Swipetimes › Time tracker: authorized integration & OpenData-style interoperability

Protocol analysis, export ingestion, and calendar-side automation for project hours, invoices, and attendance-style datasets—without claiming non-existent vendor APIs.

From $300 · Pay-per-call available

OpenData · OpenFinance-adjacent reporting · Protocol analysis · Android automation

Turn Swipetimes records into governed datasets your finance and operations systems can consume

Swipetimes stores rich, structured work-time information locally while optionally mirroring summaries to Google Calendar and pushing encrypted backups to Google Drive or Dropbox. That combination creates a realistic integration surface: not a mythical public “Swipetimes REST API,” but repeatable pipelines around exports, calendar events, and user-authorized cloud files—the same pattern enterprises use when they treat mobile productivity apps as first-class data producers.

Project ledger payloads — Granular clocks for projects, tasks, tags, budgets, hourly rates, and corrections map cleanly to ERP line items when you normalize CSV/XML fields before journal import.

Attendance-adjacent signals — Day types (vacation, sick leave, public holidays), overtime buckets, and time-account balances behave like payroll control totals when reconciled against HR calendars.

Invoice and income artifacts — Printable invoices plus rate-based income calculations give finance teams auditable documents that can be archived beside bank statements in compliance packs.

Feature modules we implement around Swipetimes data

Each module below names concrete record shapes and a downstream action. Where a capability depends on user consent and third-party tokens (Google or Dropbox), we document the scope boundary explicitly so security reviewers see a complete chain.

Scheduled export ingestion

Swipetimes can plan exports and route files through email or cloud destinations. We build watchers that validate checksums, parse PDF/Excel/CSV/XML columns (project, start, end, breaks, GPS distance), and land rows in a warehouse table keyed by employee_id and work_date.

Calendar mirror normalization

One-way sync writes time blocks into Google Calendar. We normalize event titles, durations, and recurrence quirks into a canonical schema so BI tools can join calendar_fact to hr_schedule without double counting.

Geofence, Wi‑Fi, and NFC provenance

Automation metadata proves whether a segment started because of workplace Wi‑Fi, NFC tap, or manual correction—useful when auditors ask how “actual time” differed from “target time” on a disputed day.

Invoice packet assembly

We stitch invoice PDFs with underlying hour extracts so accounts receivable can match billed lines to tracked segments, similar to how open finance workflows match invoices to card settlements.

Journey / mileage correlation

GPS-based journey logs and distance fields feed fleet or reimbursement models; we translate them into OD-matrix friendly segments with start/end coordinates where the export includes them.

Multi-profile governance

Profiles separate personal and client contexts. We propagate profile_id through pipelines so consent banners and retention policies can differ per contractor brand under the same device.

Core benefits for finance and operations stakeholders

Swipetimes markets itself as accountless and offline-friendly, which reduces vendor lock-in but also means your organization must own the integration contract. The upside is crisp data ownership: once exports and backups are authorized, your ledger stays inside infrastructure you control—an increasingly common requirement when GDPR data minimization meets payroll-adjacent open data pipelines.

Because Swipetimes already ships structured timesheet XML ingestion paths to accountants who prefer machine-readable formats, your engineering team can treat those artifacts like miniature “account statements” for labor instead of bank cash flows. That framing helps compliance teams map controls they already operate for banking extracts to time-domain extracts without inventing a new risk taxonomy.

Faster month-end close for distributed crews

Field technicians and hybrid staff rarely adopt heavy ERP clocks. Capturing Swipetimes segments nightly means payroll exceptions surface Tuesday instead of the Friday before close.

Auditability without shadow spreadsheets

Tags, notes, and edit histories captured in exports reduce “silent fixes” that often appear when teams manually re-type hours into shared workbooks.

Portable automation

Runnable source plus OpenAPI descriptions of your internal ingestion service let you migrate from mailbox drops to secured SFTP without rewriting business rules.

Screenshots

Tap a thumbnail to preview the full Play Store artwork in a light overlay. The grid stays compact so the page remains readable on first load.

Data available for integration (OpenData perspective)

The inventory below ties each dataset to a user-visible feature, states realistic grain, and cites typical downstream uses. Rows combine Play Store marketing copy with release notes such as the 2025-era alarm screen redesign and invoice list upgrades that make bulk review faster for finance reviewers.

Data type	Source (screen / feature)	Granularity	Typical use
Clock segments (start/stop, breaks)	Timeline, alarms, duration-only entries	Per record, often sub-minute depending on settings	Project costing, utilization analytics, exception detection when actual < target
Day-type ledger (vacation, sick, holiday, custom)	Calendar overlays, day-type coloring	Per calendar day (half-day supported)	HR accrual reconciliation, absence compliance reporting
Project economics (budgets, rates, income)	Project settings, statistics, goals	Per project / task / tag slice	Margin forecasts, bid calibration, client profitability packs
Invoice headers and line adjustments	Invoice list, invoice editing flows	Per invoice revision	AR aging joins, VAT-ready attachments where applicable
Export bundles (Excel, PDF, CSV, XML)	Statistics exports, scheduled export planner	Per export job (rolling windows)	Data warehouse landing zones, accountant handoff, archival
Calendar events mirroring work blocks	Google Calendar integration (optional)	Per mirrored segment	Cross-tool scheduling analytics, meeting vs deep-work ratios
Journey metrics (distance, track)	GPS tracking, PDF mileage attachments	Per trip segment	Mileage reimbursement, carbon reporting, route risk review

Typical integration scenarios

Each scenario lists a business context, names the data contract, and states how it relates to OpenData-style portability—even when the regulated object is labor time rather than a bank account balance.

Scenario A — European professional services firm unifying Android capture

Context: Consultants log deep work on phones during client travel. Finance refuses another siloed mobile app without a feed.

Data / interface: Nightly structured timesheet XML ingestion into BigQuery, keyed by consultant code embedded in the Swipetimes project naming convention.

OpenData mapping: Mirrors how PSD2 account aggregators normalize proprietary bank feeds into AIS dashboards—here the “account” is a project ledger, but the normalization discipline is identical.

Scenario B — Payroll bureau ingesting corrected hours

Context: Clients forget punches; Swipetimes allows subsequent edits with notes.

Data / interface: CSV exports filtered by statistics period plus a change_log table you maintain by hashing each export file.

OpenData mapping: Comparable to payment correction files in open finance: deltas must be idempotent and traceable to a user action timestamp.

Scenario C — Field maintenance vendor proving site attendance

Context: Buyers demand evidence that technicians were on site, not only that work orders closed.

Data / interface: Geofence-triggered segments joined to work_order_id via middleware; optional KM fields from GPS exports.

OpenData mapping: Aligns with location-backed proofs used in mobility and insurance telematics, framed under contract law rather than banking statutes.

Scenario D — Freelancer issuing invoices while accountant pulls backups

Context: Sole proprietor tracks hours and prints invoices inside Swipetimes while the accountant uses Dropbox snapshots.

Data / interface: Dropbox backup folder polling with encrypted-at-rest storage; invoice PDF OCR fallback only when XML is unavailable.

OpenData mapping: Treats user-owned cloud folders as voluntary data portability endpoints, similar to open banking “user-controlled sharing” narratives.

Scenario E — Hybrid workforce calendar analytics

Context: Leadership wants calendar heatmaps without forcing Google Workspace time tracking.

Data / interface: Google Calendar integration services that read Swipetimes-created events and aggregate focused_project markers.

OpenData mapping: Calendar feeds become an interoperability layer analogous to ICS-based travel data exchange—lower sensitivity than account numbers but still subject to employee consent.

Technical implementation sketches

Snippets are illustrative pseudocode for services we deliver after explicit authorization. They intentionally vary transport styles (HTTPS ingestion, calendar pull, webhook-style mail hooks) to show breadth.

POST /internal/v1/timesheets/ingest-swipe-xml

POST /internal/v1/timesheets/ingest-swipe-xml
Content-Type: multipart/form-data
Authorization: Bearer <SERVICE_TOKEN>

file=@2026-04-11_profile_main.xml
meta={"source":"swipetimes","device":"android","tz":"Europe/Berlin"}

200 OK
{
  "rows": 184,
  "projects": ["ACME-IMPL","INTERNAL-ADMIN"],
  "warnings": [
    {"row": 92, "code":"OVERLAP", "hint":"adjacent segments touch same minute"}
  ],
  "checksum_sha256": "b3c1…f21a"
}

401 → rotate service token
422 → reject file; keep quarantine blob for audit

Calendar pull (read-only mirror)

GET https://www.googleapis.com/calendar/v3/calendars/primary/events
Authorization: Bearer <USER_OAUTH_ACCESS>
q=Swipetimes
timeMin=2026-04-01T00:00:00Z
singleEvents=true

Normalize each event:
{
  "event_id": "...",
  "start": "...",
  "end": "...",
  "summary_tokens": ["Project:Roadmap","Tag:DeepWork"],
  "confidence": 0.86
}

429 → exponential backoff + jitter
403 → re-consent calendar scope

Mailbox webhook fan-out (scheduled export)

// Provider-specific (SendGrid/Inbound parse/etc.)
POST /hooks/email/swipetimes-export
X-Signature: sha256=<HMAC>

if !valid_hmac(payload, secret):
    return 401

attachment = payload.attachments[0]  # e.g., April_hours.pdf
route_to = "s3://finance-inbox/swipetimes/2026/04/"
store_with_dedup(attachment, route_to)

notify_slack("#ops-integrations",
  text="Swipetimes export landed",
  fields=[filename, sha256, profile_hint])

500 from upstream OCR → DLQ with replay id

Compliance & privacy

Swipetimes is developed by Leon Chiver in Ulm, Germany, and its privacy materials describe local-first storage with optional Google or Dropbox transfers initiated by the user. For European employers ingesting those exports, the EU General Data Protection Regulation (GDPR) remains the primary reference: you need a lawful basis (often contract or legitimate interest assessments), data minimization, retention caps, and subprocessors listed in your own register.

Firebase Analytics and Crashlytics are referenced in public-facing policies as low-sensitivity telemetry channels; your enterprise DPIA should still document how employee-derived exports intersect with MDM policies on corporate devices. Where customers mistakenly label this as “open banking,” we correct the record: no AIS/PIS licensing applies, yet confidentiality controls can borrow from ISO 27001 access patterns used adjacent to open finance programs.

We refuse engagements that ask for covert surveillance, credential sharing that violates app terms, or reverse engineering aimed at bypassing technical protection measures. Instead, we document authorized capture paths—exports, calendar APIs the user approves, and MDM-managed file drops—so regulators see an intentional architecture.

Data flow / architecture

A pragmatic four-node pipeline keeps responsibilities obvious during security review: (1) the Android Swipetimes client remains the authoring system for timers; (2) an ingestion tier (mailbox listener, Drive watcher, or SFTP edge) accepts only signed or quarantined files; (3) a normalization service expands XML/CSV into typed tables with project and profile foreign keys; (4) analytics and finance outputs publish curated facts to your warehouse and reversible PDF archives for auditors.

Optional branching sends the same normalized stream to anomaly detectors—for example, flagging when geofence hours exceed contractual caps—without feeding raw GPS traces to every downstream consumer.

Market positioning & user profile

Public listings position Swipetimes › Time tracker for employees, freelancers, craftspeople, and students who need project-level discipline without mandatory cloud accounts; Android is the natural home given deep integrations with widgets, NFC, and background location automation. Geographic demand skews toward EU privacy expectations—consistent with a German indie developer—while English-language documentation and multi-language UI support global freelancers who invoice international clients. Play Store scale indicators commonly cite hundreds of thousands of installs with strong ratings, signaling mature edge-case handling rather than an experimental niche toy.

Similar apps & integration landscape

Listing adjacent products helps teams discover our studio when they compare Android time tracking export automation strategies across vendors. Each name below is part of the broader ecosystem; integration demand often appears when organizations run mixed tools across subsidiaries.

Toggl Track

Widely adopted by agencies with hosted accounts; teams that pair Toggl Track with Swipetimes on different subsidiaries still ask for unified hour facts inside one warehouse.

Clockify

Frequently chosen for free-tier team rollouts; data includes workspace-level projects that finance must reconcile against mobile-only capture apps.

Harvest

Combines expenses and invoices for consultancies; Harvest exports often land beside Swipetimes PDFs when partners merge mid-quarter.

Timely

Automatic capture narratives appeal to calendar-heavy users; integration teams map Timely suggestions to the same calendar tables fed by Swipetimes mirrors.

Jiffy

Simple timer-first UX for individuals; Jiffy rows are smaller but still need the same payroll joins when contractors switch apps mid-year.

aTimeLogger

Activity-centric tracking complements project-centric Swipetimes; joint users often want category taxonomies aligned for BI.

Work Log

Shift-oriented workers export structured shift tables that payroll partners compare to Swipetimes overtime buckets.

TrackingTime

Team monitoring features produce managerial dashboards; the underlying hour totals still converge with Swipetimes exports in parent-company reporting.

Forest

Focus gamification yields session lengths rather than client billing detail, yet wellness programs still correlate Forest sessions with Swipetimes deep-work tags.

API integration instructions (how we run your engagement)

Inventory capture paths: Decide whether truth enters through structured timesheet XML, CSV mail attachments, Google Calendar mirrors, or encrypted Drive/Dropbox bundles. Document which path is authoritative when two disagree.
Define identity joins: Map Swipetimes profiles and project codes to employee_master IDs; include rules for renamed projects to avoid orphaned hours.
Automate validation: Implement schema checks for breaks, overlap detection, and maximum daily hours before rows hit payroll staging.
Wire notifications: Route parser warnings to Slack or ServiceNow so field managers fix Swipetimes entries before lock.
Publish internal OpenAPI: Even without a vendor API, your ingestion microservice should expose documented endpoints so ERP adapters remain testable.
Run parallel reconciliation: For the first month, compare Swipetimes totals to legacy spreadsheets; variances should shrink as automation matures.

These instructions assume explicit user consent, corporate acceptable-use alignment, and MDM policies that permit the chosen transport. We deliver runnable source (Python, Node.js, or Go) plus test fixtures built from redacted samples you provide.

What we deliver

Deliverables checklist

OpenAPI specification for your private ingestion service
Protocol and data-capture report (exports, calendar scopes, backup files)
Runnable parsers for CSV/XML/PDF text layers with unit tests
Runbooks for token rotation, quarantine replay, and checksum audits
GDPR-aligned minimization worksheet (fields kept vs dropped)

Pricing models

Source code delivery from $300: you receive documented services and pay after delivery when acceptance criteria pass.

Pay-per-call API billing: we host secured endpoints that wrap your approved parsers; you pay per successful parse job, with no upfront fee.

About our studio

We specialize in app interface integration and authorized API work for mobile-first workforces. Engineers on our bench have shipped connectors for retail order streams, mobility bookings, and finance dashboards; Swipetimes engagements borrow the same rigor even when the “API” is a scheduled XML envelope instead of OAuth consent against a bank.

Protocol analysis grounded in observable exports, not speculative endpoints
Android and iOS awareness for MDM, per-app VPN, and split tunneling edge cases
Documentation sets auditors can follow without opening IDE tabs

Contact

Share the target app name (Swipetimes › Time tracker) plus your required outputs—warehouse schemas, invoice reconciliation, or calendar analytics—and we respond with a scoped plan.

Open the contact page

Engagement workflow

Discovery workshop: confirm capture path, refresh cadence, and finance owner sign-off.
Protocol analysis on sample exports you authorize (2–5 business days).
Build parsers, hooks, and observability dashboards (3–8 business days).
Hardening pass: chaos tests on malformed rows, DST edges, duplicate files.
Documentation + handoff call with runbooks for on-call rotations.

FAQ

Is there an official Swipetimes developer API?

Public materials emphasize in-app integrations (calendar, backups, exports). We do not advertise nonexistent vendor endpoints; we implement what your policies allow.

Can you guarantee Play feature parity?

No—version 22.x shipped UI changes such as the redesigned alarm screen; we track changelog diffs and adjust parsers when column orders shift.

Do you support iOS?

This page targets the Android package lc.st.free; if you deploy Swipetimes on additional platforms, scope file paths and MDM rules separately.

Original app overview (collapsed by default)

Swipetimes › Time tracker bills itself as a versatile yet simple Android work-time tracker for employees, freelancers, craftspeople, and students, with optional home-office coverage. Core capabilities include target versus actual hours, time accounts, overtime, vacation and sick-day modeling, public holidays, printable time sheets, and exports to Excel, PDF, CSV, or XML.

Automation arrives through location, connected Wi‑Fi networks, or NFC to start and stop timers without constant manual taps. Project rates, income calculations, invoice management, tags, statistics, GPS journey capture, and backups to SD card, Google Drive, or Dropbox extend the dataset. Google Calendar integration remains optional alongside cloud backups; the developer stresses that no account is required to begin tracking.

Rough tracking mode supports approximate durations when exact timestamps matter less than weekly totals.
Subsequent editing flows help correct forgotten punches while preserving explanatory notes.
Scheduled exports can email files automatically, which enterprises treat as a mini “statement delivery” channel.