Timeline
Try Timeline freeOpen Timeline

Privacy Policy

Last updated:

Under final legal review — current practice is described accurately.

Timeline is a tool for independent NDIS support workers in Australia. We take your privacy seriously, and we handle your personal information in line with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs). This policy explains what we collect, why we collect it, how we look after it, and the rights you have over it.

Who we are

Timeline is operated by Billal Khan (ABN 28 125 756 646), a sole trader registered in New South Wales, Australia. References to “we”, “us” and “Timeline” in this policy mean that entity.

What we collect

When you use Timeline we collect:

  • Your name and email address (for your account).
  • Your ABN, which you need to invoice through the NDIS.
  • Shift records you enter or generate in the app — dates, times, participant identifiers, durations, and the event logs you record during a shift.
  • Invoice and payment records — amounts, NDIS support item codes and the payment status of each invoice.
  • Compliance information you choose to track — for example WWCC, Police Check and first aid expiry dates. We store the dates and document references, not the underlying document content unless you upload it directly.
  • Device identifiers used for push notifications (Firebase Cloud Messaging tokens).
  • Anonymised, privacy-friendly usage analytics — described under Analytics and cookies below — which do not include shift notes, participant names or other personal information.

Why we collect it

We collect this information for one purpose: to operate Timeline as a shift-recording, invoicing and BAS-preparation tool, and to help you meet your NDIS Practice Standards obligations. We do not sell your data, we do not share it with advertisers, and we do not use it for any purpose beyond running the service.

Where your data lives

Your data is hosted in Australia. Timeline runs on Google Firebase in the australia-southeast1 (Sydney) region, so participant and shift records stay on Australian infrastructure. Backups are held in the same region.

Compliance document OCR: if you upload a compliance document (such as a worker screening check or first-aid certificate), the file itself stays in Australian Firebase Storage. However, the text is extracted using Google Cloud Vision OCR, and that processing may occur outside Australia. See Where your data may travel for full detail.

Who we share it with

Timeline relies on a small set of trusted sub-processors to operate. Each handles your data under contract:

  1. Google Firebase (Auth, Firestore, Cloud Storage, Hosting, Cloud Functions, FCM, Performance Monitoring) — the core platform. Your data is primarily stored in the australia-southeast1 (Sydney) region. Google’s privacy policy: policies.google.com/privacy.
  2. Google Cloud Vision API — OCR processing of compliance documents you upload (worker screening checks, first-aid certificates, and similar). The document files stay in Australian Firebase Storage; OCR processing may occur outside Australia. See the “Where your data may travel” section below.
  3. Google Analytics (Firebase Analytics) — product usage analytics. This service is consent-gated and only fires after you opt in.
  4. Sentry — error monitoring and performance traces, with PII scrubbing enabled. Session replay is consent-gated. Crash reports may include anonymised session context (browser version, operating system, device type and a stack trace).
  5. SendGrid (a Twilio company) — transactional email: invoice delivery and collection reminders. Your email address and invoice content pass through SendGrid’s servers when you send an invoice. A data processing agreement is in place.
  6. Stripe — Timeline’s own subscription payments and PayTo / AU BECS Debit mandate setup. Timeline does not see or store your card details; they are handled entirely by Stripe. Stripe’s privacy policy: stripe.com/au/privacy.

We do not share your data with any other third party. We do not use your data for marketing.

Where your data may travel

Your core records — shifts, notes, invoices, and compliance documents — are stored in Australia on Google Cloud’s australia-southeast1 (Sydney) region.

Some of the services that help Timeline run process data outside Australia, principally in the United States:

  • Sentry — error and performance monitoring data.
  • SendGrid — transactional email delivery.
  • Stripe — subscription payment processing.
  • Google Cloud Vision API — when you upload a compliance document, the file itself stays in Australian storage, but OCR processing may occur outside Australia.
  • Google Analytics — where you have given consent.

Under Australian Privacy Principle 8 (APP 8) of the Privacy Act 1988, Timeline remains accountable for personal information disclosed overseas. Each sub-processor listed above is bound by a Data Processing Addendum requiring handling consistent with the APPs.

By agreeing to the Terms and this Privacy Policy at signup, you consent to the cross-border disclosures listed above.

How long we keep your data

Shift records, invoices and compliance documents are retained for a minimum of seven years from the date of the shift, in line with NDIS record-keeping obligations under the NDIS Practice Standards. If you close your account before seven years have elapsed, records required for audit purposes are archived and access-restricted rather than deleted, in order to meet that obligation.

Account data that is not subject to that retention requirement — your name, email address and preferences — is deleted within 30 days of account closure. Backups are purged on the same cycle.

Analytics and cookies

The Timeline marketing site (this site) uses Plausible for privacy-friendly analytics. The Plausible script is self-hosted on our own domain so no data is sent to a third-party CDN. Plausible does not use cookies, does not collect any personal information, and does not fingerprint visitors. It records aggregated page views, the page that referred you, and a rough country-level location, only. There is no cross-site tracking and no advertising network involved.

The Timeline app itself uses essential cookies and local storage to keep you signed in. It does not use any third-party advertising or analytics cookies.

Security

All data is encrypted in transit (HTTPS/TLS) and at rest (Google Cloud KMS). Access to Firestore is governed by per-user security rules that prevent anyone — including other Timeline users — from reading or writing data that isn’t theirs. We conduct a security review before each major release.

Your rights under the Australian Privacy Principles

Under the APPs, you have the right to:

  • Access your data. Go to Settings → Export your data in the Timeline app. This downloads a full copy of your shifts, participants and invoices as CSV files immediately, with no waiting.
  • Correct your data. You can edit most personal information directly in Settings. For anything you can’t edit yourself, email hello@timelineapp.com.au and we will correct it within five business days.
  • Delete your data. Settings → Delete account permanently removes your account and the data associated with it. Backups are purged within 30 days. Records that the NDIS requires us to retain may be held in a restricted archive for up to seven years, as described under How long we keep your data.
  • Make a complaint. See the next section for our complaints procedure.

Making a privacy complaint

If you believe we have handled your personal information in a way that doesn’t meet the Privacy Act or the APPs, please contact us first so we can try to put it right.

  1. Contact us. Email hello@timelineapp.com.au with the detail of your concern. We will acknowledge your complaint within five business days and aim to provide a substantive response within 30 days.
  2. If unresolved, escalate to the OAIC. If you’re not satisfied with our response, you can refer the matter to the Office of the Australian Information Commissioner at oaic.gov.au. The OAIC is the federal regulator for the Privacy Act.

Data breaches

Timeline complies with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988. If a data breach is likely to result in serious harm to any affected individual, we will notify those individuals and the Office of the Australian Information Commissioner (OAIC) as soon as practicable.

Changes to this policy

We will email you before making any material change to this policy. The Last updated date at the top of this page reflects the date of the most recent change.

Contact

Privacy enquiries: hello@timelineapp.com.au. Postal address available on request.

Timeline is operated by Billal Khan (ABN 28 125 756 646), sole trader, New South Wales, Australia.

Privacy — Timeline