage or webhooks. The categories of personal information we collect, and whether we disclose or share them, are summarized below.

We do not sell your photos or Teamspace content. We may share advertising identifiers and related advertising signals for cross-context behavioral advertising where permitted. You can opt out through the choices described in Your privacy rights.

CategoryCollectedDisclosed to service providers or destinations you chooseSold or shared
Account identifiers (email, sign-in account, linked account identifiers)Only when you sign in, connect a storage destination, use account features, contact support, or use TeamspaceYes, where needed for sign-in, support, connected storage, payments, security, or service operationNo
Contacts and phone numbers used for team SMS invitesOnly in selected regions, when you use Add from Contacts and grant contacts permission. The App reads contacts on device for local display and to open the system SMS app; those numbers are not uploaded to Timemark serversNoNo
Advertising and attribution identifiersYes, where advertising, attribution, analytics, or ad monetization SDKs are used and permitted. These may include Apple or Google mobile advertising identifiers, or similar identifiersYes, to advertising, attribution, analytics, and ad network service providersYes, for related advertising signals used for cross-context behavioral advertising only. You can opt out through device settings
Photos and visible watermark content, including any time or place text shown on uploaded photosNo for local-only capture. Yes when uploaded, synced, hosted, shared, exported, backed up through Timemark, or added to a teamYes, where needed to host, store, sync, share, export, verify, or send to a connected destination you chooseNo
Precise geolocation used for location features (sensitive)Yes when location features are enabled. Local display does not by itself create a separate Timemark server-side location historyYes, where needed for address lookup, maps, weather, time synchronization, verification, upload, Teamspace, sharing, export, or connected servicesNo
Teamspace records and team member dataOnly when you create, join, or use a teamYes, where needed to host, secure, sync, export, support, or process the team serviceNo
Commercial information (purchase status, receipt identifiers, subscription status, and seat information; payment providers may handle billing records)Only when you or your team buys or manages a paid planYes, to payment, merchant-of-record, tax, accounting, and subscription providers where neededNo
Device, usage, crash, security, and log dataYes when you use the app, websites, or serviceYes, to hosting, diagnostics, analytics, security, and support service providers where neededNo, except advertising and attribution identifiers listed above

How long we keep your data (Data retention)

Section titled “How long we keep your data (Data retention)”

We keep personal data only as long as needed for the purposes in this policy, or as required by law. Retention periods for each type of data, and what happens when you delete a photo, a team, or your account, are listed in How long we keep your data.

Where Teamspace data is stored and when data crosses borders

Section titled “Where Teamspace data is stored and when data crosses borders”

Teamspace data is hosted in the United States by default.

For Enterprise customers, data residency means Timemark stores the in-scope Teamspace content for that Enterprise data residency option in the selected data region. It does not automatically cover every Timemark record. Billing, support records, security logs, email delivery, and user-directed third-party destinations may be processed outside that region.

Timemark operates globally, so some personal data may be processed in countries other than your own. Where we transfer personal data across borders, we use safeguards required by applicable law, such as Standard Contractual Clauses, data processing terms, or other transfer mechanisms.

We use technical and organizational measures to protect personal data, including HTTPS/TLS for data in transit and encrypted storage for sensitive data.

Enterprise customers may have access to stricter security options, such as data residency, SSO, audit logs, restricted support access, or service-level commitments, where Timemark makes those options available.

Timemark is not directed to children. We do not knowingly collect personal data from children under the age required by local law (under 16 in the EEA, under 13 in the United States). If you believe a child has provided us data, contact us and we will delete it.

When you join or are added to a team, the team controls the photos, visible watermark content, project docs, Checklist records, project addresses, Attendance records, and member details collected in that team. The Team Owner decides who can see, export, sync, and delete team data, subject to Timemark’s product rules and plan limits.

In this case Timemark acts as a processor for the team. Our obligations are set out in Data Processing Addendum (DPA). If your team uses Attendance Mode or location tracking, your employer is responsible for telling you about it and having a lawful basis to do so.

We may update this policy from time to time. When we make material changes, we will update the date above and notify you by email where we have an email address for you, such as your account email, billing email, or Team Owner email. We may also provide notice in the App, Teamspace, or on our website.

For privacy questions or to exercise your rights, contact: