Privacy Policy

Last updated: March 2, 2026

1. Introduction

bandobast.ai ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our intelligent visual surveillance platform ("Service"). By using the Service, you consent to the practices described in this policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect your name, email address, and authentication credentials. If you sign in with Google, we receive your basic profile information as authorized by you.

2.2 Organization Data

We store information about your organization including organization name, team member details, role assignments, and configuration settings such as camera streams, feature preferences, and integration settings.

2.3 Video and Analytics Data

The Service processes video feeds from cameras you configure. We process this data to generate analytics including footfall counts, crowd density metrics, pattern detections, and other insights. Video frames may be temporarily stored for processing and are not retained beyond the period necessary to provide the Service unless configured otherwise by your organization.

2.4 Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, timestamps, and device information such as browser type and operating system.

3. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain the Service
  • Process video feeds and generate real-time analytics and alerts
  • Authenticate users and manage role-based access
  • Send notifications and alerts through configured channels (e.g., Telegram)
  • Generate reports and exportable analytics documents
  • Improve the accuracy and performance of our AI models
  • Provide technical support and respond to inquiries
  • Ensure the security and integrity of the Service

4. Data Storage and Security

Your data is stored on secure servers. We implement industry-standard security measures including encryption in transit, access controls, and regular security audits. Video processing is performed on your configured infrastructure (local or cloud-based Frigate NVR instances), and raw video data remains within your network unless explicitly configured for cloud storage.

5. Data Sharing

We do not sell your personal information. We may share data only in the following circumstances:

  • Within your organization: Data is shared among team members according to their assigned roles and permissions
  • Third-party integrations: When you enable integrations (e.g., Telegram), relevant data is shared with those services as configured by your organization
  • Legal requirements: When required by law, legal process, or government request
  • Service providers: With trusted service providers who assist in operating the Service, under strict confidentiality agreements

6. Face Recognition Data

If your organization enables the face recognition feature, facial embeddings are generated from video frames for identification purposes. These embeddings are stored within your organization's data and are not shared across organizations. You are responsible for ensuring compliance with applicable biometric data laws and obtaining necessary consents before enabling this feature.

7. Data Retention

We retain your account and organization data for as long as your account is active. Analytics data is retained according to your organization's configuration settings. Upon account deletion or termination, we will delete your personal data within 30 days, except where retention is required by law. Anonymized, aggregated data may be retained for service improvement purposes.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to or restrict certain processing activities
  • Withdraw consent where processing is based on consent

To exercise these rights, contact us at the email address listed below.

9. Cookies and Tracking

The Service uses essential cookies for authentication and session management. We do not use third-party advertising cookies. Functional cookies may be used to remember your preferences such as theme settings and dashboard configurations.

10. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service and updating the "Last updated" date. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at [email protected].

Privacy Policy | bandobast.ai