Privacy & Cookie Policy

Last updated: 25 June 2026

1. Introduction

AD Infratech (Pty) Ltd ("Company", "we", "us") respects your privacy and is committed to protecting your personal information in accordance with the Protection of Personal Information Act (POPIA) of South Africa and applicable international privacy laws.

This policy explains what information we collect, how we use it, and your rights regarding your data.

2. Information We Collect

Account Information

When you register, we collect your name, email address, and optionally your company name and phone number. This information is used to create your account, issue your license, and provide support.

Cloud Account & Remote Access

If you use the optional Ividiyo Cloud portal for remote access, we store your cloud account email, name, and a securely hashed password. If you enable two-factor authentication, we also store your 2FA configuration and securely hashed backup codes. To deliver mobile push notifications, we store the device push tokens you register. When your VMS connects through our relay servers, we process the connection metadata (timestamps, site identifiers, IP addresses) needed to broker the connection.

Remote video streams are end-to-end encrypted between your VMS and your device. Our relay servers pass through this encrypted traffic but cannot decrypt or view your footage.

Payment Information

Payment is processed by our authorized payment partner. We do not store credit card numbers or bank details. Our payment partner may share transaction confirmations, billing addresses, and subscription status with us.

Software Telemetry

The Ividiyo software collects anonymous usage telemetry during license validation, including:

  • Camera count and server count
  • Software version
  • Hardware information (CPU architecture, RAM, GPU type)
  • Feature usage (which features are enabled)
  • IP address (for license validation and abuse prevention)

We never collect, transmit, or have access to your video footage, camera feeds, recordings, or any surveillance data. All video data remains entirely on your own hardware.

Website Analytics

Our website may use standard analytics to understand traffic and improve the user experience. No personally identifiable information is shared with analytics providers.

3. How We Use Your Information

  • To create and manage your account and license
  • To process payments and manage subscriptions
  • To provide customer support
  • To validate license compliance
  • To detect and prevent license abuse (e.g., cloned installations)
  • To send important product updates and security notices
  • To improve the software based on anonymous usage patterns

We will never sell your personal information to third parties. We do not send marketing emails unless you explicitly opt in.

4. Data Storage and Security

Your account information is stored on secure servers. We use industry-standard encryption for data in transit (TLS) and at rest. Access to personal data is restricted to authorized personnel only.

License keys are signed using RSA cryptography and validated via secure phone-home calls to our license server.

5. Data Retention

We retain your account information for as long as your account is active. Telemetry logs are retained for 90 days. If you delete your account, we will remove your personal information within 30 days, except where retention is required by law.

6. Your Rights

Under POPIA and applicable privacy laws, you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your personal information
  • Object to the processing of your personal information
  • Request a copy of your data in a portable format

To exercise any of these rights, contact us at [email protected].

7. Third Parties

We share personal information only with the sub-processors below, solely as necessary to operate the Service:

  • Paddle — payment processing and subscription billing
  • Resend — transactional email (account verification, sign-in codes, receipts, support)
  • Cloudflare — DNS and content delivery / edge security
  • Vultr and Microsoft Azure — cloud server hosting for the account database and relay servers

We do not share your information with advertisers, data brokers, or any other third parties, and we never sell personal information.

International Transfers

Our cloud account data and relay servers are hosted in the European Union (Frankfurt) and South Africa. Where your personal information is transferred across borders, we rely on appropriate safeguards, and remote video remains end-to-end encrypted in transit.

8. Cookies

We use only strictly-necessary cookies — there are no advertising, analytics, or cross-site tracking cookies, so no cookie-consent banner is required to use the Cloud portal. The cookies we set are:

CookiePurposeLifetime
cloud_tokenKeeps you signed in to the Cloud portal (authentication session)7 days
portal_sessionMaintains your active remote-access session to a site7 days
portal_site_id, portal_userRemembers which site you are connected to and your roleSession
portal_themeRemembers your light/dark appearance preference1 year

If our marketing website ever introduces analytics or other non-essential cookies, we will ask for your consent first.

9. Children

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the software. The "Last updated" date at the top of this page indicates when the policy was last revised.

11. Contact

For privacy-related questions or requests, contact us at:

AD Infratech (Pty) Ltd
Information Officer (POPIA): [email protected]
South Africa