FirmTimer IconFirmTimer

    PRIVACY POLICY

    Last Updated: 11 May 2025

    Firm Timer ("Firm Timer," "Company," "we," "our," or "us") respects the privacy of individuals who visit, use, and interact with our desktop application, web application, and marketing site available at firmtimer.com (collectively, the "Services"). This Privacy Policy ("Policy") describes the types of information we collect, how we use that information, the circumstances under which we may disclose the information to third parties, and the choices and rights available to you.

    Firm Timer is presently operating as an unincorporated business and intends to form a Delaware limited‑liability company in the foreseeable future. Our business mailing address is 1407 Codman Way, Westboro, Massachusetts 01581, USA. All questions or requests regarding this Policy may be directed to avi@firmtimer.com or ritesh@firmtimer.com.

    1. Scope and Acceptance

    By accessing or using the Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Policy and any subsequent modifications. If you do not agree with any part of this Policy, you must not access or use the Services.

    The Services are intended solely for individuals aged eighteen (18) years or older and are not directed to minors. We do not knowingly solicit or collect personal information from individuals under eighteen (18) years of age.

    2. Information We Collect

    We collect personal information and other information in the following circumstances:

    Account Registration Information. When you create an account, we collect your name, firm name, work and firm email addresses, firm postal address, telephone number, and firm logo.

    Billing and Payment Information. When you subscribe to a paid plan, our third‑party payment processor (Stripe) collects tokenized payment credentials, billing address, and seat count. We receive confirmation of payment status but do not store your full card number.

    Usage and Activity Data.

    Passive Time‑Tracking Data. The desktop application automatically records application names, window titles, timestamps, and active or idle status for the purpose of generating time‑tracking entries.

    Manual Time Entries. When you enter time manually, we process the client name, matter name, UTBMS task codes, notes you provide, and associated timestamps.

    Support and Correspondence. If you contact us for support, we collect the content of your communications and any logs, screenshots, or other materials you choose to provide.

    Website Analytics Information. When you visit our marketing site, we automatically collect your IP address, browser type, device information, and pages visited through first‑party cookies and Google Analytics.

    Certain activity data may incidentally contain privileged or highly confidential client information. Such data is stored in private, encrypted Cloudflare R2 buckets accessible solely through authenticated back‑end services.

    3. Use of Information

    Firm Timer uses the information described above for the following limited purposes:

    Contractual Performance. To create and maintain your user account, provide the Services, fulfil your subscription, and process payments.

    Legitimate Interests. To operate, secure, and improve the Services; prevent fraud and misuse; and respond to user inquiries and support requests.

    Legal Compliance. To satisfy applicable legal or regulatory obligations and to protect or exercise our legal rights.

    4. Disclosure of Information

    Firm Timer does not sell or share personal information for advertising purposes. We disclose information only in the circumstances below and solely to the extent necessary:

    Service Providers. We engage third‑party vendors that process information on our behalf and in accordance with our instructions, including Amazon Web Services, Cloudflare R2, Vercel, Elastic Beanstalk (hosting and storage); Stripe (payment processing); Resend (transactional email); and Google Analytics and Vercel (site analytics). All such vendors store and process information exclusively in the United States.

    Business Transfers. In connection with a merger, acquisition, financing, or sale of assets, subject to customary confidentiality restrictions.

    Legal Requirements. Where required by law or court order, or to protect the rights, property, or safety of Firm Timer, our users, or others.

    5. International Transfers

    The Services are marketed to users in the United States and Canada. All personal information is stored and processed within the United States. By using the Services, you consent to the transfer of your information to the United States, which may have privacy laws that differ from those in your jurisdiction.

    6. Retention

    We retain personal information for as long as necessary to fulfil the purposes outlined in this Policy unless a longer retention period is required or permitted by law. Time‑tracking data and billing records are retained until you request deletion. You may request deletion at any time by emailing avi@firmtimer.com or ritesh@firmtimer.com.

    7. Your Rights and Choices

    Firm Timer will, upon request and in accordance with applicable law, provide individuals with reasonable access to their personal information and will permit them to correct, amend, or delete such information. Requests should be directed to the email addresses listed above. You may opt out of any non‑transactional communications by using the unsubscribe mechanism included in each such message.

    8. Security

    Firm Timer employs industry‑standard administrative, technical, and physical safeguards designed to protect personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These safeguards include, without limitation, TLS encryption in transit, provider‑level encryption at rest, JWT‑based authentication, private storage buckets secured with secret access keys, and internal role‑based access controls. In the event of a data breach affecting personal information, we will provide notice to affected individuals within seventy‑two (72) hours of discovery.

    9. Cookies and Similar Technologies

    Our marketing site utilizes essential cookies and Google Analytics cookies to measure site traffic and usage trends. We also store minimal settings (such as user initials and onboarding status) in local storage for user experience purposes. Users may disable cookies through their browser settings; however, certain functionality of the Services may be limited.

    10. Policy Updates

    Firm Timer may revise this Policy at any time. Material changes will be indicated by an updated "Last Updated" date above. Your continued use of the Services following the posting of changes constitutes your acceptance of such changes.

    11. Governing Law and Dispute Resolution

    This Policy shall be governed by and construed in accordance with the laws of the State of Delaware without regard to its conflict‑of‑laws principles. Any dispute arising from or relating to this Policy or the Services shall be resolved exclusively through binding arbitration administered by the American Arbitration Association in accordance with its Commercial Arbitration Rules. Prior to initiating arbitration, the parties shall attempt in good faith to resolve any dispute informally for a period of thirty (30) days.

    12. Contact Information

    For questions concerning this Policy or our privacy practices, please contact:

    Firm Timer
    1 Codman Way #1407
    Westboro, MA 01581 USA
    Email: avi@firmtimer.com | ritesh@firmtimer.com

    By continuing to use the Services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.