Time Atlas Labs

TAL Tech Blog: Privacy first design

Markus Stenberg

Background

I have been interested about personal location tracking for many years. I got my first physical GPS device in the year 2000 or so, to navigate around in San Fransisco when I was living there for a couple of months. After that, I have had some sort of GPS device with me, recording where I go at times. It was at first only when traveling (dedicated GPS devices by Garmin), then when doing exercise (dedicated GPS devices, Apple Watch), and ultimately now always (Time Atlas on my phone). Time Atlas does not use GPS always, but if you are on the move, it does, and that is what makes the difference – battery is not wasted, but I get tracks of where I have been without interacting with anything.

Unfortunately my GPS tracks from before 2007 were lost at some point, but ever since ~2010 I developed an interest in having the tracks visualized. I also tinkered with GPS track logging on the phone, although ultimately, despite three attempts, the hobby projects did not go so far I would want to publish any of them.

So here we are, trying to make a serious project out of it. I admired ‘always on’ aspect of original Moves project, but never really used it as I was not fond of someone being able to snoop where I am, with the data available on the server side. So my design goal for Time Atlas privacy model is to make ‘an app I would use’ (criteria which is much stricter than many others’).

The joke here is of course that even if our app doesn’t allow us to snoop on our users, cellular service provider definitely can, and frequently will, or even must, depending on jurisdiction. At any rate, I am here to talk about our app, not surveillance society at large.

Here is a simplified version of an internal document that describes how we handle your information. The original document is also not even technical specification of how things are done, but eventually we want to make that available too, as good security does not depend on obscurity, but instead depends on review by others. While I have been working decades (sigh, I feel old) in the computer security field, it is easy to miss things, and expert review ensures that the oversights get corrected eventually.

How Time Atlas Handles Your Information

The Short Version: We keep as little of your information as possible. If you want even more privacy, you can turn off features like syncing between devices, email summaries, or AI features.

What information we have

Your identity

  • We don’t need your real name
  • We need an email address to send you daily summaries (but you can hide your real email using Apple’s privacy feature)
  • You can use the app without logging in at all if you prefer

Where your data lives

On your phone

  • Your passwords and security keys stay on your device
  • Apple’s secure system (Keychain) keeps these safe
  • If you back up your phone to iCloud, your Time Atlas data gets backed up too

In our servers

  • If log in, we store your data in the cloud
  • Important: Your data is scrambled (encrypted) before it leaves your phone
  • We can’t read your data because only your devices have the key to unscramble it

Email Features

How daily summaries work

When we send you emails:

  1. Your phone tells our server to send an email
  2. We send it through regular email systems
  3. It arrives in your inbox

When you reply to emails:

  1. You send an email back to us
  2. Our system scrambles it for security (using a key supplied by your phone)
  3. Your phone picks it up next time it syncs

AI Features

When you use AI features (like when replying to AI email or creating notes), here’s what happens:

  • Your request goes from your phone to our server
  • We send it to an AI service (like ChatGPT)
  • The AI’s response comes back through our server to your phone
  • We don’t save any of these conversations

What uses AI by default:

  • Replying to your emails
  • Creating notes and logs from what you write
  • Adding tags and people to your entries
  • Creating emoji summaries

If you’re not comfortable with AI seeing your information, you can turn off AI features in settings (but this will disable email replies and some note features).

Your Privacy Options

You can make Time Atlas even more private by:

  1. Turn off email – No daily summaries or email replies
  2. Turn off AI – No smart features, but more privacy
  3. Don’t log in – Use the app without any account (turns off syncing and email automatically)

Feedback

When you send feedback through the app, it’s encrypted so only our team can read it – not even our cloud provider can see it.

Bottom Line

We designed Time Atlas to know as little about you as possible while still being useful. You’re in control – use all the features for convenience, or turn them off for maximum privacy. Your choice!

Share this post:
Facebook
Twitter
LinkedIn

Download the Time Atlas App

Get a full view of your active life — not just your steps.
Download on the App Store

About Us

We are a Finnish-US startup backed by VCs and angels. Incorporated in October 2024, after plenty of early tinkering.

If you have any questions or would like to learn more about us, please reach out at [email protected].

Got feedback? Drop it in our Discord.