Skip to content
Drifttt

Privacy Policy

Last updated: 10 July 2026

This policy explains what data Drifttt (“Drift Time Tracker”) collects, why, who it is shared with, and the rights you have over it. We have written it to match what the app actually does — no more, no less.

1. Who we are

Drifttt is operated by Mariia Kuznetsova, an independent freelancer based in Serbia (the “operator”, “we”, “us”). The operator is the data controller for the personal data described here. For any privacy question or request, contact support@drifttt.com.

Drifttt is local-first: the app works fully offline, and your data stays on your device unless you choose to sign in and enable sync. This policy covers both the on-device app and our optional server.

2. What we collect

Account & authentication

Sign-in is passwordless. If you create an account, we collect your email address and sign you in with a one-time code (OTP). We do not store a password. We store authentication tokens and session data needed to keep you signed in. If you connect an AI assistant, we create and store OAuth tokens for that connection.

Your content (synced only if you sign in)

When you use sync, the following is stored on our server; otherwise it stays only on your device:

The content you enter can include personal data about third parties — most obviously your clients, but also anyone else you enter details about (for example in session comments, invoice line items, or your business profile). You choose what to enter, and you are responsible for having a lawful basis to store and process that data.

Device & connection

We record a per-install device id, platform, app version, and last-seen time so sync and multi-device features work. Your IP address is processed transiently to rate-limit requests and protect the service; we do not build a profile from it.

Usage analytics

We collect product-usage events — for example which screens and features are used — so we can improve the app. These events are keyed to a random install id; while you are signed out they stay anonymous, and while you are signed in they are pseudonymous — tied to your account, and so treated as personal data. The events record how the app is used, not the content of your work (no message text, project or client details). There is no advertising and no third-party ad or tracking SDK in Drifttt.

Change history

For safety and undo, we keep a short (90-day) server-side log of changes to your data, including which device or AI assistant made each change. This log never leaves our server and powers the in-app “restore” feature.

3. How we use it

4. Legal bases (GDPR)

Where the EU General Data Protection Regulation applies, we rely on:

5. Sharing & sub-processors

We do not sell your data and do not share it for advertising. We use a small number of providers to run the service:

6. AI connectors

If you connect Claude or ChatGPT, that assistant can read and change your data on your instruction — for example to log a session, start a timer, or draft an invoice. We record which connector is linked and when it was last used. Connecting an AI is optional and you can disconnect it at any time. Note that the AI provider you connect handles the conversation under its own privacy policy.

7. Security

We protect your data with:

To be clear: Drifttt is not end-to-end encrypted. As the operator, we can technically access data stored on our server in order to run, support and troubleshoot the service. We access it only when needed for those purposes.

8. Retention

9. Your rights

Depending on where you live, you have rights to access, export, correct, delete, and object to or restrict the processing of your personal data. EU/EEA users may also lodge a complaint with a supervisory authority.

10. Children

Drifttt is not directed at anyone under 16, and we do not knowingly collect personal data from children under 16.

11. International transfers

Our server and backup providers may store or process data in a country different from your own. Where personal data is transferred internationally, we take steps to ensure it remains protected in line with applicable law, including appropriate safeguards where required.

12. Changes & contact

We may update this policy from time to time. When we make material changes, we will revise the “Last updated” date above and, where appropriate, notify you in the app. This version is effective as of the date shown.

Questions or requests: support@drifttt.com.

↑ Back to top