Privacy Policy
This Privacy Policy explains how Jayson Feldman ("we", "us", or "our") collects, uses, stores, and shares information when you use Vrema (the "Service") at https://vrema.dev/.
Vrema is a time tracking application. Its purpose is to help you track time from Google Calendar. We designed the Service to process as little personal data as needed for that purpose.
1. Who is responsible
The data controller for the Service is Jayson Feldman, located in the Netherlands.
Privacy contact: jaysonfeldman@gmail.com
2. Information we collect
Google account information. When you sign in with Google, we receive your Google user ID, name, email address, and profile picture.
Google Calendar data. With your consent, Vrema requests read-only access to your Google Calendar and calendar events. We may process event titles, start and end times, and related calendar metadata needed to calculate projects, activities, and hours.
Authentication tokens. An OAuth access token and related session details may be stored in your browser so you can stay signed in for a limited time.
App preferences. We may store local preferences in your browser, such as theme settings, sidebar state, project filters, and display settings.
Feedback. If you submit feedback, we receive the content you send, including the optional email address you provide.
Technical data. Our hosting provider may process standard server logs such as IP address, browser type, and request timestamps.
3. Google API services and Limited Use
Vrema's use and transfer of information received from Google APIs adhere to the Google API Services User Data Policy, including the Limited Use requirements.
- We use Google user data only to provide and improve user-facing features of Vrema, such as signing you in and turning calendar events into time tracking insights.
- We do not sell Google user data.
- We do not use Google user data for serving advertisements.
- We do not allow humans to read Google user data unless you give explicit permission, it is necessary for security or legal compliance, or the data is aggregated and no longer identifiable.
- Google Calendar access is read-only. Vrema does not create, edit, or delete calendar events through Google APIs.
Scopes Vrema may request include openid, userinfo.profile, userinfo.email, calendar.readonly, and calendar.events.readonly.
4. How we use information
- Authenticate you and maintain your session
- Display your projects, activities, and hours based on calendar events
- Sync and process calendar data needed for time tracking features
- Remember preferences you set in the Service
- Respond to feedback and support requests
- Operate, secure, and improve the Service
- Comply with legal obligations
5. Where information is stored
Google profile information and OAuth access tokens are stored locally in your browser. Calendar data used for timesheets may be held in browser memory while you use the Service. Feedback messages are processed through Resend. The Service is hosted on Vercel. We may also use Supabase to store application data related to time tracking features.
6. Sharing of information
We share information only with processors that help run Vrema: Google, Vercel, Supabase, and Resend. We do not sell your personal data.
7. Your rights
You may sign out of Vrema, revoke access at https://myaccount.google.com/permissions, clear browser storage for vrema.dev, or contact jaysonfeldman@gmail.com to request access or deletion. In the Netherlands, you may contact the Autoriteit Persoonsgegevens.
8. Contact
Questions about this Privacy Policy: jaysonfeldman@gmail.com