Privacy Policy

This Privacy Policy explains how Hestiaa collects, safeguards, stores, processes, and protects your personal information when using our applications, connected devices, parental control systems, AI-powered monitoring technologies, cloud services, and smart family safety features.

Last updated: January 1, 2026 Privacy

1. Information We Collect

Account Information

Device & Camera Information

Usage & Diagnostic Information

2. How We Use Your Information

3. Video, Audio & Face Data

3.1 Video & Audio Processing

Video and audio streams from connected cameras are processed to enable live streaming, motion detection, smart notifications, event recording, playback functionality, and monitoring services.

Depending on user settings, recordings may be stored locally or securely within cloud infrastructure.

3.2 Face Data Collection and Usage

“Hestiaa collects and stores facial embeddings generated from user face data for identity verification, visitor recognition, and live-stream face matching functionality.”

“Facial embeddings are mathematical representations of facial features used solely for recognition and verification within the application.”

What Face Data We Collect

“If facial recognition features are enabled, Hestiaa may collect:

  • Facial embeddings generated from face images
  • Registered visitor face profiles
  • AI-generated face matching metadata
  • Recognition data associated with monitoring events

How Face Data Is Used

“Face-related data is used exclusively for:

  • Identifying and verifying individuals during live streaming
  • Recognizing previously registered visitors or persons
  • Supporting face recognition and monitoring features
  • Matching detected faces against registered user profiles
  • Providing visitor identification functionality”

“Hestiaa does not use face data for advertising, marketing, analytics profiling, unrelated biometric processing, or commercial resale purposes.”

3.3 Face Data Storage and Sharing

“Facial embedding data is securely stored within the Hestiaa database and associated with the respective user account.”

“Users may add, edit, or delete stored face profiles and related face data at any time through the application.”

“Hestiaa does not sell, rent, share, or disclose facial embeddings or face-related information to third parties for commercial purposes.”

3.4 Face Data Retention

“We do not store users’ face images on our servers. Instead, we store only facial embeddings (mathematical representations generated from face data) that are required to provide face recognition functionality.”

“Facial embeddings are stored on our servers until the user chooses to delete the stored face data using the in-app face delete option or deletes their account. There is no fixed retention period, as users can delete their stored facial data at any time through the app. Once deleted, the associated facial embeddings and related recognition data are permanently removed from our systems.”

“We retain these facial embeddings to provide continuous face recognition and visitor identification features without requiring users to repeatedly re-register faces. This enables the app to identify registered individuals during live streaming, generate related notifications, and record recognition events for an improved user experience.”

3.5 Face Data Security

“We implement reasonable administrative, technical, and organizational safeguards to protect face-related information from unauthorized access, misuse, disclosure, or alteration.”

4. Sharing Of Information

We do not sell personal information.

Limited information may be shared only with trusted providers operating on behalf of Hestiaa, including cloud infrastructure, payment processing, analytics, and customer support systems.

5. Data Security

Hestiaa uses industry-standard safeguards including:

6. Data Retention

Inactive Account Deletion

Inactive User accounts are monitored for inactivity, and if a user does not log in for 352 days, the system automatically sends an email informing them that their account will be deleted in 14 days. If the user logs in during this notice period, the inactivity timer is reset and the deletion process is cancelled. However, if the account remains inactive for a total of 366 days, the system automatically terminates the account and removes all associated user data, including profile information, devices, sessions, payment records, face recognition data and all other information related to the user.

7. Your Choices & Rights

Privacy requests: privacy@hestiaa.com

8. Parental Controls

Hestiaa provides parental control and family safety features including:

9. Children’s Privacy

Hestiaa is not intended for children without parental consent where required by applicable law.

10. Definitions

Service means the Hestiaa website, applications, connected devices, AI systems, cloud infrastructure, and related technologies.

Personal Data means information relating to an identifiable individual.

Usage Data means information collected automatically through the Service.

Cookies are small files stored on user devices.

Data Controller means the entity determining how and why Personal Data is processed.

Data Processor means third-party providers processing information on behalf of Hestiaa.

11. Cookies & Tracking Technologies

Hestiaa uses cookies, scripts, analytics technologies, and tracking systems to improve functionality, security, and platform reliability.

12. Transfer Of Data

Your information may be transferred to and maintained on systems located outside your country where privacy laws may differ.

By using Hestiaa, you consent to such transfers in accordance with this Privacy Policy.

13. Disclosure Of Data

Hestiaa may disclose information:

14. GDPR Data Protection Rights

Users located within the European Union (EU) or European Economic Area (EEA) may have rights including:

15. California Privacy Rights (CCPA & CalOPPA)

California residents may have rights under the California Consumer Privacy Act (CCPA) and California Online Privacy Protection Act (CalOPPA).

Hestiaa does not sell personal information.

16. Service Providers

Hestiaa may employ third-party providers including:

17. Analytics

Hestiaa may use analytics providers including:

18. Advertising & Remarketing

Hestiaa may use advertising and remarketing services including:

19. Payments

Hestiaa may provide paid subscriptions and cloud services.

Payment processing may be handled by:

Hestiaa does not directly store payment card details.

20. Links To Other Sites

Hestiaa services may contain links to third-party websites or services.

We strongly encourage users to review the privacy policies of all external services visited.

21. Changes To This Privacy Policy

Hestiaa may update this Privacy Policy periodically.

Updated versions will be posted within the applications or on the official website.

22. Contact Us

Questions regarding this Privacy Policy may be directed to:

Hestiaa Privacy Team
privacy@hestiaa.com