Privacy Policy

Last Updated: February 2026

1. Introduction

ScreenStop ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our software and services.

2. Information We Collect

2.1 Camera and Detection Data

ScreenStop uses your device's camera to detect security threats. We process camera frames locally on your device. Camera frames are not stored or transmitted to our servers. Only detection events (e.g., phone detected, unauthorized person) are logged and may be transmitted to your organization's dashboard for security monitoring.

2.2 Event Logs

We collect security event logs including:

  • Detection events (phone detected, camera covered, unauthorized access)
  • System events (lock triggered, unlock, application start/stop)
  • Timestamp and device identifier for each event
  • Detection confidence scores and metadata

2.3 Device Information

We collect:

  • Device ID and hostname
  • Operating system version
  • Application version and configuration
  • System performance metrics

2.4 User Information

For enterprise deployments, we may collect:

  • User email and authentication credentials
  • Department and role information
  • Face recognition enrollment data (stored locally and encrypted)

3. How We Use Your Information

We use collected information to:

  • Provide security monitoring and threat detection services
  • Generate security reports and analytics for your organization
  • Improve our detection algorithms and service quality
  • Troubleshoot technical issues and provide customer support
  • Comply with legal obligations and protect our rights

4. Data Storage and Security

4.1 Local Storage

Camera frames and face recognition data are processed and stored locally on your device. This data is encrypted and never transmitted to external servers.

4.2 Cloud Storage

Event logs and system metrics are transmitted to secure cloud servers for enterprise dashboard access. We use industry-standard encryption (TLS 1.3) for data in transit and AES-256 encryption for data at rest.

4.3 Data Retention

Event logs are retained for 90 days by default. Your organization's administrator can configure retention periods based on compliance requirements.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share information with:

  • Your Organization: Event logs and security reports are accessible to authorized administrators
  • Service Providers: Cloud infrastructure providers (Google Cloud Platform) under strict data processing agreements
  • Legal Requirements: When required by law or to protect our legal rights

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Object to or restrict processing
  • Data portability
  • Withdraw consent

For enterprise deployments, please contact your organization's administrator to exercise these rights.

7. GDPR Compliance

For users in the European Economic Area (EEA), we process personal data in accordance with GDPR. Our legal basis for processing includes:

  • Contract performance (providing security services)
  • Legitimate interests (security monitoring and fraud prevention)
  • Legal obligations (compliance requirements)
  • Consent (where applicable)

8. Children's Privacy

Our Service is not intended for use by children under 18 years of age. We do not knowingly collect personal information from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

support@screenstop.co