AI Gadgets new homepage is live now click here to learn more
Home
Ticket Timeline
Ticket Timeline

Privacy Policy

Ticket Timeline LLC · Effective Date: April 29, 2026

1. Introduction

Ticket Timeline LLC ("Ticket Timeline," "we," "us," or "our") operates the Ticket Timeline mobile and web application (the "App"). This Privacy Policy explains how we collect, use, store, disclose, and protect information when you use the App.

Ticket Timeline is private by default. We do not operate public profiles, public social feeds, or in-app advertising. We do not sell your personal information.

The App lets you build a private record of events you attended, including games, tickets, photos, notes, memories, imports, achievements, and personalized insights. Because that record can be personal, we try to collect only what is needed to provide the App and to keep it reliable.

2. Information We Collect

2.1 Account Information

When you create or use an account, we may collect:

  • Email address, used for authentication, account recovery, and service messages.
  • Password credentials, handled by Supabase Auth. We do not store plaintext passwords.
  • Supabase user ID and session identifiers.
  • Optional display name.
  • Optional profile photo or avatar.
  • Optional marketing email preference.

You may use the App as a guest through an anonymous session. Guest sessions are first-class App sessions and can later be upgraded to a registered account.

We do not ask for or intentionally collect your legal name, phone number, mailing address, date of birth, payment card number, bank account information, or billing address.

2.2 Profile and Preference Information

You may create or store preferences such as:

  • Timeline display preferences, filters, and favorites-only settings.
  • Dashboard layouts, widget choices, sport filters, and insight display preferences.
  • Google Sheets link settings, tab names, sync timestamps, and auto-sync preferences.
  • Product analytics opt-out setting.
  • Onboarding progress and guest/import prompts.

Some preferences are stored locally on your device. Others are stored in our database so they can work across sessions.

2.3 Event, Ticket, and Timeline Content

When you use the App, you may provide or create:

  • Event attendance records, including games or other events you add to your timeline.
  • Attendance status, dates, venues, teams, leagues, ratings, favorite markers, arrival/departure notes, and pinned notes.
  • Ticket details, including provider, confirmation number, seat section, row, seat, face value, price paid, currency, and delivery method.
  • Uploaded photos, including ticket photos, seat-view photos, venue photos, scrapbook photos, and profile photos.
  • Scrapbook and memory content, including captions, notes, links, social post references, and embedded content you add.
  • Reports you submit about media, image credits, or historic event designations.

Uploaded profile photos are limited to 5 MB. Ticket OCR image uploads are limited to 10 MB. Other user-uploaded media may be subject to storage limits and compression.

2.4 Import and OCR Information

You can import data through CSV, Google Sheets, and ticket image scanning.

For CSV imports, we process the file content you choose to import.

For Google Sheets imports, the App can fetch data from a public Google Sheet link or, where you connect Google Sign-In, use read-only Google Sheets access for the spreadsheet data you authorize. We use that access to import timeline rows. We do not request permission to edit your spreadsheets.

For ticket scanning, the App uploads the ticket image to Supabase Storage, sends the image to Google Cloud Vision for OCR text extraction, and sends the extracted OCR text to OpenAI to convert it into structured ticket fields. The extracted OCR text is cached in our database with your user ID and a file hash to avoid repeat processing of the same image.

2.5 Derived Statistics, Insights, and Achievements

We generate data from your timeline, such as:

  • Lifetime attendance statistics.
  • League, team, venue, player, seating, and ticket-price insights.
  • Maps and venue footprint summaries.
  • Rare moments, historic games, timeline score, rarity flags, and star-power style insights.
  • Achievement progress, achievement unlock events, tiers, and unlock context.
  • Aggregated dashboard snapshots and filters.

These derived records are generated from your own timeline content and canonical sports/event data.

2.6 Technical, Diagnostic, Analytics, and Attribution Data

We collect technical data needed to operate and improve the App, including:

  • Device and app information, such as platform, app version, operating system version, lifecycle events, and crash/error context.
  • Product analytics, such as screen views, feature usage events, onboarding/import flow events, timeline actions, search interactions, and achievement interactions.
  • Diagnostic logs, including sanitized error messages, stack traces, breadcrumbs, and app context used to investigate bugs.
  • Server logs, edge function invocation metadata, rate-limit counters, and security-related request metadata.
  • Mobile attribution data through AppsFlyer, such as install/referrer metadata, campaign parameters, deep-link attribution, device identifiers, and advertising identifiers when available from the platform.

We use PostHog and Firebase Analytics for product analytics and error context. Session replay is disabled. We do not record your screen or use heatmaps.

The in-app "Disable analytics" control disables product analytics collection through PostHog and Firebase Analytics for that device. It does not prevent strictly necessary service logs, security logs, local diagnostics, or all platform-level attribution processing. You can also use your device operating system settings to limit advertising identifiers and tracking where supported.

2.7 Camera, Photos, Files, and Local Device Access

The App may request access to your camera, photo library, or files only when you choose actions that need them, such as taking a ticket photo, uploading an image, adding scrapbook photos, choosing an avatar, or selecting a CSV file. We process only the files or images you choose to provide.

2.8 Financial Information You Enter

If you choose to enter ticket prices, we store ticket face value, price paid, and currency so the App can show spending and ticket-price insights.

We do not process payments and we do not collect credit card numbers, bank account details, or billing addresses.

3. How We Collect Information

We collect information:

  • Directly from you when you create an account, use a guest session, add events, upload photos, scan tickets, write notes, configure dashboards, or contact us.
  • Automatically through App operation, product analytics, attribution, diagnostics, error reporting, logs, security checks, and rate limits.
  • From integrations you choose to use, such as Google Sheets, Google Sign-In, and ticket OCR.
  • From public or licensed event and sports data sources. Sports data is about games, teams, leagues, venues, players, scores, awards, weather, and statistics, not about you personally.

4. How We Use Information

We use information to:

  • Provide, maintain, secure, and improve the App.
  • Create and manage accounts and guest sessions.
  • Authenticate users, restore sessions, handle auth callbacks, and merge guest data when a guest upgrades.
  • Store your timeline, ticket, photo, scrapbook, memory, dashboard, and achievement data.
  • Import events from CSV, Google Sheets, or OCR.
  • Match imported rows to canonical sports games and venue data.
  • Generate personal insights, achievements, statistics, maps, weather context, and event-detail highlights.
  • Send service messages, account recovery emails, and other operational communications.
  • Send marketing emails only if you opt in, and let you withdraw that preference.
  • Provide support and respond to privacy requests.
  • Detect errors, diagnose issues, prevent abuse, enforce rate limits, and protect the service.
  • Measure App installs, campaign attribution, and deep-link performance.
  • Comply with legal obligations and enforce our rights.

We do not use your personal information to:

  • Sell or rent your data.
  • Serve in-app ads.
  • Operate public social profiles or public feeds.
  • Make automated decisions that produce legal or similarly significant effects about you.

5. Legal Bases for Processing

For users in jurisdictions that require a legal basis, including the EEA and UK, we process information under these bases:

Purpose Examples Legal Basis
Provide the App Timeline, tickets, imports, insights, achievements, account sessions Performance of contract
Authenticate and secure accounts Email, password credentials, session tokens, guest IDs Performance of contract and legitimate interests
Process optional integrations Google Sheets, OCR, camera/file uploads Performance of contract and consent where required
Product analytics and diagnostics Screen views, feature usage, errors, crash context Legitimate interests, with in-app opt-out for product analytics
Attribution and campaign measurement AppsFlyer install/deep-link/campaign metadata Legitimate interests or consent where required by platform or law
Marketing messages Marketing email preference and email address Consent
Legal compliance Records needed to respond to lawful requests Legal obligation

6. How We Share Information

We share information with service providers that help us operate the App. They process information for us or in connection with the features you choose.

6.1 Service Providers

Supabase
Backend infrastructure, database hosting, authentication, file storage, serverless functions, and account deletion workflows. Account data, timeline data, uploaded files, OCR cache records, diagnostics, and App data are stored or processed through Supabase.

PostHog
Product analytics and automatic error/diagnostic reporting. We send user identifiers, screen views, feature events, lifecycle events, sanitized diagnostic context, and error information. Session replay is disabled.

Firebase and Google Analytics for Firebase
App initialization support, analytics events, screen views, lifecycle information, app instance data, user ID linkage when available, and crash/error context.

AppsFlyer
Mobile attribution, campaign measurement, deep-link/deferred deep-link routing, fraud prevention related to attribution, and selected in-app attribution events. AppsFlyer may receive device identifiers, advertising identifiers where available, app/user identifiers, install/referrer metadata, campaign parameters, and sanitized event properties.

Google
Google Sheets import, optional Google Sign-In for Sheets access, Google Maps display, and Google Cloud Vision OCR. For Sheets, we access spreadsheet content you authorize or public spreadsheet content from a link you provide. For Maps, venue coordinates and technical map requests may be processed by Google. For Vision OCR, the ticket image you choose to scan is sent for text extraction.

OpenAI
Ticket OCR structuring. We send extracted OCR text from your ticket image to OpenAI so it can return structured event and ticket fields. We do not send your full account profile for this purpose.

Visual Crossing
Weather data for event and venue context. We send event date and venue coordinates so Visual Crossing can return historical or contextual weather data. We do not send your name, email address, notes, tickets, or photos to Visual Crossing.

6.2 Sports and Event Data Providers

We receive public or licensed sports/event data from sources such as BallDontLie, Retrosheet, Baseball-Reference, Basketball-Reference, Sports Reference-style data sources, ESPN/official sports feeds where used, Kaggle-backed datasets, and curated in-app assets. We use this data to identify games, venues, players, scores, statistics, awards, highlights, and historical context.

We do not send your personal timeline content to sports data providers as part of ordinary App use.

6.3 Legal, Safety, and Business Transfers

We may disclose information:

  • To comply with valid legal process or applicable law.
  • To protect the rights, property, or safety of Ticket Timeline, our users, or others.
  • To detect, prevent, or investigate fraud, abuse, security incidents, or technical issues.
  • In connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, subject to appropriate protections.

7. Advertising, Sale, and Sharing

We do not sell your personal information for money. We do not serve ads inside the App.

We use AppsFlyer for attribution and campaign measurement. Depending on your jurisdiction, some attribution activity involving identifiers may be considered "sharing," "targeted advertising," or "tracking," even when the App itself does not show ads. You can limit this through applicable device controls, such as iOS tracking permissions and advertising identifier settings, and by contacting us about your privacy choices.

8. Data Storage and Security

We use reasonable technical and organizational safeguards designed to protect information, including:

  • Supabase-managed authentication and password hashing.
  • HTTPS/TLS for data transmitted between the App and our services.
  • Row-Level Security policies on user-owned database tables.
  • Private storage buckets for current user-uploaded media.
  • Signed URLs for private uploaded media where needed, typically expiring after about one hour.
  • Scoped backend access for privileged operations.
  • Rate limiting on sensitive edge functions, including OCR and weather refreshes.
  • Sanitization/redaction of sensitive values in analytics and diagnostic logs where supported by our logging pipeline.

No method of transmission or storage is perfectly secure. We cannot guarantee absolute security.

9. Data Retention

We retain information for as long as reasonably needed to provide the App, comply with law, resolve disputes, enforce agreements, and maintain security.

  • Account information is retained while your account is active and is deleted when your account is deleted, subject to limited backup, legal, and provider-log retention.
  • Timeline, ticket, note, scrapbook, photo, dashboard, insight, and achievement data is retained until you delete it or delete your account.
  • Guest session data may be retained for up to 90 days unless upgraded to an account or deleted sooner.
  • Ticket scan images and extracted OCR text are retained as needed to provide scanning and import features, avoid repeat OCR processing, and maintain your account data. They are deleted when your account is deleted, subject to limited backup and provider-log retention.
  • Product analytics and attribution data are retained according to our provider settings and provider policies.
  • Server, security, and diagnostic logs are generally retained for a limited operational period, often around 90 days, unless needed longer for security, legal, or abuse-prevention reasons.
  • Derived statistics and achievements are deleted or regenerated when the underlying user data is deleted.

When you delete your account, our account deletion workflow removes your account and associated App database records, and triggers cleanup for user-owned storage objects in Supabase Storage on a best-effort basis. Copies may persist for a limited time in encrypted backups, provider logs, or records we are legally required to retain.

10. Your Controls and Choices

The App includes controls to:

  • Edit profile information.
  • Change marketing preferences where available.
  • Disable product analytics collection for the device.
  • Delete individual events and related content.
  • Delete all events.
  • Delete photos and edit or remove notes.
  • Disconnect Google Sheets and sign out of Google Sheets access.
  • Delete your entire account.

You may also control camera, photo, file, notification, tracking, and advertising identifier permissions through your device or browser settings.

11. Your Privacy Rights

Depending on where you live, you may have rights to:

  • Access the personal information we hold about you.
  • Correct inaccurate information.
  • Delete personal information.
  • Restrict or object to certain processing.
  • Receive a portable copy of your information.
  • Withdraw consent where processing is based on consent.
  • Opt out of sale, sharing, targeted advertising, or certain profiling where applicable.
  • Appeal a denied privacy request where applicable.

To exercise rights, contact us at contact@tickettimeline.com. We may need to verify your identity before fulfilling a request.

California and U.S. State Privacy Disclosures

We collect the following categories of personal information, depending on how you use the App:

Category Examples
Identifiers Email address, Supabase user ID, guest/session IDs, device or advertising identifiers
Customer records information Email address and optional account profile information
Commercial information User-entered ticket prices, ticket details, event attendance records
Internet or app activity Screen views, feature events, app lifecycle events, import flow events
Approximate location or geolocation-like data Venue city/state/country and venue coordinates for events, weather, and maps, not continuous GPS tracking
Audio, electronic, or visual information Uploaded photos and ticket images
Inferences Attendance insights, statistics, achievements, preferences, and dashboard summaries
Sensitive personal information Account login credentials handled by Supabase Auth; ticket images may contain sensitive details if you upload them

We do not knowingly collect precise GPS location, biometric identifiers, protected classifications, professional/employment information, education information, or payment card data.

We do not sell personal information for money. See "Advertising, Sale, and Sharing" above for attribution-related disclosures.

EEA and UK Users

If you are in the EEA or UK, you may also have the right to lodge a complaint with your local data protection authority. We encourage you to contact us first so we can try to help.

12. Guest Users

You can start using the App as a guest. During a guest session:

  • We create an anonymous Supabase-backed session identifier.
  • Your events, notes, photos, imports, and preferences can be stored like registered user data.
  • If you later create an account, we merge eligible guest data into your account.
  • After account deletion, the App is designed to return to a fresh guest session.

Guest sessions receive the same core security protections as registered sessions, including database access controls.

13. Google API Limited Use

When the App uses Google APIs, we use Google user data only to provide and improve user-facing App features you request, such as importing rows from Google Sheets. We do not use Google user data for advertising. We do not transfer Google user data to third parties except as necessary to provide or improve the App, comply with law, protect security, or as otherwise permitted by Google's API Services User Data Policy.

14. Children's Privacy

The App is not directed to children under 13, and we do not knowingly collect personal information from children under 13 or the applicable age of consent in their jurisdiction. If you believe a child has provided us with personal information, contact us and we will take appropriate steps to delete it.

15. International Data Transfers

Ticket Timeline is based in the United States. Your information may be processed in the United States and other countries where we or our service providers operate. Those countries may have privacy laws different from your country.

Where required, we rely on appropriate safeguards for international transfers, such as provider data processing terms, Standard Contractual Clauses, Data Privacy Framework participation, or other lawful transfer mechanisms.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date and provide notice through the App, website, email, or another reasonable method.

Your continued use of the App after an updated Privacy Policy becomes effective means you acknowledge the updated policy.

17. Contact Us

For privacy questions or requests, contact:

Email: contact@tickettimeline.com

Mailing Address:
Ticket Timeline LLC
555 SE Martin Luther King Jr Blvd
Portland, OR 97214
United States

Last updated: April 29, 2026