Is Time & Bill a cloud service?

Yes. Time & Bill is a hosted cloud application.

Where is Time & Bill hosted?

Application data is hosted on Hetzner infrastructure in Germany. AWS is used for system email delivery and the landing page.

Can Time & Bill staff access my data?

Manual access may happen only when needed for support or debugging. Time & Bill is operated by a single person and is not marketed as a zero-access system.

Can I export and delete my data?

Yes. Time & Bill supports data export and account or data deletion.

Trust & Privacy

This page explains the Time & Bill trust model in plain language. It is not a replacement for the legal privacy policy. It is the short operational version for customers who want to understand how the service works.

How Time & Bill handles data

Time & Bill is a hosted cloud application.
Application data is hosted on Hetzner infrastructure in Germany.
AWS is used for sending system emails and hosting the landing page.
Mailchimp is used only for newsletter subscribers.
Customer data can be exported and deleted.

If you want the legal version, see the privacy policy. If you want the provider list, see the subprocessors page.

What “control” means here

Time & Bill is designed to give customers practical control over their data:

you can export your data,
you can delete your data,
and you can see which providers are involved.

But Time & Bill is still a hosted SaaS product. We operate the infrastructure. This is not a zero-access design, not an end-to-end encrypted system, and not a local-only tool.

If you want a local-first developer workflow with no required cloud account, see HumbleBee.

Hosting and providers

Hetzner

Purpose: application hosting
Scope: Time & Bill application data
Location: Germany
Required: yes, for the hosted product

AWS

Purpose: system email delivery and landing-page hosting
Scope: recipient addresses, message-delivery processing for system emails, and website infrastructure for the landing site
Required: yes for the current hosted setup

Mailchimp

Purpose: newsletter delivery and newsletter analytics
Scope: newsletter subscriber data only
Required: optional, only if you subscribe to the newsletter

The compact provider list is published on the subprocessors page.

Manual human access

Time & Bill is operated by a single person. Manual access to customer data is not part of the normal workflow.

Manual access may happen only when it is necessary for support or debugging. The guiding rules are:

no routine browsing of customer data,
only the minimum access needed to diagnose or resolve a problem,
only when there is a concrete support or technical reason,
and no claim that this is a zero-access system.

If that tradeoff is not the right fit for you, the local-first alternative in this product family is HumbleBee.

Security summary

The current public security summary is:

TLS is used for the website and application traffic.
Authentication and authorization are enforced through Spring Security.
Current passwords use BCrypt-based hashing.
Daily backups are performed.
MFA is not currently supported.

Deployment options

There are now three relevant deployment models in the product family:

Option	Status	Trust model	Best for
Time & Bill hosted cloud	Available now	Provider-operated SaaS	teams, browser/mobile workflows, shared reports
Time & Bill on-premise	In development	Customer-operated deployment	customers who need their own environment
HumbleBee	Available now	Local-first CLI, open source	developers who want local tracking without required cloud access