Your data, on the record

Privacy
Policy.

Version 1.0

Effective 7 April 2026

Framework UK GDPR

Plain English summary

We collect the minimum data needed to run the app. We don't sell it. We don't currently share it with advertising networks. Votes are visible to everyone in your group, that's how the game works. You can request access to, correction of, or deletion of your data at any time. The full policy is below and is worth reading.

Your data, not ours

Your data is not currently sold to or shared with advertising networks.

Transparent jury

How you vote is visible to everyone in your group. That's part of the game.

Right to delete

Request erasure at any time. Processed within 30 days.

Right to export

Request a copy of your data in a portable format.

Encrypted at rest

Personal data is encrypted at the storage level, in transit and at rest.

UK GDPR

We operate under the Data Protection Act 2018 and UK GDPR.

Who We Are

GetFineTime Ltd ("FineTime", "we", "us", "our") is the data controller responsible for your personal data. We are a company registered in England and Wales under company number 17138499. Our registered address is 18 St. Cross Street, London, England, EC1N 8UN.

This Privacy Policy explains what personal data we collect when you use the FineTime mobile application and associated website, why we collect it, how we use it, and what your rights are in relation to it.

We are not required to appoint a Data Protection Officer at this time.

For any privacy-related enquiry, including data subject requests, please contact us at [email protected].

What We Collect

We collect only what is necessary to operate the Service. We rely on contract as the legal basis for data collected as a condition of providing the Service, and legitimate interests for operational and safety data where our interests do not override your rights.

Account data

Data	Purpose
Email address	Authentication via one-time passcode; account recovery; service communications
Display name	Shown to group members in charges, verdicts, and transcripts
Date of birth	Age eligibility confirmation; you must be 18 or over to use the Service
Profile photo	Displayed to group members for identification
Account creation date	Record keeping; abuse prevention
Terms of Service acceptance	Record keeping; legal compliance

Usage data

Data	Purpose
Charges filed	Core product functionality; group feed; dossier
Votes cast	Determining verdict; calculating sentence. Votes are attributed to your identity and visible to all members of the group.
Comments & reactions	Transcript display; group engagement
Group membership	Access control; charge routing; notifications
Media uploads (photo, video, audio)	Evidence of fine payment; transcript record

Technical data

Data	Purpose
Device push token	Delivering push notifications for charges, verdicts, and activity
Notification log	Delivery confirmation; debugging
App version & platform	Bug diagnosis; compatibility management
Crash reports & error logs	Stability monitoring; debugging. Logs do not contain vote data or user content.
API request logs	Security monitoring; abuse detection

What we do not collect

We do not collect your phone number, location, contacts, payment information, or any biometric data. We do not build advertising profiles. We do not track you across other apps or websites.

How We Use It

Providing and operating the Service

Processing charges, routing votes, calculating verdicts and sentences, displaying the group feed and dossier, and delivering notifications.

Authentication

Verifying your identity via one-time passcode sent to your email address. We do not store passwords.

Service communications

Sending transactional emails such as OTP codes and account-related notices. We do not send marketing emails without your explicit consent. Where we make material changes to this policy or the Service, we may notify you by email. We may in future send promotional communications where you have given explicit consent to receive them; you may withdraw that consent at any time.

Safety and abuse prevention

Detecting and preventing misuse, harassment, and violations of our Terms of Service. When a user submits a content report, it is reviewed manually by FineTime staff. In the course of that review, the reviewer will access the reported content, which may include comments, descriptions, and media uploads. This cannot be avoided while meaningfully assessing a report. Reported content is soft-deleted on resolution and retained until any involved account is deleted, at which point the report record is deleted in line with that erasure request. Where reported content is identified as illegal or as involving a minor, it is permanently and immediately deleted, independently of the account lifecycle.

User-generated content and third-party data

Content submitted by users, including charges, comments, and media uploads, may include personal data about third parties who are not FineTime users. Users are responsible for ensuring they have the right to submit content containing third-party personal data, in accordance with our Terms of Service. FineTime acts promptly on reports of content that should not have been submitted.

Product improvement

Analysing aggregate, anonymised usage patterns to understand how the Service is used and where it can be improved. This analysis is never performed at an individual level.

Legal compliance and law enforcement

We will disclose personal data where required to do so by law or valid legal process, including a court order or request from a law enforcement authority. We will only disclose the minimum data necessary to satisfy the request. Where we are legally permitted to do so, we will notify the affected user before or after disclosure.

Third Parties

We use a small number of carefully selected third-party service providers to operate the platform. These cover the following categories of processing:

Email delivery
Push notification delivery
Error and crash monitoring
Cloud infrastructure and data storage
Network security and content delivery
App distribution and, where applicable, in-app purchase processing

Each provider is bound by a data processing agreement and handles your data only as instructed by us. We do not currently sell data to or share it with any advertising network. A current list of sub-processors is available on request via [email protected].

International transfers

Some of our service providers are based in the United States. Where your data is transferred outside the UK, we ensure appropriate safeguards are in place, including reliance on the UK's international data transfer framework or standard contractual clauses, as applicable.

No advertising networks

We do not currently integrate any advertising SDK, analytics platform that profiles individuals for advertising, or data broker service.

How Long We Keep It

We retain personal data only for as long as necessary for the purpose for which it was collected, or as required by law.

Data	Retention
Account data (email, name, date of birth, profile photo)	Lifetime of your account. Deleted within 30 days of an erasure request.
Charges, votes, verdicts, comments	Associated with your account. On deletion, your data is removed from live systems. This may create gaps in other members' records where your involvement cannot be separated.
Media uploads	Removed from storage within 30 days of account deletion or a content removal request.
Terms of Service acceptance record	Lifetime of your account. Deleted with account data.
API access logs	Retained for a short period, then automatically purged.
Notification logs	Retained for a short period, then automatically purged.
Crash & error reports	Retained for a short period to support bug diagnosis, then automatically purged.
Database backups	Retained for a short period for disaster recovery. Deletion requests are honoured from live data immediately; backup copies are purged within the backup cycle.
Push tokens	Removed when notifications are disabled or on account deletion.

Groups

Groups are created and closed by their owner. When a group is closed, it becomes inaccessible to members but the underlying data is not immediately purged. Member data within a closed group is retained and deleted according to each individual member's own account lifecycle, not the group owner's. If you delete your account, your data is removed regardless of whether the groups you belonged to remain active or have been closed.

Closing a group does not currently trigger a notification to other members.

Where your data appears in another member's record as a subject, for example, as the defendant in a charge, that data will be deleted when you request erasure of your account, even if the other member's account remains active.

Your Rights

Under UK GDPR and the Data Protection Act 2018, you have the following rights. All requests are processed within one calendar month.

Right	What it means	Article
Right of access	Request a copy of the personal data we hold about you.	Article 15
Right to rectification	Request correction of inaccurate personal data.	Article 16
Right to erasure	Request deletion of your personal data. Actioned within 30 days. Note that erasure may create gaps in other members' records where your data cannot be separated from theirs.	Article 17
Right to restrict processing	Request that we limit how we process your data while a query is resolved.	Article 18
Right to data portability	Request a machine-readable export of the personal data you have provided to us.	Article 20
Right to object	Where we rely on legitimate interests, you may object to that processing. We will cease unless we can demonstrate compelling legitimate grounds.	Article 21

Verdicts are determined by member votes and do not involve automated decision-making or profiling within the meaning of Article 22 UK GDPR.

To exercise any of these rights, contact us at [email protected]. If you are unsatisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Cookies & Tracking

The FineTime mobile application does not use cookies. The FineTime website uses a minimal set of cookies strictly necessary for its operation.

Strictly necessary — Session and security cookies required for the website to function. These cannot be disabled. No consent is required for these under applicable law.
No analytics or advertising cookies — We do not use Google Analytics, Meta Pixel, or any third-party tracking or advertising cookie on any FineTime property.

Security

We take the security of your data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss, or disclosure. These measures are reviewed and updated as the Service evolves.

No method of electronic transmission or storage is 100% secure. If you become aware of a potential security vulnerability, please disclose it responsibly via [email protected].

Children

FineTime is not for children. The Service is intended exclusively for adults of legal drinking age (minimum 18 years old). Age is verified by self-declaration at signup; we do not perform document or identity checks. We rely on users providing accurate information about their age.

We do not knowingly collect personal data from anyone under the age of 18. If we become aware that we have collected data from a minor, we will delete it immediately. If you believe a minor is using the Service, please report it via [email protected].

Changes to This Policy

We may update this Privacy Policy from time to time. The effective date at the top of this page indicates when the current version came into force. We will notify you of material changes via the app or by email before they take effect. Where we introduce new features that materially change how we process your personal data, we will update this policy before those features are made available.

If you do not accept the changes, you may request deletion of your account.

Contact & Complaints

For all privacy-related requests, including data subject rights requests, questions about this policy, or concerns about how your data is handled, contact us at [email protected].

If you are not satisfied with our response, you have the right to complain to the UK supervisory authority:

🏛

Information Commissioner's Office (ICO)

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
ico.org.uk/make-a-complaint · 0303 123 1113

PrivacyPolicy.