Privacy policy
Effective date: June 12, 2026
CorvoCam is a remote-camera app: one device acts as a camera (time-lapse and motion capture), and your other devices act as viewers. This policy describes what data the app handles, where it goes, and your choices.
Data we collect and why
Email address and password — your viewer account (sign-in, pairing cameras to you). Stored with Supabase, our backend provider; passwords are hashed.
Photos captured by your camera device — the time-lapse and motion frames you asked the camera to capture, synced so your viewers can see them remotely. Stored on your camera device and in Supabase cloud storage, private to your account.
Live video and audio — live view, optional live audio (off by default, explicit consent required in-app) and push-to-talk. Streamed directly between your devices with WebRTC encryption; when a direct connection is impossible, an encrypted relay (metered.ca TURN) forwards the stream. Live streams are not recorded or stored by us.
Device health (battery level, free storage, last-seen time) — shown on your viewer’s camera list and powering low-battery and low-storage alerts. Stored in Supabase, private to your account.
Push notification tokens — for delivering camera alerts (battery, storage, motion) to your viewer devices. Stored in Supabase; delivery via the Expo push service and Google Firebase Cloud Messaging.
Capture settings and alert history — remote control of your camera and the alert log in the app. Stored in Supabase, private to your account.
What we do NOT do
No ads, no analytics sold to anyone, no sale or sharing of your data for marketing.
No location collection. Captured photos are not tagged with location.
Live streams are never recorded by our servers; relays forward encrypted packets only.
The microphone is used only for the optional live-audio and push-to-talk features, and only while you use them.
Background camera use
CorvoCam’s purpose is unattended capture: when you start a time-lapse or motion job on a camera device, that device keeps capturing while the screen is dimmed, using an Android foreground service with a persistent notification. Capture only happens on a device you set up as a camera, only after you start a job, and is always indicated by the service notification.
Service providers
We use Supabase (authentication, database, file storage, realtime messaging), Expo and Google Firebase Cloud Messaging (push notification delivery), and metered.ca (encrypted live-stream relay). These providers process data on our behalf and are not permitted to use it for their own purposes. Error diagnostics (Sentry) may be enabled to help fix crashes; diagnostics never include your photos or streams.
Data retention and deletion
Captured frames follow the retention settings you choose in the app and are deleted from the camera device per those settings. Cloud-synced frames remain until you delete them or delete your account.
Account deletion
In the app, open Account and tap “Delete account” (tap twice to confirm). This immediately and permanently deletes your account and all associated cloud data: frames, cameras, settings, alert history and push tokens.
Alternatively, email support@nestcalc.ai from your account email with the subject “Delete my account”. Deletion completes within 30 days.
Children
CorvoCam is not directed at children and does not knowingly collect data from children.
Changes
We will update this page when the policy changes and note the new effective date above.
Contact
support@nestcalc.ai