Privacy Policy

Last updated: June 3, 2026

1. Information We Collect

We collect the following types of information when you use CriticalVue:

  • Account information: Username, email address, organization name, and hashed password
  • Usage data: Login times, actions performed, pages visited, and feature usage
  • Camera and device metadata: Camera names, IP addresses, connection status, platform type, and configuration details
  • Technical data: IP address, browser type, user agent, and device information
  • Cookies: Session cookies and optional remember-me cookies

CriticalVue does not stream or store continuous video. We capture periodic thumbnail snapshots from each camera so you can verify it is functioning; these snapshots are stored with our object-storage provider (see Section 5). Snapshot retention depends on your plan tier and any retention add-on, ranging from no archival on free trials up to a maximum of 12 months for historical comparison (see Section 4).

2. How We Use Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Authenticate users and manage access control
  • Monitor camera connectivity and generate status reports
  • Maintain audit trails for security and compliance
  • Send transactional emails (account verification, password resets, invitations)
  • Detect and prevent unauthorized access or abuse
  • Improve the Service and develop new features

3. Data Storage and Security

We take the security of your data seriously and implement the following measures:

  • Passwords are stored using strong, industry-standard one-way hashing and are never stored in plain text
  • Device credentials are protected with strong, industry-standard encryption at rest
  • The application is designed to protect against common web vulnerabilities, including injection and cross-site request forgery
  • Rate limiting is applied to authentication-related endpoints to deter abuse
  • All connections are encrypted in transit using current TLS standards

4. Data Retention

Data retention periods vary by plan tier:

  • Free Trial: Camera downtime and audit logs retained for 7 days
  • Professional: Logs retained for 30 days
  • Enterprise: Logs retained for 365 days

Account data is retained for the duration of your active subscription. If a free trial expires and is not upgraded, account data may be permanently deleted after a grace period of 30 days following expiration.

5. Third-Party Service Providers (Sub-processors)

We use the following third-party providers to deliver the Service. Each only receives the minimum data needed for its function and is bound by its own published privacy policy.

  • DigitalOcean — Cloud infrastructure hosting. Provides the secure cloud infrastructure on which the Service operates and where your account and related data are stored. Data is hosted in the United States.
  • Stripe — Payment processing and subscription billing. Receives your name, email address, billing details, and the payment method tokens needed to charge your subscription. Card numbers are entered directly into Stripe-hosted UI and never touch our servers.
  • SendGrid — Transactional email delivery (account verification, password resets, welcome emails, invitations, cancellation confirmations, alert and daily-report emails). Receives recipient email addresses and the content of the email being sent.
  • Wasabi — Object storage for camera thumbnail snapshots and encrypted database backups. Receives the snapshot images, the storage path, and the backup files.
  • Google (Gemini API) — AI-generated daily report summaries. Receives aggregated camera-health data for the past 24 hours (camera names, online/offline counts, event log summaries) used to produce the human-readable summary; it does not receive image content, user passwords, or billing data.

We do not sell, rent, or share your personal information for marketing or advertising purposes, and we do not engage in "cross-context behavioral advertising" as defined by California law.

6. Cookies

CriticalVue uses the following cookies:

  • Session cookie: Essential for authentication and session management. Expires when you close your browser.
  • Remember-me cookie: Optional. If you select "Remember me" at login, a secure cookie is set for 30 days to keep you signed in.

We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

7. Your Rights

You have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate personal data
  • Deletion: Request deletion of your account and associated data

To exercise any of these rights, please contact us at the email address listed below. We will respond to your request within 30 days.

8. Data Sharing

We do not sell your personal information. We may disclose your information only in the following circumstances:

  • When required by law, court order, or governmental authority
  • To protect the rights, safety, or property of CriticalVue or its users
  • In connection with a merger, acquisition, or sale of assets (with prior notice)

9. Age Restriction

CriticalVue is a business tool intended solely for use by individuals who are at least 18 years of age. The Service is not directed to minors, and we do not knowingly collect personal information from anyone under 18. If we become aware that we have collected personal information from an individual under 18, we will take steps to delete that information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be effective when posted to this page with an updated "Last updated" date. Your continued use of the Service after changes are posted constitutes your acceptance of the revised policy. We encourage you to review this policy periodically.

11. Contact

If you have questions about this Privacy Policy or our data practices, please contact us at:

[email protected]