Being paranoid in this age of privacy concerns, viruses and ransomware is a good idea, which is why this page exists. The good news is that none of Timelapse’s many users have reported any privacy or security problems. Still, here are some things that may lessen your concerns if you are worried about privacy and security.

Privacy policy

1. Personal Data. Timelapse does not request, collect, store or look up any personal information about the user, domain, organization etc.
2. Adware. Timelapse does not include adware.
3. Application data. Your application data is yours. Timelapse works locally on your machine on your data stored on your own storage locations. Timelapse does not otherwise transmit your data or any information about it beyond your own usage of that data on your own storage locations.
4. Crash reports. If a crash occurs when using Timelapse, Timelapse raises a dialog describing the crash report along with the option for the user to email that report back to the Timelapse developers, via the user’s email system. The decision to email that report is solely at the discretion of the user, where the user can view the contents of the report before mailing it. The crash report typically contains a bug description and a stack trace.
5. Email exchanges. If the user does contact us directly (e.g., by email), we may keep the communication history for the purpose of responding to that email and for resuming the conversational context if contacted again. Typical email exchanges are initiated by the user when they ask for help or feature requests, report crashes or bugs, etc.
6. Data Usage and Sharing. We do not sell, trade, or rent any data, including communication histories, to third parties.
7. Contact Us If you have any questions about this Privacy Policy, please contact us at: saul@ucalgary.ca

Security

1. Timelapse has no known security violations. No one has ever reported any security or privacy problems or malicious use over it decade+ years of existence. Bugs and crashes do occur, which are fixed as needed when they are reported.
2. Timelapse executables are based on source code that only I wrote, with the original version stored on my own reasonably secure computer. Only I have access to that version (which I mirror as open source on Github), and only I compile it to produce the executable.
3. Timelapse executables downloaded from this web site are:
   • located on my (reasonably secure https) University of Calgary web site;
   • based on source code that only I wrote and have access to;
   • personally compiled on my own reasonably secure password-protected machine. located behind a firewall;
   • packaged as installation and zip files created by me and placed on the web site by me;
   • not reliant on any external mirrors.
4. When run, Timelapse:
   • runs under the standard user level, where it does not do anything requiring elevated security,
   • creates, reads and writes files and application data only in a folder (and its sub-folders) as directed by the user, i.e., to save tagged image data into an SQL database file, to create backup files in a sub-folder, etc. No files are written outside that folder or its subfolders, and no images or data is shared. The single exception is with the per machine installation, where Timelapse may make a copy of FFMPEG in a temporary folder to allow FFMPEG to produce intermediate file results (since the installation folder is not normally writable).
   • stores benign user settings in the Windows registry so it can restore settings when the user opens timelapse again (e.g., window size and location).
   • only attempts one external network connection (aside from web page links explicitly chosen by the user). To explain, Timelapse reads a file on the timelapse website to see if a software update is available. If so, it informs the user via a dialog box. However, downloading any updates is a completely manual process done at the user’s discretion after visiting the web site’s download page.
   • if directed by the user, will ask Windows to open a file’s location (e.g., via Windows File Explorer) or to display an image or play a video using whatever Windows application is associated with that file’s extension (e.g., Windows Photo View, WIndows Media Player or whatever is configured as the default viewer/player).
   • if a crash occurs, a dialog appears allowing the user to send a crash report to the Timelapse developer via a mail to: link, where the decision to do so is left to the user.
5. Possible concerns (just to be completely transparent)
   • Dependencies on 3rd party software. Timelapse includes software built by third parties. Examples include Microsoft’s .NET 10, various Nuget packages such asSQLite for database management, FFMPEG for managing videos, and ExifTool for extracting metadata. See complete list in https://timelapse.ucalgary.ca/license/. Although these are vetted for reputation, as with any software third-party components may have undiscovered vulnerabilities. We minimize this risk by using established, reputable components, mostly open source and with liberal licenses. However, users should be aware that safety depends on the maintainers of these external dependencies.
   • Timelapes is unsigned, simply because getting a yearly license is too expensive for free software.
   • Installation methods: Timelapse supplies several installation methods: msi installation files, or as a zip file. This is to maximize deployment success. Aside from the exclusion of .Net on per-machine installations, the installed software is the same.
   • AddaxAI installation and use: Timelapse includes a menu item allowing the user to initiate installation and running of the AddaxAI / MegaDetector image recognition system (I have collaborated with their creators, and AddaxAI is a signed application). Installation just points to the AddaxAI web site, where the choice to install it is totally under the user’s discretion. After installation, the user can, if desired, invoke AddaxAI via an explicit menu selection. AddaxAI installation and use is optional. Timelapse itself does not directly download or include AddaxAI, and Timelapse can run without it.