Shared Timer Privacy Policy

1. Overview

Shared Timer respects your privacy. This Privacy Policy explains what information is collected when you use the Shared Timer mobile application, how it is used, and your rights regarding your personal data.

Shared Timer is designed to collect only the information required to provide synchronized timers and user accounts.

2. Controller

The controller responsible for data processing is:

Omorix

Email: privacy-policy@omorix.com

Website: https://www.omorix.com

3. Information We Collect

When you create and use a Shared Timer account, we may collect the following information:

Account Information

  • Username
  • Display nickname
  • Password (stored only as a secure Argon2id password hash)

Passwords are never stored in plain text.

Authentication Data

To keep you signed in, Shared Timer creates secure authentication sessions.

This includes:

  • Session identifiers
  • Session expiration information

Authentication tokens are securely generated and only cryptographic hashes are stored on the server.

Timer Data

To provide the service, Shared Timer stores information such as:

  • Timer names
  • Timer durations
  • Timer ownership
  • Timer memberships
  • Runtime state
  • Notification preferences
  • Share codes
  • Creation and modification timestamps

This information is required for synchronized timers across multiple devices.

Device Information

If you enable notifications, Shared Timer stores:

  • Firebase Cloud Messaging (FCM) registration token
  • Device platform

This information is used solely for delivering push notifications when shared timers start.

Server Logs

The server automatically records technical information necessary for operation and security, including:

  • IP address
  • Date and time
  • Requested endpoint
  • HTTP status
  • Technical diagnostic information

Legal basis: Art. 6(1)(f) GDPR.

4. How We Use Your Data

Your information is processed solely to:

  • create and manage your account
  • authenticate users
  • synchronize timers
  • manage timer memberships
  • deliver optional push notifications
  • secure the service
  • detect abuse
  • improve reliability and stability

We do not use your information for advertising or profiling.

5. Push Notifications

If you enable notifications, Shared Timer uses Firebase Cloud Messaging (FCM) to notify you when a shared timer starts.

The FCM registration token is stored only for delivering notifications and can be removed by unregistering your device or logging out.

Firebase is operated by Google and processes data according to Google’s Privacy Policy.

6. Data Sharing

We do not sell or rent your personal information.

Personal data is only shared where technically necessary, including:

  • hosting providers
  • Firebase Cloud Messaging for push notification delivery
  • authorities where required by applicable law

7. Data Retention

We retain personal information only as long as necessary to provide the service or comply with legal obligations.

Examples include:

  • Account information until the account is deleted
  • Timer data until deleted by users
  • Session information until expiration or logout
  • Push notification tokens until removed or replaced
  • Server logs for a limited period for security purposes

8. Security

We implement appropriate technical and organizational measures to protect your information.

These include:

  • encrypted HTTPS connections
  • secure password hashing (Argon2id)
  • secure session management
  • access controls
  • regular security updates

9. Your Rights

Under the GDPR you have the right to:

  • access your personal data
  • request correction
  • request deletion
  • restrict processing
  • object to processing where applicable
  • request data portability

To exercise your rights, contact:

privacy-policy@omorix.com

10. Children’s Privacy

Shared Timer is not specifically directed at children under the age of 13 and does not knowingly collect personal information from children.

11. International Data Transfers

Depending on the notification service used (Firebase Cloud Messaging), certain technical information may be processed outside the European Economic Area in accordance with applicable data protection laws.

12. Changes to This Privacy Policy

This Privacy Policy may be updated to reflect legal, technical, or operational changes.

The latest version will always be available on this website.

Last Update: 11 July 2026