Version 3.0, released on the 11th of March 2023
LineCast aims at providing a reliable CCTV service at a low price point. We have elaborated a strict privacy policy which is, we believe, one of LineCast's strongest points due to its main principle of only involving the data which is critical for the service functionality. This page describes in detail how we deal with the captured data and the personal information and covers security-related aspects.
Here is a resume of our privacy policy:
A detailed description follows.
"App" in this document refers to the software the user installs on an Android device. This device is further referred to as a "Camera Device".
"Web Viewer" refers to a web page where the user can see the video content captured by the App, optionally listen to the audio captured by the App, control the device camera parameters and use a microphone connected to the device the web page is viewed on, in order to send audio back to the Camera Device loudspeaker.
"Captured media content" or simply "media content" in this document refers to the video content captured by the App on the Camera Device, optionally the audio content captured by the App on the Camera Device, and (3) optionally the audio content captured by the Web Viewer sent back to the Camera Device loudspeaker.
"Server" in this document refers to a computer the App and the Web Viewer communicate with through the Internet.
"Service" refers to either the App, the Server or the Web Viewer functionalities or their combination.
"Capture session" in this document refers to a period of time between the moment when the user initiates the process of capturing the media content in the App and one of the following: (1) the user terminates the capture in the App, (2) the capture duration reaches a limit according to the current subscription plan, (3) the Internet connection between the Camera Device and the Server is interrupted for 31 day.
Besides the captured media content, the App contains no features making use of any information that may be available on the Camera Device related to the user identity, birth date or age, gender, e-mail, phone number, contacts, localization, accounts, payment information, activity, files, other apps installed, or any other kind of information which may be classified as personal.
The App does not request permission and does not try to access this information in any way. None of this is needed for the service functionality, and none of this is used for any kind of marketing purposes. Namely, there is no advertisement served either in the App or the Web Viewer page.
LineCast uses Google Payments services to process in-app purchases in a fully anonymous and isolated way with respect to the user identity. This is the most common way for apps available on Google Play to process in-app purchases.
No personal information of any kind is obtained from Google Payments when processing a purchase. The App merely verifies the fact (state) of purchasing a particular subscription or pass on a given Camera Device regardless of the identity of the person initiated the purchase or any payment details. The user does not interact with the App directly during the payment process, e.g. when selecting a payment method or entering a bank card details. This interaction is handled by Google Payments services, and the App has no technical ability to intercept it.
Any information the user provides during the purchase process is then processed by Google Payments with its respective privacy policy given here.
Neither the App nor the Web Viewer contain analytics services or user behavior trackers.
No third-party cookies are used in the Web Viewer. The Web Viewer uses cookies only to handle the user authentication. This is necessary for the service functionality.
The App requires access to the device cameras and microphone to capture the media content.
This access is granted upon an explicit approval by the user. Without this explicit approval, the App cannot use the device cameras and microphone, and no video or audio can be captured. This is a security measure enforced by the Android operating system and cannot be bypassed in any way.
The camera video access is critical to the service and is mandatory for the App to work. The microphone access is optional and can be denied by the user, in which case only video is captured.
If the user enables the optional backward audio feature in the Web Viewer to send audio back to the Camera Device loudspeaker, the Web Viewer requests access to the microphone of the device it is visited from. The access is granted upon an explicit approval by the user. Without this explicit approval, the Web Viewer cannot use the microphone, and no audio data is captured on the viewer side. This is a security measure enforced by web browsers and cannot be bypassed in any way.
If the user enables "dashcam mode" feature during the capture session setup, the App records video and audio and stores it on the Camera Device. If this feature is disabled, no video and audio data is recorded at any moment.
The Server handles transmission of the captured media content from the Camera Device to the Web Viewer. If the user enables the backward audio feature in the Web Viewer, the audio signal from the Web Viewer is transmitted to the Camera Device loudspeaker.
If "dashcam mode" is enabled, the user can download the recorded content, effectively making its copy on the device they connect to the camera from. When the user initiates the download of a selected recording, the web browser running on the corresponding device downloads and writes the content to the filesystem of this device, which cannot be accessed by any component of the Service. The user is therefore fully responsible for what happens to the downloaded content.
In any event or configuration, the captured media content is stored in a copyable form during its transmission by the service, even temporally. In some contexts this is referred to as "ephemeral processing": during its transmission from the camera device to the user, the content exists only in volatile memory for a short period of time, and cannot be extracted, copied or distributed in a file form.
When the App is capturing video and/or audio, a foreground notification and a corresponding icon are visible in the system tray on the Camera Device when its display is on. These notification elements are persistent during the capture session and cannot be hidden while the camera or the microphone is used by the App. They disappear only when the capture session is terminated or interrupted, implying that neither camera nor microphone is used by the App. This is a security measure enforced by the Android operating system and cannot be bypassed in any way.
If the capture session is terminated by the user, or if its duration reaches a limit set by the current subscription plan, the capture session terminates irreversibly. A new capture session cannot be started automatically in any way without interacting with the user.
The capture session may be temporarily interrupted by the Android operating system due to memory, battery or thermal constraints. When this temporary interruption occurs, the App stops using the camera and microphone, and the notification elements disappear from the Camera Device screen. For the service robustness purposes, in case of such an interruption the App tries to resume the capture session it was running before the interruption. If it succeeds to do so, the capture process is resumed, and the notification elements appear again on the Camera Device without interaction with the user.
Every capture session is uniquely identified by a secret access link. This link provides access to the Web Viewer, which asks for the password the user has entered in the App during the capture session setup. The password is only stored on the camera device, unless the user shares it with someone by interacting with the App. The password is never sent to the Server or the Web Viewer.
The App and the Server perform numerous additional security verifications before giving access to the captured media content. For example, if someone tries to enter invalid password many times, the access to the captured media content is temporarily blocked. In addition to the password-based authentication, LineCast implements a two-factor authentication procedure: once the user enters a valid password in the Web Viewer, the Web Viewer asks for a one-time security code from a TOTP app paired with the App during the capture session setup. The two-factor authentication is optional, can only be enabled in the App during the capture session setup and cannot be disabled for a given capture session.
It is important, however, for the user to keep the credentials information protected from unwanted access. Without the two-factor authentication, anyone having the link and the password can access the captured media content. In the event if the credentials are compromised, the user needs to terminate the capture session on the Camera Device.
Once the capture session terminates regardless of the exact reason for termination, the access link and the associated password are invalidated, so that the Camera Device cannot be accessed using the same credentials afterwards.
All the data exchanges between the App, the Server and the Web Viewer are fully encrypted using SSL (Secure Socket Layer).
We reserve the right to update LineCast privacy policy. The updates may be related to new features, changes in the existing implementations or be based on the user feedback. We do not plan any changes regarding the main principle of using only minimal necessary data critical to the service functionality.
The privacy policy is versioned. The version and the release date are given on top of this page.
©2022 LineCast. All rights reserved.