Privacy Policy

This policy describes how SpyDocs (“we”, “us”), operated by OneBase Technologies (OPC) PVT. LTD., handles information when you use our website, edge devices, and cloud dashboard. Because SpyDocs processes video-related security data, we aim to be explicit about what leaves your premises and who can access it.

Last updated: 18 March 2026. If you have questions, contact contact@spydocs.com.

Information we collect

Account and contact data

When you request a demo, sign in, or correspond with us, we may collect your name, email address, phone number, organisation name (society, shop, company), and messages you send through our contact forms.

CCTV and security event data

When SpyDocs is deployed at your site, our edge device analyses RTSP streams from cameras you configure. Meaningful event frames — such as detections of people, vehicles, or licence plates — may be uploaded to our cloud infrastructure (hosted on AWS) for indexing, search, ANPR OCR, alerts, and playback in the Watch dashboard. We do not continuously upload full 24/7 raw video from every channel unless explicitly agreed for your deployment.

Technical and usage data

We collect device health signals, software versions, error logs, and dashboard usage metrics to keep the service reliable. Our marketing website may use standard server logs (IP address, browser type, pages visited).

How we use information

• Provide AI detection, search, ANPR, alerts, and multi-camera review
• Operate, secure, and improve the SpyDocs platform
• Respond to support requests and deployment issues
• Send service-related notices (not unrelated marketing without consent)
• Meet legal obligations where applicable

Storage, retention, and location

Event frames and derived metadata are stored in cloud regions used for your deployment, typically AWS. Retention periods depend on your plan and site configuration — for example, how many days of indexed events you keep for search and ANPR logs. Raw NVR recording on your premises remains under your control unless you configure otherwise.

When your contract ends or you request deletion, we delete or anonymise customer cloud data within a reasonable period, subject to backups and legal hold requirements.

Who can access data

Access inside your organisation is controlled by account roles you assign (for example, security supervisor vs committee viewer). OneBase staff may access data only when needed for support, with your authorisation, or to resolve a security incident affecting the platform. We do not sell CCTV footage or plate logs to third-party advertisers.

Sharing with service providers

We use infrastructure and communication providers — such as AWS for storage and compute, and notification channels you enable (for example Telegram) — to deliver the service. These providers process data on our instructions and under appropriate agreements.

Security

We use encryption in transit, access controls, and monitoring appropriate for a security product. No system is perfectly secure; you are responsible for securing camera credentials, local network access, and devices on your LAN.

Your rights and choices

Depending on applicable law — including evolving requirements in India — you may request access, correction, or deletion of personal data we hold about you as an account holder. Society and business customers should also define internal policies for visitor plate data and who may search logs. Contact contact@spydocs.com to submit a request.

Children

SpyDocs is a B2B and property-security product not directed at children. Footage may incidentally include minors in public areas covered by your cameras; that processing is controlled by the customer operating the CCTV system.

Changes to this policy

We may update this page when our practices change. Material updates will be reflected in the “last updated” date above. Continued use of the service after changes constitutes acceptance where permitted by law.