Privacy Policy

Last updated: May 1, 2026

uHaveControl ("we", "us", "our") provides remote device monitoring and control services through a web platform and mobile app (the "Service"). This Privacy Policy explains what information we collect, how we use it, and the choices you have. By using the Service you agree to this policy.

1. Information We Collect

• Account information: username, email, optional phone number, hashed password.
• Device information: identifiers, names, configurations, and telemetry from devices you connect to the Service.
• Usage information: commands you issue, audit logs (timestamp, action, IP address, user agent), and authentication events.
• Mobile-specific: push notification tokens (if you enable notifications), app version, OS, device model.
• Diagnostic data: crash reports and performance traces (e.g., via Sentry), with personal identifiers stripped where feasible.

We do not collect contacts, photos, location, or microphone data. We do not use advertising identifiers.

2. How We Use Information

• To operate the Service: authenticate you, route commands to your devices, and display device state.
• To send transactional notifications (e.g., device offline alerts) — only categories you have enabled.
• To maintain audit logs for security, accountability, and compliance.
• To diagnose crashes and improve reliability.
• To respond to support requests.

We do not sell personal information. We do not use your data for advertising.

3. Sharing

We share data only with:

• Cloud infrastructure providers (e.g., AWS) that host the Service.
• Push notification providers (Apple APNs, Google FCM, Expo) strictly to deliver notifications you have opted into.
• Diagnostic providers (e.g., Sentry) for crash reporting.
• Law enforcement when required by valid legal process.

4. Data Retention

We retain account and device data while your account is active. Audit logs are retained for up to 24 months for security and compliance, and may be retained longer if legally required. Crash reports are retained for 90 days.

5. Your Rights and Choices

• Access and correction: view and update your profile in Settings.
• Notifications: toggle categories in Settings → Notifications.
• Account deletion: delete your account from Settings → Delete Account in the mobile app, or visit our account deletion page. For your protection, deletion is processed via a 30-day grace period: your account is deactivated immediately (login disabled, push notifications stopped) and personal data is permanently removed 30 days later. During this window you may log in to cancel the deletion. After the grace period, the account and personal data are erased; audit log entries are anonymized rather than removed where retention is legally required.
• EEA/UK/California residents: you may have additional rights under GDPR/CCPA including data portability and the right to object. Contact us using the details below to exercise these rights.

6. Security

We use industry-standard safeguards including TLS in transit, hashed passwords, short-lived bearer tokens for the mobile app, role-based access control on devices, and secure key storage on device. No system is perfectly secure; promptly report suspected vulnerabilities to the address below.

7. Children

The Service is not directed to children under 13 and we do not knowingly collect data from them.

8. Changes

We will update this page when material changes occur. The "Last updated" date above reflects the latest revision.

9. Contact

Questions or requests: support@uhavecontrol.com.