OSH Home

Privacy Policy

This policy explains what data OSH Home processes, how it is used, how long it is retained, and how you can exercise your rights.

Published contact details No sale of personal data App-based deletion flow

Effective Date

March 26, 2026

Last Updated

March 26, 2026

Data Controller

Oleksandr Shmatko

Privacy Contact

shmatko1095@gmail.com

Quick Summary

  • We process account, device, telemetry, and diagnostics data to provide core app functionality.
  • We do not sell personal data.
  • You can request account deletion from the app and confirm via email link.
  • Certain records may be retained when required by law, security, or fraud prevention.

1. Scope

This policy applies to the OSH Home mobile application, including account sign-in, connected-device onboarding, device management, telemetry views, and related support and security operations.

2. Data We Process

  • Account and identity data: first name, last name, email address, internal user identifier, authentication tokens, and session data.
  • Device onboarding and management data: device identifiers, QR or onboarding data, device assignment records, and device settings or labels you submit through the app.
  • Connected-device data: device status, configuration data, telemetry, and telemetry history made available through OSH devices and supporting backend services.
  • Permission-based data: camera access for QR scanning, Bluetooth access for BLE provisioning, and location access on Android where required for BLE discovery.
  • Diagnostics and security data: crash reports, technical logs, app version, operating system details, and device metadata needed to diagnose failures and protect the service.
  • Local device data: session tokens and selected app preferences stored on your device, including secure local storage where supported.

3. How We Collect Data

  • Directly from you when you create an account, sign in, connect a device, rename a device, or submit information in the app.
  • From your device and operating system when you grant permissions required for QR scanning, BLE provisioning, image selection, connectivity, and secure session handling.
  • From connected OSH devices and backend services when the app retrieves configuration, state, and telemetry related to devices linked to your account.
  • From service providers that support authentication, infrastructure, and diagnostics.

4. Why We Process Data

  • To provide account authentication and session management.
  • To connect, provision, configure, and manage OSH devices.
  • To provide QR onboarding, BLE connectivity, telemetry, and device history features.
  • To troubleshoot failures and improve app reliability, availability, and security.
  • To provide support and comply with legal obligations.

5. Permissions and Device Features

The app may request access to the following device capabilities:

  • Camera: to scan QR codes during device onboarding.
  • Bluetooth: to discover and provision compatible devices over BLE.
  • Location on Android: required by the Android platform for BLE discovery while the app is in use.

If you deny a permission, some app features may be unavailable or only partially available.

7. Data Sharing

We may share data with service providers that support app functionality, including:

  • Infrastructure and hosting providers.
  • Authentication and identity providers used to support sign-in and session handling.
  • Error monitoring providers, including Firebase Crashlytics, for app stability and incident diagnosis.

We may also disclose data where required by law, to protect rights and security, or in connection with a business reorganization where permitted by applicable law.

We do not sell personal data.

8. Third-Party Services

The app relies on third-party components and service providers to support authentication, diagnostics, and infrastructure. These providers may process technical metadata, diagnostics, and identifiers needed to support sign-in, service stability, and issue investigation.

9. International Transfers

Some providers may process data outside your country. We apply safeguards required by applicable law.

10. Retention

  • Account and profile data are generally kept while your account remains active and until you request deletion, unless a longer retention period is required by law or for security purposes.
  • Device telemetry and telemetry history linked to app features are generally retained for up to 12 months.
  • Email communications sent to us for support or privacy requests may be retained for as long as needed to respond, maintain an audit trail of the request, and protect our legal interests.
  • We do not maintain a separate unlimited internal archive of app diagnostics beyond what is reasonably needed for service stability and incident handling.

11. Security

  • HTTPS/TLS for data in transit.
  • Access controls and operational safeguards.
  • Secure local storage for session-related data where supported.

12. Your Rights

Depending on your jurisdiction, you may request access, correction, deletion, restriction, objection, and withdrawal of consent.

Contact: shmatko1095@gmail.com

13. Account and Data Deletion

To request account deletion and deletion of associated data, use the dedicated account deletion flow.

Open Account Deletion Page
Certain records may be retained if required by law or for security and fraud prevention.

14. Children

The app does not contain content intended to harm children. If personal data relating to a child has been provided in a way that violates applicable law, contact us to request review and deletion.

15. Changes to This Policy

We may update this policy from time to time. The current version is published at this URL.

16. Contact

Oleksandr Shmatko

Bilorus'ka St, 6, Kharkiv, Kharkivs'ka oblast, Ukraine, 61000

shmatko1095@gmail.com