Frequently Asked Questions

No. OvertimeLog is a desktop application. It talks to the Slack API directly from your machine and stores everything in a local SQLite file. There is no OvertimeLog cloud — we don't operate one. You can verify this by running the app offline with a network monitor: the only outbound traffic is to slack.com (and, if you enable it, to the AI endpoint you configured).

OvertimeLog uses a user token, not a bot. There is no "OvertimeLog" bot added to your workspace and no install entry in the workspace admin panel. From Slack's side, the API calls look like any other request made by your own account. That said — if your employer runs network monitoring or endpoint-management software on your device, they may see app-level network traffic there. Use OvertimeLog on personal hardware where possible.

Captured Slack messages, OAuth tokens, settings, and exports live in a single application-data folder: %APPDATA%\OvertimeLog\ on Windows, ~/Library/Application Support/OvertimeLog on macOS, ~/.local/share/OvertimeLog on Linux. Full breakdown in the Privacy Policy.

No. No Google Analytics on the website, no telemetry in the app, no usage metrics, no crash reporting. This is an architectural commitment, not just a marketing line — see the Privacy Policy.

Uninstalling the app does not delete the app-data folder. Your Slack history, licence key, and exports stay on disk so you can reinstall later without losing them. To wipe everything, delete the folder manually.

Yes. Settings → 🛡️ Privacy & GDPR → Download all data (JSON). The export covers every user-owned table in the local database. Sensitive fields (password hash, AI API key, Slack OAuth tokens) are redacted in the export for safety.

In the vast majority of jurisdictions, you are allowed to keep a record of your own working time and the messages sent to you — that's the whole premise of working-time law. That said, employment and data-protection rules vary: some workplaces restrict unofficial exports of internal communications, and some countries have specific rules about employee recording. When in doubt, check with your works council, union, or an employment lawyer. See the Disclaimer Employer notice template.

It depends on the forum. A labour inspectorate or works council is usually willing to consider timestamped records with permalinks and SHA-256 hashes, especially where the employer failed to maintain the "objective and reliable" system required by the CCOO ruling. Courts apply their own rules of evidence. The hashes prove local tamper-evidence, not authorship — see §3 of the Disclaimer.

The architecture is designed around GDPR principles: processing is local, the lawful basis is legitimate interest (Art. 6(1)(f)), and data-subject rights are exercised directly in the app. You remain the data controller for data on your device — and that data includes messages from coworkers, so treat it accordingly (don't share unredacted exports casually; use Privacy Mode when handing anything to a third party).

No. OvertimeLog authenticates with your own Slack user token via OAuth. You're authorising the app to read data you can already see in the Slack client — no admin elevation, no workspace install.

Read-only user scopes for channels, groups (private channels), IM (direct messages), and MPIM (multi-person DMs), plus users:read for display names. Exact list is shown in the OAuth consent screen during setup and is documented in the in-app Settings → About page.

Yes — Settings → Slack → Disconnect revokes the token and stops the app from making any further API calls. Your previously captured data stays local until you delete it.

AI summaries are off by default. If you turn them on, message content is sent to whatever AI endpoint you configure in Settings — a local Ollama/LM Studio instance (recommended for privacy), or an OpenAI-compatible cloud provider if you prefer. OvertimeLog does not host any AI service. When you point it at a cloud provider, that provider's policies apply to the content you send.

Free keeps the most recent 14 days of data, lets you export to PDF, and has no historical-backfill feature. Pro removes the window (keeps everything as long as you do), unlocks Excel exports, historical backfill, AI summaries, and multiple-rate billing. The pricing table has the full breakdown.

Yes — one licence, all your personal devices. The licence is per-user, not per-install. Don't share it with coworkers; that's a terms-of-use violation and we can revoke keys that get passed around.

30-day money-back guarantee, no questions asked. Email support@overtimelog.com within 30 days of purchase and we'll refund you. Full policy: /refunds.

No. The one-time plan gives you a perpetual licence for the major version you bought. The annual plan is optional — it's what keeps you on the newest build. If you skip renewals, your current version keeps working forever; you just stop getting updates.

Windows 10+, macOS 11+ (Apple Silicon or Intel), or any modern Linux with glibc 2.31+. Roughly 100 MB of disk space for the app itself, plus your captured data (usually < 1 GB even after months of use). No GPU required. No admin rights needed for installation.

A source-available audit repository is planned — containing the network-facing parts of the codebase (Slack client, OAuth flow, interaction grouping, export pipeline) under a source-available licence. Goal: make the privacy claims on the landing page independently verifiable. Tracked in TODO.md.

overtime.db inside the app-data folder (see Privacy FAQ above). It's a plain SQLite file — back it up however you back up your other files. Restore by copying it back into the same folder before starting the app.

The desktop app boots a local Flask server on http://localhost:5000. There's a small HTTP API used by the UI — you can script against it if you want to, but we haven't formally committed to stability. A proper CLI is on the longer-term wishlist.