Fuel Apps

Contact & Support

  Last updated: March 15, 2026

  This Privacy Policy explains how Anytimer ("we," "us," or "our") collects, uses, stores, and protects your information when you use our mobile application ("App"). We are

  committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR/AVG) and other applicable data protection laws.

  1. Data Controller

  Anytimer is the data controller for the personal data collected through this App. For any questions or requests regarding your data, you can reach us at:

  Email: [email protected]

  2. What Data We Collect

  We collect minimal personal data necessary to operate the App:

  - Email address — Used for account creation, authentication, and essential communications.

  - Password — Stored securely using industry-standard hashing (bcrypt). We never store or have access to your plain-text password.

  - Date of birth / Age confirmation — To verify you meet the minimum age requirement of 21 years.

  - Username — A display name you choose, visible to other users in your groups.

  - Profile photo (optional) — If you choose to upload one.

  - Push notification token — If you enable push notifications, we store a device token to deliver notifications.

  - Video content — Videos you voluntarily record and upload as proof for anytimers.

  We do NOT collect:

  - Real name or government ID

  - Phone number

  - Location data

  - Financial or payment information

  - Contacts or address book data

  - Browsing or tracking data from other apps

  3. Legal Basis for Processing (GDPR Art. 6)

  We process your personal data based on the following legal grounds:

  - Contract performance (Art. 6(1)(b) GDPR) — Processing your email, password, and username is necessary to create and maintain your account and provide the App's services.

  - Consent (Art. 6(1)(a) GDPR) — Push notifications are only sent with your explicit opt-in consent. You can withdraw consent at any time via your device settings.

  - Legitimate interest (Art. 6(1)(f) GDPR) — We may process limited data for security purposes, fraud prevention, and service improvement.

  4. How We Use Your Data

  Your data is used exclusively for:

  - Creating and managing your account

  - Authenticating your identity when you log in

  - Displaying your username and avatar to group members

  - Delivering push notifications about anytimer activity (with your consent)

  - Storing and displaying video proof within your groups

  - Verifying age eligibility

  - Communicating essential service updates (e.g., security alerts, terms changes)

  We do NOT use your data for:

  - Advertising or marketing profiling

  - Selling or sharing with third-party advertisers

  - Automated decision-making or profiling

  - Analytics beyond basic service operation

  5. Data Storage & Security

  Your data is stored using the following services:

  - Supabase (database & authentication) — Hosted on AWS infrastructure in the EU/US. Supabase provides Row Level Security (RLS) ensuring users can only access data they are

  authorized to see.

  - Cloudflare R2 (video storage) — Videos are stored securely with access controlled via presigned URLs.

  Security measures include:

  - All data transmitted between your device and our servers is encrypted using TLS/SSL.

  - Passwords are hashed using bcrypt — we never store plain-text passwords.

  - Database access is restricted with Row Level Security policies.

  - Video access is controlled via time-limited presigned URLs.

  - We regularly review and update our security practices.

  6. Data Sharing

  We do not sell, rent, or trade your personal data. We only share data with:

  - Supabase — Our backend infrastructure provider, acting as a data processor on our behalf.

  - Cloudflare — For secure video storage, acting as a data processor.

  - Expo (Push Notifications) — Your device push token is shared with Expo's Push Notification Service solely to deliver notifications you opted into.

  All third-party processors are bound by data processing agreements and are required to handle your data in accordance with GDPR standards.

  We may disclose your data if required by law, court order, or to protect our legal rights.

  7. Data Retention

  We retain your personal data for as long as your account is active and as needed to provide services to you. Specifically:

  - Account data (email, username, avatar) — Retained until you delete your account.

  - Videos — Retained as long as the associated anytimer and group exist.

  - Push notification tokens — Cleared when you log out or disable notifications.

  When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required by law to retain certain information.

  8. Your Rights (GDPR)

  Under the GDPR/AVG, you have the following rights:

  - Right of access (Art. 15) — Request a copy of the personal data we hold about you.

  - Right to rectification (Art. 16) — Correct inaccurate or incomplete data. You can update your username and avatar directly in the App.

  - Right to erasure (Art. 17) — Request deletion of your personal data ("right to be forgotten"). Contact us and we will delete your data within 30 days.

  - Right to restrict processing (Art. 18) — Request that we limit how we use your data.

  - Right to data portability (Art. 20) — Receive your data in a structured, commonly used, machine-readable format.

  - Right to object (Art. 21) — Object to processing based on legitimate interest.

  - Right to withdraw consent — Withdraw consent for push notifications at any time via device settings.

  To exercise any of these rights, contact us at [email protected]. We will respond within 30 days as required by law.

  9. Cookies & Tracking

  The Anytimer App does not use cookies, web beacons, or third-party tracking technologies. We do not track your activity across other apps or websites. We do not use any

  analytics SDKs that collect personal data.

  10. International Data Transfers

  Your data may be processed in countries outside the European Economic Area (EEA), including the United States, through our infrastructure providers (Supabase, Cloudflare). These

   transfers are protected by:

  - Standard Contractual Clauses (SCCs) approved by the European Commission.

  - Adequate security measures implemented by our processors.

  By using the App, you acknowledge these transfers.

  11. Children's Privacy

  Anytimer is not intended for users under the age of 21. We do not knowingly collect personal data from anyone under 21. If you are a parent or guardian and believe someone under

   21 has provided us with personal data, please contact us at [email protected] and we will promptly delete the information.

  12. Changes to This Policy

  We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy in the App and updating the "Last updated" date.

  Continued use of the App after changes constitutes your acceptance of the revised policy.

  If changes materially affect how we process your personal data, we will provide notice through the App or via email before the changes take effect.

  13. Complaints

  If you believe that your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. In the Netherlands, the supervisory

  authority is:

  Autoriteit Persoonsgegevens (Dutch Data Protection Authority)

  Website: autoriteitpersoonsgegevens.nl

  You may also contact us first at [email protected] and we will do our best to resolve your concern.

  Questions about your privacy? Contact us at   Email: [email protected]