Privacy Policy
Last updated: July 2026
Volve Vision (volvevision.com and the Volve Vision mobile apps) lets you watch public live cameras, save favorites, comment and submit your own cameras. This policy explains what data we process, why, and the choices you have. It applies to the website and the iOS/Android apps together; differences are called out explicitly.
Data you give us
Account: email address, password (stored as a salted hash), an auto-generated nickname, and optionally a display name, avatar and country. Google sign-in shares your Google account email and basic profile with us instead of a password.
Content: comments you post, cameras you submit (name, stream address, optional location and description) and support messages. Public content is visible to other visitors together with your nickname and avatar.
Data collected automatically
Technical logs: IP address, user-agent and request metadata, kept for security, abuse prevention and rate limiting.
Session data: authentication cookies (short-lived access token and a refresh token) and a list of your active sessions (device label, IP, last activity) that you can review and revoke in your profile.
Preferences: interface language and theme. In the mobile apps these are stored on your device.
Approximate usage statistics such as camera view counts, which are aggregated and not tied to a public profile.
Cookies and similar technologies
The website uses cookies for sign-in (httpOnly tokens), language preference and analytics/advertising described below. The mobile apps use the same authentication tokens via the system cookie store and do not contain advertising or third-party analytics SDKs.
Analytics and advertising (website)
On the website we use Google Analytics 4 and Google Tag Manager (usage analytics), Microsoft Clarity (aggregated interaction analysis), Meta Pixel (advertising measurement) and Google AdSense (advertising). These providers may set their own cookies and process pseudonymous identifiers under their own policies.
The mobile apps do not include AdSense, Google Analytics, Clarity or Meta Pixel.
Service providers
We rely on a small set of processors to run the product: Cloudflare (network security, bot protection via Turnstile), MapTiler (map tiles), YouTube (embedded players for YouTube-hosted cameras), Stripe (payments on the website only — the mobile apps contain no purchases), Google (sign-in), and an email delivery provider for verification codes and notifications. Each receives only the data needed for its function.
Purposes and legal bases
We process data to provide the service (contract), keep it secure and prevent abuse (legitimate interest), send verification and service emails (contract), improve the product with aggregated analytics (legitimate interest / consent where required) and show advertising on the website (consent where required).
We do not sell personal data.
Retention
Account data is kept while the account exists. Security logs and rate-limit records are kept for a short rolling window. Backups rotate on a fixed schedule. When the account is deleted, associated personal data is removed or anonymized within a reasonable period, except where law requires longer retention.
Your rights
You can access and update profile data in your account settings, review and revoke sessions, and export your data from the profile section. You may request access, correction, deletion or a copy of your data at any time via support. If you are in the EEA/UK, you also have the right to object, restrict processing and lodge a complaint with a supervisory authority.
Account deletion: contact [email protected] from your account email and we will delete the account and associated personal data. An in-app self-service deletion flow is being rolled out.
Children
The service is not directed at children under 16 and we do not knowingly collect their personal data. If you believe a child provided us data, contact support and we will delete it.
International transfers and changes
Our infrastructure and providers may process data outside your country; where GDPR applies, transfers rely on standard contractual clauses or equivalent safeguards of the respective provider.
We will update this page when the policy changes and adjust the date above. Material changes are announced on the website.
Contact
Privacy questions, data requests and deletion: [email protected]. Please write from the email associated with your account and describe your request; we respond within five business days.