Privacy Policy

Last updated: March 2026

Timelinely ("we", "us", or "our") operates the website at timeline.ly. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data. By using Timelinely, you agree to this policy.

Children's Privacy (COPPA)

In plain English: You must be at least 13 years old to use Timelinely. If you're a parent and your child under 13 signed up, let us know and we'll delete their account.

Timelinely is intended for users who are 13 years of age or older. We do not knowingly collect personal information from children under 13. If you are under 13, do not register for or use this service.

If you are a parent or guardian and believe your child under 13 has created an account on Timelinely, please contact us at [email protected] and we will promptly delete the account and all associated data.

Information We Collect

Account Information

In plain English: We store your name, email, and a securely hashed version of your password. If you sign in with Google or Facebook, we get your basic profile info from them. We never see or store your actual password in readable form.

When you register, we collect your name, email address, and password. Passwords are stored using bcrypt, a one-way hashing algorithm — we cannot read your password and do not store it in plain text. If you sign up via Google or Facebook, we receive basic profile information (name, email, profile photo) from that provider. We store only the minimum information needed to identify your account.

Content You Upload

In plain English: We store the videos, images, and audio you upload, plus your text and links. We also scan uploaded images for harmful content (see Content Moderation below).

Timelinely stores the videos, images, and audio files you upload, as well as the text, links, and other content you add to your timelines. Uploaded files are stored on our servers and are associated with your account.

Usage Information

In plain English: We track how timelines are watched — like play counts and which items get clicked — so creators can understand their audience.

We collect information about how timelines are used — including play counts, which timeline items are clicked or hovered on, and how far into a timeline a viewer watches. This data helps creators understand their audience and helps us improve the service.

Cookies

In plain English: We only use cookies to keep you logged in. No tracking cookies, no ad cookies.

We use cookies solely for functional purposes: to keep you logged in and to remember your cookie consent preference. We do not use cookies for advertising or behavioral tracking.

Server Logs

Our servers automatically record IP addresses and page requests for security and performance purposes. This data is not shared with third parties.

How We Use Your Information

In plain English: We use your info to run the service, send you account emails, and show creators how their timelines are performing. We don't sell your data. Period.

  • To operate and provide the Timelinely service
  • To send you account-related emails (confirmation, password reset, important service notifications)
  • To provide creators with analytics about their timeline views and interactions
  • To maintain the security and performance of the service
  • To moderate uploaded content for safety (see Content Moderation below)

We do not sell, rent, or share your personal information with third parties for marketing purposes.

Content Moderation

In plain English: When you upload an image, we automatically check it for harmful content (like explicit or violent material) using Amazon's image recognition service. If it's clearly harmful, the upload is blocked. If it's borderline, we flag it for manual review. We log these events to keep the platform safe.

Timelinely uses Amazon Web Services (AWS) Rekognition to automatically scan uploaded images for content that may violate our community guidelines, including explicit, violent, or otherwise harmful material. This process works as follows:

  • Uploaded images are sent to AWS Rekognition for analysis
  • Content identified with high confidence as harmful is automatically blocked
  • Content identified with moderate confidence is flagged for manual review by our team
  • We log moderation events (action taken, content category, confidence level) for up to 365 days
  • The actual image content is not retained by AWS after analysis

This scanning is performed to protect our community and comply with our acceptable use policies. No human reviews your content unless it is flagged by the automated system.

AI-Powered Features

In plain English: We offer an optional AI feature that can automatically suggest annotations for your videos. When you use it, video information is sent to an AI service for processing. This is entirely opt-in — it only runs when you ask it to.

Timelinely offers an optional AI Annotate feature that uses artificial intelligence to suggest timeline annotations for your videos. When you use this feature, information about your video (such as title, description, and transcript data) may be sent to third-party AI service providers for processing. This feature is opt-in and only activated when you explicitly request it.

Third-Party Services

In plain English: Here are the outside services we use and why. We picked each one carefully and only share what's necessary for them to do their job.

Timelinely uses the following third-party services:

  • SendGrid — for sending transactional emails (account confirmation, password reset, notifications)
  • Google, Facebook — optional OAuth login providers. If you use these to sign in, their privacy policies also apply.
  • YouTube API — to fetch video metadata and thumbnails when you add YouTube videos to your timelines. Subject to Google's Privacy Policy.
  • AWS Rekognition — for automated content moderation of uploaded images (see Content Moderation above)

We do not run advertising networks, behavioral tracking pixels, or live chat tools that collect visitor data.

Embedded Timelines

In plain English: Your published timelines can be embedded on other websites. When someone views an embedded timeline, we collect basic view stats but not personal information about the viewer.

Published timelines may be embedded on third-party websites. When a timeline is viewed in an embedded context, we collect anonymous usage data (play counts, interaction events) but do not collect personally identifiable information about viewers of embedded timelines.

Public Content

In plain English: If you publish a timeline, anyone can see it. If you keep it private, only you can see it while logged in.

Timelines you publish are publicly visible by default. If you make a timeline private, only you can view it when logged in. Be aware that content you make public may be viewed, shared, or embedded by others.

Data Retention and Deletion

In plain English: We keep your stuff as long as you have an account. Want everything deleted? Email us and we'll take care of it within 30 days.

We retain your account and content for as long as your account is active. Content moderation logs are retained for up to 365 days and then automatically purged. You may delete your account and associated data at any time by contacting us at [email protected]. We will process deletion requests within 30 days.

Security

In plain English: We take security seriously — passwords are hashed with bcrypt, all traffic uses HTTPS, we validate uploads, and we actively fix vulnerabilities. But no system is perfect, so please use a strong password.

We use industry-standard security practices including:

  • Password hashing with bcrypt (one-way, salted)
  • HTTPS encryption for all traffic
  • Input validation and protection against common web vulnerabilities (path traversal, SSRF, injection attacks)
  • Restricted file upload types and sizes
  • Role-based access controls

No system is perfectly secure. Please use a strong, unique password and keep it confidential. If you believe your account has been compromised, contact us immediately.

International Users

In plain English: Our servers are in the United States. If you're outside the US, your data will be transferred there.

Timelinely is hosted in the United States. If you access the service from outside the United States, your information will be transferred to and processed in the United States. By using Timelinely, you consent to this transfer.

Changes to This Policy

In plain English: We may update this policy. The date at the top tells you when it was last changed. If we make major changes, we'll make a reasonable effort to let you know.

We may update this Privacy Policy from time to time. The date at the top of this page reflects the most recent update. Continued use of Timelinely after changes are posted constitutes your acceptance of the updated policy.

Contact

If you have questions about this Privacy Policy, or wish to request access to or deletion of your data, contact us at [email protected].