1. Information We Collect
Account Information
- Name
- Email address
- Phone number
- Login credentials
- Billing and subscription information
Device & Camera Information
- Device identifiers
- Operating system and app version
- Camera settings and preferences
- IP address and connectivity information
- Notification settings
Usage & Diagnostic Information
- Feature usage statistics
- Crash reports and diagnostics
- Streaming performance data
- Motion detection activity
- Application logs
2. How We Use Your Information
- Provide and maintain Hestiaa services
- Enable live streaming and playback
- Deliver motion alerts and notifications
- Support visitor recognition functionality
- Improve app security and reliability
- Process subscriptions and payments
- Respond to support requests
- Comply with legal obligations
3. Video, Audio & Face Data
3.1 Video & Audio Processing
Video and audio streams from connected cameras are processed to enable live streaming, motion detection, smart notifications, event recording, playback functionality, and monitoring services.
Depending on user settings, recordings may be stored locally or securely within cloud infrastructure.
3.2 Face Data Collection and Usage
“Hestiaa collects and stores facial embeddings generated from user face data for identity verification, visitor recognition, and live-stream face matching functionality.”
“Facial embeddings are mathematical representations of facial features used solely for recognition and verification within the application.”
What Face Data We Collect
“If facial recognition features are enabled, Hestiaa may collect:
- Facial embeddings generated from face images
- Registered visitor face profiles
- AI-generated face matching metadata
- Recognition data associated with monitoring events
How Face Data Is Used
“Face-related data is used exclusively for:
- Identifying and verifying individuals during live streaming
- Recognizing previously registered visitors or persons
- Supporting face recognition and monitoring features
- Matching detected faces against registered user profiles
- Providing visitor identification functionality”
“Hestiaa does not use face data for advertising, marketing, analytics profiling, unrelated biometric processing, or commercial resale purposes.”
3.3 Face Data Storage and Sharing
“Facial embedding data is securely stored within the Hestiaa database and associated with the respective user account.”
“Users may add, edit, or delete stored face profiles and related face data at any time through the application.”
“Hestiaa does not sell, rent, share, or disclose facial embeddings or face-related information to third parties for commercial purposes.”
3.4 Face Data Retention
“We do not store users’ face images on our servers. Instead, we store only facial embeddings (mathematical representations generated from face data) that are required to provide face recognition functionality.”
“Facial embeddings are stored on our servers until the user chooses to delete the stored face data using the in-app face delete option or deletes their account. There is no fixed retention period, as users can delete their stored facial data at any time through the app. Once deleted, the associated facial embeddings and related recognition data are permanently removed from our systems.”
“We retain these facial embeddings to provide continuous face recognition and visitor identification features without requiring users to repeatedly re-register faces. This enables the app to identify registered individuals during live streaming, generate related notifications, and record recognition events for an improved user experience.”
3.5 Face Data Security
“We implement reasonable administrative, technical, and organizational safeguards to protect face-related information from unauthorized access, misuse, disclosure, or alteration.”
- Encrypted storage
- Secure authentication systems
- Access controls
- Infrastructure monitoring
- Database protection mechanisms
4. Sharing Of Information
We do not sell personal information.
Limited information may be shared only with trusted providers operating on behalf of Hestiaa, including cloud infrastructure, payment processing, analytics, and customer support systems.
5. Data Security
Hestiaa uses industry-standard safeguards including:
- Encryption in transit and at rest
- Secure authentication systems
- Access controls
- Infrastructure monitoring
6. Data Retention
- Account information is retained while accounts remain active.
- Device information is deleted after device removal.
- Usage logs are retained temporarily for diagnostics and security.
- Event recordings are retained based on subscription settings.
- Face data is retained only while required for recognition functionality.
Inactive Account Deletion
Inactive User accounts are monitored for inactivity, and if a user does not log in for 352 days, the system automatically sends an email informing them that their account will be deleted in 14 days. If the user logs in during this notice period, the inactivity timer is reset and the deletion process is cancelled. However, if the account remains inactive for a total of 366 days, the system automatically terminates the account and removes all associated user data, including profile information, devices, sessions, payment records, face recognition data and all other information related to the user.
7. Your Choices & Rights
- Access and update account information
- Modify camera and notification settings
- Enable or disable facial recognition features
- Add, edit, or delete face profiles
- Delete recordings and stored information
- Request account deletion
Privacy requests: privacy@hestiaa.com
8. Parental Controls
Hestiaa provides parental control and family safety features including:
- Restricted camera visibility
- Child-safe profiles
- Activity monitoring
- Time-based restrictions
- Family access management
9. Children’s Privacy
Hestiaa is not intended for children without parental consent where required by applicable law.
10. Definitions
Service means the Hestiaa website, applications, connected devices, AI systems, cloud infrastructure, and related technologies.
Personal Data means information relating to an identifiable individual.
Usage Data means information collected automatically through the Service.
Cookies are small files stored on user devices.
Data Controller means the entity determining how and why Personal Data is processed.
Data Processor means third-party providers processing information on behalf of Hestiaa.
11. Cookies & Tracking Technologies
Hestiaa uses cookies, scripts, analytics technologies, and tracking systems to improve functionality, security, and platform reliability.
- Session Cookies
- Preference Cookies
- Security Cookies
- Analytics Cookies
- Authentication Cookies
12. Transfer Of Data
Your information may be transferred to and maintained on systems located outside your country where privacy laws may differ.
By using Hestiaa, you consent to such transfers in accordance with this Privacy Policy.
13. Disclosure Of Data
Hestiaa may disclose information:
- To comply with legal obligations
- To protect platform security
- To prevent fraud and abuse
- During mergers or acquisitions
- To trusted providers operating on behalf of Hestiaa
14. GDPR Data Protection Rights
Users located within the European Union (EU) or European Economic Area (EEA) may have rights including:
- Right to access data
- Right to correction
- Right to deletion
- Right to restrict processing
- Right to data portability
- Right to withdraw consent
15. California Privacy Rights (CCPA & CalOPPA)
California residents may have rights under the California Consumer Privacy Act (CCPA) and California Online Privacy Protection Act (CalOPPA).
Hestiaa does not sell personal information.
16. Service Providers
Hestiaa may employ third-party providers including:
- Cloud hosting providers
- Analytics providers
- Payment processors
- Infrastructure monitoring providers
- Push notification services
17. Analytics
Hestiaa may use analytics providers including:
- Google Analytics
- Firebase Analytics
- Performance monitoring systems
18. Advertising & Remarketing
Hestiaa may use advertising and remarketing services including:
- Google Ads
- Facebook Advertising
- Bing Ads
- Pinterest Advertising
- Twitter Advertising
19. Payments
Hestiaa may provide paid subscriptions and cloud services.
Payment processing may be handled by:
- Stripe
- PayPal
- Apple In-App Payments
- Google Play Payments
Hestiaa does not directly store payment card details.
20. Links To Other Sites
Hestiaa services may contain links to third-party websites or services.
We strongly encourage users to review the privacy policies of all external services visited.
21. Changes To This Privacy Policy
Hestiaa may update this Privacy Policy periodically.
Updated versions will be posted within the applications or on the official website.
22. Contact Us
Questions regarding this Privacy Policy may be directed to:
Hestiaa Privacy Team
privacy@hestiaa.com