diff --git a/PRIVACY.md b/PRIVACY.md new file mode 100644 index 0000000..0fb2f2a --- /dev/null +++ b/PRIVACY.md @@ -0,0 +1,475 @@ + + +# PunchIn Privacy Policy + +> **Status: Draft — pending legal review. Not yet in effect.** Drafted 8 June 2026 +> from the current data practices of the PunchIn app and its supporting services. + + + + +PunchIn is a time-tracking app for freelancers and independent contractors. It is +built to be **private by design**: your data is stored on your own device, and +nothing you enter is sent anywhere unless you deliberately turn on an optional +feature. This policy explains, in plain terms, what that means — what stays on your +device, the few things that involve a server, the optional features that send data +somewhere only when you choose to use them, and what happens to the information you +send us when you ask for help or send feedback. + +--- + +## The short version + +- **Your time-tracking data stays on your device.** Jobs, time entries, labour + types, notes, and your billing profile live in your browser's local storage + (IndexedDB). By default they are never transmitted to us or anyone else. +- **We have no accounts and no backend database.** There is nothing to sign up for, + and we do not operate a server that holds your records. +- **No analytics, no advertising, no tracking, no cookies.** PunchIn loads no + third-party trackers and sets no cookies. +- **Optional features are opt-in.** Cloud sync, device-to-device transfer, and + sending feedback each send specific data only when *you* start them. +- **Feedback you submit becomes public.** If you use our feedback form, your report + is filed as a **public GitHub issue**. Your email address, if you provide one, is + kept private and is never shown on the issue. See + [Sending feedback](#sending-feedback-optional). +- **We do not sell or share your personal information**, and we never have. + +--- + +## Who we are + +PunchIn ("PunchIn", "we", "us", or "our") is published by **PunchIn-App**, an +independent software project operated by an individual developer. PunchIn-App is the +data controller for the limited processing described in this policy. Because PunchIn +is run by an individual rather than a registered company, we identify ourselves and +take requests **by email** rather than at a postal address. + +- **App:** [trackmytime.today](https://trackmytime.today) +- **Source code:** [github.com/PunchIn-App](https://github.com/PunchIn-App) +- **Privacy contact:** [privacy@trackmytime.today](mailto:privacy@trackmytime.today) + +--- + +## What this policy covers + +This policy covers the PunchIn product as a whole: + +- the **PunchIn web app** at `trackmytime.today` and the Cloudflare Worker that + serves it (including the GitHub sign-in step used for optional sync); +- the **feedback service** at `feedback.trackmytime.today`, which turns bug reports + and feature requests into GitHub issues; and +- the **`@trackmytime.today` email aliases** (such as `privacy@`, `contact@`, and + `abuse@`) you can write to, and the relay that delivers and answers that mail. + +It does **not** cover third-party services you may choose to connect or visit — such +as GitHub, Google, or Microsoft for cloud sync, GitHub itself when you browse an +issue, or external links like our "Support the App" page. Those services are +governed by their own privacy policies, linked under +[Third-party services](#third-party-services). + +--- + +## Data PunchIn stores on your device + +Everything you create in PunchIn is stored locally in your browser and, by default, +never leaves your device: + +| Where it's stored | What it contains | +|---|---| +| **IndexedDB** (`PunchInDB`) | Your jobs and clients, time entries (including any notes and start/stop times), labour types, deletion records, and all app settings — including your **billing profile** (name, business name, email, phone, address, logo) used to generate invoices. | +| **Local storage** | A few small preferences and a randomly generated **device identifier** (`pi.deviceId`). The device identifier is an 8-character random value created on your device; it is used to keep cloud-sync data from different devices separate, and it persists across a factory reset. Other local-storage values include UI state such as how many times you've opened the app (used to time the "add to home screen" prompt) and which prompts you've dismissed. | +| **Encrypted credential store** | If — and only if — you connect cloud sync, your sync access token is stored encrypted at rest using a non-extractable key held by your browser. It is never stored in plain text. | + +You are always in control of this data: you can export a full backup (JSON or CSV), +import data, delete individual entries, clear all data, or perform a factory reset +from within the app's Settings. + +> **A note on local storage:** Data in your browser is stored in plain text (except +> the encrypted sync token described above). Anyone with access to your unlocked +> device could read it. Protect your device with a passcode or biometric lock, and +> use your operating system's account separation if you share the device. + +--- + +## Information processed when you use the app + +PunchIn has no analytics and sets no cookies, but a few unavoidable technical +interactions occur simply because PunchIn is a website: + +- **Hosting and delivery.** PunchIn is served by **Cloudflare Workers**. Each time + you open or reload the app — and when the app checks for an update — your browser + makes standard web requests to Cloudflare. As with any website, our hosting + provider may process technical request data such as your IP address, browser + user-agent, and the time of the request for the purposes of delivering the app, + security, and abuse prevention. We do not maintain our own analytics logs of this + activity. +- **App (home-screen) icons.** If you choose a custom accent colour, your browser + requests a matching app icon from our server. That request contains only the + colour value (a hex code) — no personal data. +- **Service-worker updates.** PunchIn is an installable Progressive Web App. To + deliver updates, your browser periodically asks our server whether a newer version + is available. This is a standard web request and carries no PunchIn-specific + personal data. + +No content you enter into PunchIn (your jobs, entries, notes, or billing profile) is +transmitted during any of the above. + +--- + +## Optional features that send data off your device + +The following features are **off by default**. Each one sends only the data +described, and only after you start it. + +### Cloud sync (optional) + +If you connect cloud sync, PunchIn backs up and synchronises your data to **your +own** cloud-storage account with a provider you choose: + +- **What is sent:** a snapshot of your PunchIn data — your jobs, time entries, labour + types, deletion records, and settings (which include your billing profile). This is + written to **your own account** (a private GitHub Gist, a file in your Google Drive + app-data folder, or a file in your Microsoft OneDrive app folder). We do not + receive a copy and do not operate the storage. +- **What is *not* sent:** your encrypted sync access token is kept on your device and + is not included in the synced snapshot. +- **Sign-in:** connecting a provider uses that provider's standard OAuth sign-in. For + **GitHub**, the authorization code is exchanged for an access token by our + Cloudflare Worker (which holds the GitHub client secret); the token is passed back + to the app and is **not stored or logged by the Worker**. **Google** and + **Microsoft** sign-in happen entirely in your browser and do not involve our + Worker. +- **Provider access:** to find or create PunchIn's sync file, the app may need to read + your account's file list from the provider (for example, GitHub sync reads the list + of your existing Gists to locate PunchIn's). This happens within your authorised + connection to that provider. The scopes requested are deliberately narrow — app-only + storage for Google (`drive.appdata`) and OneDrive (`Files.ReadWrite.AppFolder`), and + gist access for GitHub (`gist`). +- **Third parties:** the provider you choose (GitHub, Google, or Microsoft) processes + this data under its own privacy policy. You can disconnect sync at any time in + Settings, which removes PunchIn's sync file from your account. + +### Device-to-device transfer (optional) + +You can move your data to another device by generating a transfer link or QR code. +The data is encoded directly into the link (in the URL fragment) or the QR image and +shared by you — **peer-to-peer**. URL fragments are not transmitted to web servers, +so this transfer does not send your data to us or our host. You control who you share +the link or code with; treat it like the data itself. + +### Sending feedback (optional) + +If you choose to report a bug or suggest a feature, you can use our account-free +feedback form at **`feedback.trackmytime.today`** (you can also file directly on +GitHub if you have an account — see below). Feedback is entirely voluntary, but please +read this section carefully, because **what you submit becomes public.** + +- **Your report becomes a public GitHub issue.** When you submit the form, we file it + as an issue in our public repository, + [github.com/PunchIn-App/punchin](https://github.com/PunchIn-App/punchin/issues). + **Anyone on the internet can read it.** That includes everything you type (the + title, description, steps, and any context you add) and a small amount of **coarse + environment information** the form collects to help us reproduce issues: the app + version, whether the app is installed or running in a browser tab, your browser + family and major version (e.g. "Chrome 124"), your operating system, and your + device model or screen size. **Do not include anything you would not want to be + public** — including your time-tracking data, client names, passwords, or other + people's personal information. +- **Screenshots are public too.** Any screenshots you attach (up to five images) are + stored in our private Cloudflare R2 storage, served from `feedback.trackmytime.today`, + and **embedded in the public issue** — so anyone who can see the issue can see them. + They are deleted **one year after upload** (reset if the issue is reopened) or + **30 days after the issue is closed**, whichever comes first. +- **Your email address is optional and kept private.** You only need to provide an + email if you want to be notified about your report (a copy on submission, or alerts + when it is closed, reopened, or commented on). If you provide one, it is **never + written to the public issue.** It is stored only in our Cloudflare KV store, solely + to send the notifications you asked for, and is purged about **three months (90 days) + after the issue is closed** (reopening restarts that window), after about **one year** + if the issue never closes, or **immediately when you unsubscribe** (every + notification email includes an unsubscribe link). +- **Replying by email.** If you opt in to comment notifications, you can reply to a + notification email to add a comment back to the issue. We match your reply to your + report using the email address you provided; that reply is then posted publicly on + the issue, attributed to "the reporter". +- **Abuse prevention.** To stop spam and abuse, the form is protected by Cloudflare + Turnstile (a privacy-friendly bot check) and by rate limiting. For rate limiting we + take your IP address, immediately **hash it (SHA-256)**, and keep only that hash as + a short-lived counter for **about 10 minutes**. We do not store your raw IP address, + and the hash is never linked to your report, your email, or the issue. +- **Filing directly on GitHub.** Alternatively you can file a report on GitHub + yourself, which requires a GitHub account and is governed by + [GitHub's privacy statement](https://docs.github.com/site-policy/privacy-policies/github-privacy-statement). + Anything you post to a public issue is public. + +### Supporting the app (optional) + +The Settings screen includes a link to an external "Buy Me a Coffee" page. PunchIn +embeds no payment or tracking scripts; if you follow that link, you leave PunchIn and +are subject to that service's own privacy policy. + +--- + +## When you email us + +You can write to us at our `@trackmytime.today` aliases — for example +[privacy@trackmytime.today](mailto:privacy@trackmytime.today), +`contact@trackmytime.today`, or `abuse@trackmytime.today`. These addresses are served +by a privacy-preserving email relay (our `punchin-email` service): + +- **What it does.** Mail you send to an alias is forwarded to the operator's personal + inbox so we can read and answer it. When we reply, the relay sends our answer back to + you **from the alias**, so our personal inbox address is never exposed to you, and + yours is never exposed beyond the operator. +- **What it stores.** To connect our reply to your original message, the relay stores a + small **thread record** — your email address, the alias you wrote to, and a timestamp — + in Cloudflare KV for **30 days** (refreshed while a conversation is active). **The + content of your email is not stored** by the relay; it is forwarded and discarded. +- **What it logs.** Operational logs record only a delivery verdict and error types — + **no email addresses and no message content.** +- **What you send us.** Naturally, anything you choose to put in an email to us (your + message, and whatever personal details you include) reaches the operator's inbox and + is retained there as ordinary correspondence for as long as needed to deal with your + request. + +--- + +## Cookies and similar technologies + +**PunchIn does not use cookies.** It uses your browser's IndexedDB and local storage, +as described under [Data PunchIn stores on your device](#data-punchin-stores-on-your-device), +solely to make the app work — not to track you across sites or sessions. There are no +advertising or analytics technologies of any kind. + +--- + +## How we use information, and our legal bases + +Because PunchIn collects so little, our uses are narrow: + +| Purpose | Data involved | Legal basis (GDPR) | +|---|---|---| +| Provide the app's core function (track your time, on your device) | Data stored locally on your device | Performance of our service to you / legitimate interests | +| Deliver and update the app | Standard web-request data processed by our host | Legitimate interests (operating and securing the service) | +| Sync your data to your own cloud account | Your data snapshot, sent to your chosen provider | Your consent (you enable sync) | +| Receive, triage, and act on your feedback | What you submit, plus the public coarse environment info and any screenshots | Your consent (you choose to send it) | +| Send the feedback notifications you ask for | Your email address and notification preferences | Your consent (you opt in; withdraw any time via unsubscribe) | +| Prevent spam and abuse of the feedback form | A short-lived hashed (SHA-256) IP counter and a bot-check | Legitimate interests (protecting the service) | +| Receive and answer email you send us | Your email address, the alias, and your message | Legitimate interests (responding to you) | + +We do not use your information for profiling, automated decision-making, or +advertising. + +--- + +## Sharing and disclosure + +**We do not sell your personal information, and we do not share it for cross-context +behavioural advertising** (as those terms are used under the California Consumer +Privacy Act, as amended by the CPRA). We have no advertising relationships. + +We do not disclose your information to third parties except: + +- **Service providers we rely on to run the product** — principally **Cloudflare** + (app hosting and delivery; the feedback service's compute, storage, and email; and + the email relay) and, for the feedback service, **GitHub** (which hosts the public + issues your feedback becomes). These providers process data on our behalf to operate + the service. +- **Providers you choose to connect** — if you enable cloud sync, your chosen provider + (GitHub, Google, or Microsoft) receives the data you sync, under your account and + their policy. +- **The public** — content you submit through the feedback form is, by design, posted + publicly on GitHub (your email address excepted). See + [Sending feedback](#sending-feedback-optional). +- **Legal requirements** — if required by law, regulation, or valid legal process. + Note that because we do not hold your time-tracking data on a server, there is + generally nothing of that kind for us to produce. + +--- + +## Data retention + +- **On your device:** your data is retained until *you* delete it — by removing + entries, clearing data, or performing a factory reset. Deleting an entry records a + small deletion marker so the deletion propagates if you use sync; that marker + contains no time-tracking content. +- **On our servers:** we do not maintain a database of your records. The GitHub + sign-in exchange is transient and not stored. +- **In your synced cloud account:** data you sync persists in your own account until + you disconnect sync (which deletes PunchIn's sync file) or delete it yourself. +- **Feedback you send:** + - *The public issue* (your report text and coarse environment info) persists on + GitHub until we or you delete it, subject to GitHub's retention. + - *Screenshots:* deleted one year after upload (reset on reopen) or 30 days after the + issue is closed, whichever is first. + - *Your email address and notification preferences:* purged about three months + (90 days) after the issue is closed, after about one year if it never closes, or + immediately on unsubscribe. + - *Anti-abuse IP hash:* about 10 minutes. +- **Email you send us:** the relay's thread record (your address + alias + timestamp, + no message content) is kept for 30 days; the message itself is retained in the + operator's inbox as ordinary correspondence for as long as needed to handle your + request. + +--- + +## Your privacy rights + +Because your data lives on your device, **you already have direct, complete control** +over it — you can view, export, correct, and delete it at any time from within the app, +without asking anyone. + +In addition, depending on where you live, you may have the following rights. + +### If you are in the EU, EEA, or UK (GDPR / UK GDPR) + +You have the right to **access**, **rectify (correct)**, **erase**, **restrict** or +**object to** the processing of your personal data, the right to **data portability**, +and the right to **withdraw consent** at any time (for example, by disabling sync, +unsubscribing from feedback notifications, or not sending feedback). You also have the +right to lodge a complaint with your local supervisory authority. + +### If you are in California (CCPA / CPRA) + +You have the right to **know** what personal information is collected and how it is +used, the right to **delete** it, the right to **correct** it, and the right to +**non-discrimination** for exercising your rights. We **do not sell or share** personal +information and do not use sensitive personal information for any purpose beyond +providing the service, so there is no "Do Not Sell or Share" action needed. + +### How to exercise your rights + +For data on your device or in your synced account, the fastest route is the app's own +controls (export, edit, delete, factory reset, disconnect sync). To unsubscribe from +feedback notifications, use the link in any notification email. For anything else, or to +ask a question about this policy, contact +[privacy@trackmytime.today](mailto:privacy@trackmytime.today). We may need to verify +your request, and we will respond within the timeframe required by applicable law. + +--- + +## Children's privacy + +PunchIn is a tool for working professionals and is **not directed to children**. We do +not knowingly collect personal information from children under 13 (or under 16 in the +EU/EEA/UK). If you believe a child has provided information through an optional feature +such as feedback, contact us and we will delete it. + +--- + +## International users and data transfers + +PunchIn is delivered through Cloudflare's global edge network, so the app may be served +from a location near you regardless of where you are. If you enable cloud sync, your +data is stored with the provider you choose (GitHub, Google, or Microsoft), which may +process it in other countries under its own safeguards. Feedback you submit is hosted on +GitHub (a US-based service). By using these optional features, you understand that the +relevant provider may transfer and process data internationally in accordance with its +policy. + +--- + +## Security + +- PunchIn has **no central database of your records**, which sharply limits the risk of + a server-side breach exposing your data. +- The app is served only over **HTTPS**, with HTTP Strict Transport Security and a + strict **Content-Security-Policy** that blocks third-party scripts and limits network + connections to the specific services described here. +- Your cloud-sync access token, if you connect sync, is **encrypted at rest** on your + device with a non-extractable key. +- The feedback service hashes IP addresses for rate limiting, keeps reporter emails out + of public issues, and stores screenshots under unguessable keys. +- The email relay strips identifying headers and never exposes the operator's personal + inbox address to correspondents. +- Your on-device data is otherwise stored in plain text by design (see the note above). + Your device's own security is an important part of keeping it private. + +No method of storage or transmission is perfectly secure, but PunchIn's local-first +design means most of your data never travels at all. + +--- + +## Third-party services + +These third parties may process data **only** in the situations described above: + +- **Cloudflare** — app hosting and delivery; feedback-service compute, storage (KV, R2), + email sending, and bot protection (Turnstile); and the email relay — + [Privacy Policy](https://www.cloudflare.com/privacypolicy/) +- **GitHub** — hosts the public issues created by the feedback service, and optional + cloud sync to a private Gist — + [Privacy Statement](https://docs.github.com/site-policy/privacy-policies/github-privacy-statement) +- **Google** — optional cloud sync to your Google Drive — + [Privacy Policy](https://policies.google.com/privacy) +- **Microsoft** — optional cloud sync to your OneDrive — + [Privacy Statement](https://privacy.microsoft.com/privacystatement) +- **Buy Me a Coffee** — optional support link — + [Privacy Policy](https://www.buymeacoffee.com/privacy-policy) + +--- + +## Changes to this policy + +If we change how PunchIn handles data, we will update this policy and revise the +"Effective date" above. Material changes will also be noted in the app's changelog. Your +continued use of PunchIn after an update means you accept the revised policy. + +--- + +## Contact us + +Questions, requests, or concerns about privacy: +[privacy@trackmytime.today](mailto:privacy@trackmytime.today) + +To report a security vulnerability, please follow our +[Security Policy](https://github.com/PunchIn-App/punchin/blob/main/SECURITY.md) instead +(it has a dedicated reporting channel). + +--- + + diff --git a/TERMS.md b/TERMS.md new file mode 100644 index 0000000..0d80d00 --- /dev/null +++ b/TERMS.md @@ -0,0 +1,308 @@ + + +# PunchIn Terms of Service + +> **Status: Draft — pending legal review. Not yet in effect.** Drafted 8 June 2026. + + + + +These Terms of Service ("**Terms**") are an agreement between you and **PunchIn-App**, +an independent software project operated by an individual developer ("**PunchIn**", +"**we**", "**us**", or "**our**"). They govern your use of the PunchIn product and its +services. Please read them together with our +[Privacy Policy](https://github.com/PunchIn-App/punchin/blob/main/PRIVACY.md), which is +incorporated into these Terms by reference. + +**By using the Services, you agree to these Terms.** If you do not agree, please do not +use the Services. + +--- + +## 1. What these Terms cover ("the Services") + +"**Services**" means, collectively: + +- the **PunchIn web app** at [trackmytime.today](https://trackmytime.today) (a + local-first, installable Progressive Web App for time tracking); +- the **feedback service** at `feedback.trackmytime.today`, which lets you file bug + reports and feature requests; and +- the **`@trackmytime.today` email aliases** and relay you can use to contact us. + +These Terms govern your use of the hosted Services we operate. The PunchIn **source +code** is separately available under open-source licences — see +[Software licences](#7-software-licences-and-open-source). + +--- + +## 2. Eligibility + +The Services are intended for working professionals and are **not directed to +children**. You must be at least 13 years old (and at least 16 if you are in the +EU/EEA/UK) to use the Services. If you are using the Services on behalf of a business +or other organisation, you represent that you are authorised to accept these Terms on +its behalf — but note that **organisational use of the app software is separately +licensed** (see [Section 7](#7-software-licences-and-open-source)). + +--- + +## 3. The Services are free, account-free, and provided "as is" + +- **No accounts, no fee.** PunchIn requires no sign-up and charges nothing to use. We + may offer optional ways to support the project (such as a "Buy Me a Coffee" link), but + these are voluntary and are not a condition of use. +- **Local-first.** The app stores your data on your own device by default. We do not + operate a backend database of your records, and we cannot recover data you lose. +- **No guarantee of availability.** The Services are provided on an "as is" and "as + available" basis. We may change, suspend, or discontinue any part of the Services at + any time, with or without notice. Because the app runs on your device, it will keep + working locally even if we discontinue the hosted Services. + +--- + +## 4. Your data and privacy + +- **Your data is yours.** You retain all rights to the content you create in PunchIn + (your jobs, time entries, notes, billing profile, and so on). We claim no ownership + of it. +- **You are responsible for your own backups.** Because your data lives on your device, + clearing your browser storage, losing your device, or a factory reset can erase it. + Use the app's export and optional sync features to keep backups. +- **Optional features are opt-in.** Cloud sync writes to *your own* third-party storage + account; device-to-device transfer is peer-to-peer; sending feedback is voluntary. + How each feature handles data is described in the + [Privacy Policy](https://github.com/PunchIn-App/punchin/blob/main/PRIVACY.md). + +--- + +## 5. Acceptable use + +When using the Services, you agree **not** to: + +- use the Services for any unlawful purpose, or in violation of any applicable law or + regulation; +- submit content that is illegal, infringing, defamatory, or that contains other + people's personal or confidential information without authorisation; +- attempt to gain unauthorised access to, disrupt, overload, or impair the Services or + the infrastructure they run on (including circumventing rate limits or the feedback + form's anti-abuse measures); +- attempt to identify, de-anonymise, or uncover the operator's personal contact details + through the email relay, or use the relay or feedback service to send spam, malware, or + harassing content; +- misrepresent your identity or your affiliation in a way intended to deceive; or +- use the Services to build a competing dataset by automated scraping in a manner that + burdens the infrastructure. + +We may rate-limit, reject, remove, or decline to act on submissions, and may suspend +access, to protect the Services and other users. + +--- + +## 6. Feedback submissions + +If you use the feedback form or file an issue, the following applies **in addition to** +the acceptable-use rules above: + +- **Your submission becomes public.** Feedback you submit is filed as a **public GitHub + issue** at [github.com/PunchIn-App/punchin](https://github.com/PunchIn-App/punchin/issues), + including any text and screenshots you provide and the coarse device/browser + information the form collects. **Do not submit anything you would not want to be + public**, including your time-tracking data, client information, credentials, or other + people's personal information. (Your email address, if you provide one, is kept private + and is not posted — see the Privacy Policy.) +- **Licence to your feedback.** You grant us a perpetual, worldwide, royalty-free, + irrevocable, non-exclusive licence to use, reproduce, modify, publish, and incorporate + your feedback (including any suggestions or ideas) into PunchIn or any other product, + without obligation or compensation to you. You confirm you have the right to grant this + and that your submission does not violate anyone else's rights. +- **No obligation.** We are under no obligation to respond to, act on, keep, or implement + any feedback, and may close or delete issues at our discretion. + +--- + +## 7. Software licences and open source + +PunchIn's source code is open and published at +[github.com/PunchIn-App](https://github.com/PunchIn-App). Your rights to the **software +itself** (as opposed to the hosted Services) are governed by each repository's licence, +not by these Terms: + +- **The PunchIn app** ([`punchin`](https://github.com/PunchIn-App/punchin)) is licensed + under the **Business Source License 1.1 (BUSL-1.1)**. In short: **any individual may + use the app to track their own time at no charge** (including for billable work); + **organisational/commercial deployment** (for example, a company running it for its + workforce) requires a separate commercial licence. The licence converts to + **GNU AGPL-3.0** on the Change Date, **2 June 2030**. The full terms and the + controlling Additional Use Grant are in the + [LICENSE](https://github.com/PunchIn-App/punchin/blob/main/LICENSE) file. For a + commercial licence, contact `licensing@trackmytime.today`. +- **The email relay** ([`punchin-email`](https://github.com/PunchIn-App/punchin-email)) + and **the feedback service** + ([`punchin-feedback`](https://github.com/PunchIn-App/punchin-feedback)) are licensed + under the **Apache License 2.0**. + +If anything in these Terms appears to conflict with an applicable open-source licence as +to your use of the *source code*, the open-source licence governs the code. + +--- + +## 8. Third-party services + +The Services interact with third parties — Cloudflare (hosting, storage, email), GitHub +(public issues and optional sync), and, if you enable cloud sync, Google or Microsoft. +Your use of those services is governed by **their** terms and privacy policies. We are +not responsible for third-party services, and your dealings with them are between you and +them. + +--- + +## 9. Intellectual property and trademarks + +The PunchIn name, logo, brand mark, and wordmark are ours. The open-source licences above +grant you rights to the code; they **do not** grant you a right to use our name or branding +in a way that suggests endorsement of, or affiliation with, a fork or derivative product. +Please don't imply that a modified version is the official PunchIn. + +--- + +## 10. Disclaimer of warranties + +THE SERVICES ARE PROVIDED "**AS IS**" AND "**AS AVAILABLE**", WITHOUT WARRANTIES OF ANY +KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING (WITHOUT LIMITATION) THE IMPLIED +WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND +NON-INFRINGEMENT. WE DO NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, SECURE, OR +ERROR-FREE, THAT DATA WILL NOT BE LOST, OR THAT THE SERVICES WILL MEET YOUR REQUIREMENTS. +PunchIn is a time-tracking aid; **you are responsible for verifying the accuracy of any +time, totals, or invoices** you rely on. Some jurisdictions do not allow the exclusion of +certain warranties, so some of the above may not apply to you. + +--- + +## 11. Limitation of liability + +TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT WILL PunchIn-App OR ITS OPERATOR BE +LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES, OR FOR +ANY LOSS OF PROFITS, REVENUE, DATA, OR GOODWILL, ARISING OUT OF OR RELATING TO YOUR USE OF +(OR INABILITY TO USE) THE SERVICES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. OUR +TOTAL AGGREGATE LIABILITY FOR ALL CLAIMS RELATING TO THE SERVICES WILL NOT EXCEED THE +GREATER OF (A) THE AMOUNT YOU PAID US TO USE THE SERVICES IN THE 12 MONTHS BEFORE THE CLAIM +(WHICH, FOR THE FREE SERVICES, IS ZERO) OR (B) USD $50. Some jurisdictions do not allow the +limitation of certain damages, so some of the above may not apply to you. + +--- + +## 12. Indemnification + +To the extent permitted by law, you agree to indemnify and hold harmless PunchIn-App and +its operator from any claims, damages, liabilities, and reasonable expenses arising out of +your misuse of the Services, your violation of these Terms, or your violation of any law or +the rights of a third party (including content you submit to the feedback service). + +--- + +## 13. Changes to the Services and to these Terms + +We may update these Terms from time to time. When we do, we will revise the "Effective +date" above and, for material changes, note them in the app's changelog. Changes take +effect when posted; **your continued use of the Services after a change means you accept the +revised Terms.** We may also change, suspend, or discontinue the Services as described in +[Section 3](#3-the-services-are-free-account-free-and-provided-as-is). + +--- + +## 14. Termination + +You may stop using the Services at any time. We may suspend or terminate your access to the +hosted Services at any time if you violate these Terms or to protect the Services. Because +the app is local-first, terminating the hosted Services does not delete the data on your +device. Sections that by their nature should survive termination (including +[6](#6-feedback-submissions), [9](#9-intellectual-property-and-trademarks), +[10](#10-disclaimer-of-warranties), [11](#11-limitation-of-liability), +[12](#12-indemnification), and [15](#15-governing-law-and-disputes)) will survive. + +--- + +## 15. Governing law and disputes + +These Terms are governed by the laws of the **Commonwealth of Massachusetts, United +States**, without regard to its conflict-of-laws rules. You and we agree that the state and +federal courts located in **Massachusetts** will have exclusive jurisdiction over any +dispute arising out of or relating to these Terms or the Services, and you consent to the +personal jurisdiction of those courts — except where applicable law gives you the right to +bring proceedings in your local courts (for example, certain consumer protections in the +EU/UK), which these Terms do not override. + +--- + +## 16. Miscellaneous + +- **Entire agreement.** These Terms and the Privacy Policy are the entire agreement between + you and us regarding the Services, and supersede any prior agreements on that subject. +- **Severability.** If any provision is held unenforceable, the rest remains in effect, and + the unenforceable provision will be limited to the minimum extent necessary. +- **No waiver.** Our failure to enforce a provision is not a waiver of it. +- **Assignment.** You may not assign these Terms without our consent; we may assign them in + connection with a transfer of the project. +- **No partnership.** Nothing in these Terms creates an agency, partnership, or employment + relationship between you and us. + +--- + +## 17. Contact + +Questions about these Terms: `contact@trackmytime.today` +Commercial licensing of the app: `licensing@trackmytime.today` +Privacy questions: [privacy@trackmytime.today](mailto:privacy@trackmytime.today) +Security reports: see the +[Security Policy](https://github.com/PunchIn-App/punchin/blob/main/SECURITY.md). + +--- + +