Privacy Policy
Effective Date: 20-Apr-2026
This Privacy Policy applies to the RemoteCam mobile application (the “Application”), created and maintained by Matteo Da Ros (the “Developer” or “Data Controller”) as a Freemium service. This service is provided “AS IS,” without warranties of any kind. By using the Application, you agree to the collection and use of information in relation to this policy. This Privacy Policy is governed by the laws of the Province of Ontario, Canada, without regard to its conflict of law provisions.
Certain limitations of liability and disclaimers that affect your use of the Application (including disclaimers regarding End-to-End Encryption and mission-critical usage) are set out in our Terms and Conditions (EULA), which should be read alongside this policy. Additionally, while the Application does not currently utilize automated decision-making or sell data under the California Consumer Privacy Act (CCPA), and is strictly intended for users 18 and older in compliance with the Children’s Online Privacy Protection Act (COPPA), our data handling practices are designed to respect these global frameworks.
The Application processes specific device data and utilizes distinct architectural methods to function. As a core principle, the developer does not collect, store, or have access to your personal media or passwords.
- Authentication and Synchronization: The Application utilizes Google Sign-In and Firebase (a Google service) to authenticate users and securely synchronize settings and connection states between your devices. Your authentication tokens are managed securely by Firebase; the developer never sees or stores your password.
- Media Storage (Google Drive): Static images and recorded videos captured by the Application are saved directly to the authenticated user’s personal Google Drive account. The Application utilizes the Google Drive API strictly for the purpose of uploading and saving these files. The developer has no access to view, manage, or retrieve any files within your Google Drive.
- Live Video Streaming (Routing Only): For live video streaming functionality, the data stream is routed through a dedicated relay server managed by the developer. This server is utilized strictly to route the data packets between the transmitting and receiving devices. The live stream utilizes End-to-End Encryption (E2EE) on a best-effort basis. No video, audio, or image data is decrypted, recorded, logged, or saved on this relay server. However, as noted in our Terms and Conditions, no digital transmission is perfectly secure. Connection metadata, including IP addresses, may be transiently processed by the relay server solely for the purpose of routing data packets. This metadata is not retained after the session ends.
- Device Permissions: The Application requires explicit permission to access your device’s camera and microphone to function. This access is strictly contained within the app’s local environment and the aforementioned E2EE routing process.
2. Third-Party Services and International Data Transfers
The Application utilizes third-party services acting as Data Processors. These providers have their own privacy policies addressing how they handle data. By using the Application, you acknowledge the use of the following services:
- Google Play Services & Billing: Used for app distribution and processing secure in-app purchases. The developer does not process or have access to your financial or credit card information.
- Firebase (Google): Used for user authentication and cross-device synchronization.
- Google Drive API: Used strictly for saving user-generated media to your personal cloud storage.
International Data Transfers: By using the Application, you acknowledge that your data (such as authentication tokens) may be processed by Google on servers located outside of Canada, and may be subject to the laws of those jurisdictions.
Links to the privacy policies of third-party service providers:
3. Data Retention and Deletion
Because the developer does not store your media, passwords, or personal data on developer-owned servers, the developer cannot delete this data on your behalf.
- Local and Cloud Media: To delete your saved media, you must manually delete the files from your device’s local storage and your personal Google Drive account.
- Account Synchronization Data: To stop cross-device synchronization and delete the authentication linkage established by Firebase, you may log out of the Application and uninstall it from your devices.
- Revoking Access: You can revoke the Application’s access to your Google Account and Google Drive at any time through your Google Account Security settings.
4. User Rights (PIPEDA and GDPR)
As the Data Controller, the developer acknowledges your rights under applicable privacy frameworks, including the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) and the EU General Data Protection Regulation (GDPR).
- Legal Basis for Processing: Under GDPR, the legal basis for processing your authentication data is “contract performance” (providing the core functionality of the Application), and the legal basis for transiently processing IP metadata for relay routing is our “legitimate interest” in facilitating the service.
- Your Rights: Depending on your jurisdiction, you have the right to access the personal information held about you, challenge its accuracy, restrict its processing, or withdraw your consent. You also hold the right to erasure (“right to be forgotten”), the right to data portability, and the right to lodge a complaint with a supervisory authority. EU residents may lodge a complaint with the supervisory authority in their Member State of residence.
- Consent Withdrawal: You may withdraw your consent or exercise your rights at any time by revoking the Application’s access through your Google Account Security settings, or by contacting the developer directly at remotecam.app@gmail.com.
- Exercising Your Rights: Because we do not persistently store your personal data or media on our infrastructure, the exercising of these rights (such as data deletion or portability) is executed primarily by managing your Google Account, your Google Drive, and your local device storage. For any remaining inquiries regarding these rights, you may contact the developer directly.
- Note on EU Representative (GDPR Article 27): If you are located in the European Union, please be aware that the developer is based in Canada and does not have a formal EU establishment. If required by applicable law, the developer will appoint an EU representative. Please contact remotecam.app@gmail.com for any related inquiries.
5. Data Breach Notification
In the event of a data breach involving personal information that poses a real risk of significant harm, the developer will notify affected users and relevant supervisory authorities in accordance with applicable law, including within 72 hours where required by GDPR and as soon as feasible where required by PIPEDA.
Given the architectural design of this Application - wherein the developer does not store personal media, passwords, or persistent metadata the scope of any potential breach on developer-managed infrastructure is significantly limited. Nonetheless, the developer is committed to transparency and prompt action in the event of any security incident.
6. Age Restrictions and Children’s Privacy
Due to the nature of the Application, it is not intended for or directed at anyone under the age of 18. As stipulated in our Terms and Conditions, you must be at least 18 years of age to use the Application. The developer does not knowingly collect personally identifiable information from anyone under 18. If you are a parent or guardian and are aware that your child has provided personal information through the Application, please contact the developer immediately at remotecam.app@gmail.com.
7. Changes to This Privacy Policy
We reserve the right, at our sole discretion, to modify or replace this Privacy Policy at any time to reflect changes in the Application’s features or legal requirements. We will make reasonable efforts to notify users of material changes via in-app notification or email prior to the change becoming effective. Changes are effective immediately upon being posted on this page.
If you have any questions, concerns, or requests regarding this Privacy Policy, please contact: remotecam.app@gmail.com