Privacy Policy

Data controller

The data controller for TimeToTest is TimeToTest CIC, a Community Interest Company limited by guarantee, registered in England and Wales under company number 17163328. TimeToTest CIC is asset-locked to Terrence Higgins Trust (charity number 288527).

TimeToTest CIC's ICO registration application is in progress. The registration number will be published here once issued.

You can contact us about any privacy matter at hello@timetotest.app.

Lawful basis for processing

Under UK GDPR our lawful basis is legitimate interests (Article 6(1)(f)). Our legitimate interest is reducing the transmission of sexually transmitted infections by enabling anonymous partner notification, while collecting the minimum information needed to operate, protect and audit the service. We have carried out a legitimate interests assessment balancing this interest against the rights and freedoms of recipients.

What we collect

We collect as little data as possible. The app does not ask for your name, email address, or phone number.

• Recipient phone numbers you select: transmitted to TimeToTest's Supabase Edge Function and to Twilio for immediate SMS dispatch. Full recipient phone numbers are not retained in TimeToTest dispatch records after dispatch.
• STI category selected in the app: transmitted to our Supabase Edge Function only to construct the fixed SMS body. It is not stored in our database or logs. Twilio receives the SMS body containing the STI name and may retain message logs under its own policies.
• Rate-limit records: a random app-generated device identifier, coarse IP-derived information where needed, recipient count, and timestamps, used to detect and prevent abuse.
• Dispatch metadata: hashed recipient identifiers, phone-number suffixes, Twilio message IDs, delivery status, language, test-mode flag and timestamps.
• Opt-out and blocklist entries: when a recipient replies STOP, CANCEL, UNSUBSCRIBE, or a similar opt-out keyword, we record a one-way SHA-256 hash of their E.164 phone number and country code. The hash cannot be reversed to recover the original number. This hashed reference is used solely to suppress future sends to that recipient, in line with our obligations under the Privacy and Electronic Communications Regulations 2003 (PECR). During the Android v2.1.0 migration verification window, raw opt-out and blocklist phone numbers may also be retained for up to 48 hours before removal.
• Abuse reports: information submitted through /report, including the recipient phone number, date and time of the reported message, a description, and any contact email you choose to provide.

What we do not collect

• Your name, email address, or phone number
• Your contact list (it is read on your device only)
• Full recipient phone numbers in dispatch records after the dispatch request has been processed
• STI category as an account record, analytics event, profile, or database field
• Advertising identifiers or precise location data
• Analytics, usage tracking or crash reports

No accounts

TimeToTest does not require or create user accounts. There is no login, no registration, and no profile.

Processors

TimeToTest CIC uses the following processors to operate the service. Each is engaged under a written data processing agreement with appropriate safeguards.

Processor	Purpose	Location
Supabase	Backend hosting for Edge Functions, rate-limit records, dispatch metadata, hashed opt-outs, the blocklist, and abuse reports	European Union
Twilio Ireland Limited	SMS dispatch to recipients	Ireland (EU)
Cloudflare	Static hosting of timetotest.app	Global edge network

Recipient phone numbers and the fixed SMS body are transmitted to Twilio solely so that Twilio can dispatch the SMS. TimeToTest CIC does not retain the full phone number in dispatch records after dispatch. Twilio may retain carrier, message, and operational logs under its own retention policies. See twilio.com/legal/privacy and supabase.com/privacy.

Retention

• Full recipient phone numbers in dispatch records: not retained after SMS dispatch.
• rate_limits table: 24 hours, then automatically purged.
• Dispatch metadata: up to 90 days, then automatically purged.
• Hashed opt-out and blocklist references: retained permanently, so that a person who has asked never to be contacted again is never contacted again. Raw opt-out and blocklist phone numbers may be retained for up to 48 hours during the Android v2.1.0 migration verification window, then removed.
• abuse_reports table: 12 months from the date of submission, then automatically purged.

On-device data

The app reads your device's contact list only to display names and numbers for selection. Contact data stays on your device and is never uploaded to our servers. Only the phone numbers you explicitly choose are transmitted for SMS dispatch. Contact access requires your permission and can be revoked at any time in your device settings.

International transfers

Supabase processes data in the European Union. Twilio Ireland processes data in Ireland. Cloudflare, Apple, and Google may process data outside the UK. Each provider relies on appropriate safeguards under UK GDPR, including the UK International Data Transfer Addendum to the EU Standard Contractual Clauses, or equivalent mechanisms where applicable.

Children's privacy

TimeToTest is intended for adults aged 18 and over only. We do not knowingly collect data from anyone under 18.

Your rights

Under UK GDPR you have the right to:

• be informed about how your personal data is used (this policy);
• request access to personal data we hold about you;
• request correction of inaccurate personal data;
• request erasure of personal data ("right to be forgotten");
• request restriction of processing;
• object to processing based on legitimate interests;
• data portability, where applicable;
• not be subject to solely automated decision-making with legal or similarly significant effects (we do not do this).

Because TimeToTest CIC holds only limited technical records, there may be little or no directly identifiable data to access, correct or delete. To exercise any right, email hello@timetotest.app from the address you would like us to use to respond. We aim to respond within one calendar month.

If you are a recipient of a TimeToTest SMS and wish to be permanently blocklisted, please use /opt-out. To report misuse, please use /report.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk, telephone 0303 123 1113.

Changes to this policy

If this policy changes, the updated version will be published at this URL with a new "Last updated" date.