Privacy Policy

Last updated: April 21, 2026

OMNIVIEW ("we", "us", "our") operates the website omniview.live and provides video synchronization services. This policy explains what data we collect, why, and how we protect it.

    In short: We collect only what we need to run the service. We don't sell your data. We don't use tracking or analytics. Your data is stored on servers in Germany (EU).

1. Data we collect

Account information

When you create an account, we collect:

Name — to identify you in the dashboard
Email address — for login, verification, and notifications
Password — stored securely using bcrypt hashing (we never store or see your actual password)
Organization (optional) — displayed in your dashboard

Video uploads

When you or your event attendees upload videos, we collect:

Video file — stored on our servers for synchronization and playback
GPS location (optional) — used to show camera positions on the event map. Only collected with explicit browser permission.
Compass heading (optional) — used to determine camera direction
Device timestamp — used for synchronization

Event Attendees (Non-account holders)

If you upload a video via an event's upload link (e.g. after scanning a QR code at a live event), we collect:

Video file — stored on our servers for synchronization and playback as part of the event
GPS location (optional) — only collected with your explicit browser permission, used to show camera positions on the event map
Compass heading (optional) — used to determine camera direction
Device timestamp — used for synchronization
Location description (optional) — free-text field you may fill in (e.g. "Main stage, left side")

We do not require you to create an account to upload. We do not collect your name, email address, or any device identifiers. Uploaded videos are associated with the event, not with you personally.

Visual data

Videos uploaded to the Service — whether by account holders or event attendees — may contain images of people, including recognizable faces and other visual features. OMNIVIEW processes these videos solely for synchronization and playback purposes. We do not perform facial recognition, biometric analysis, or any form of individual identification on video content.

The event organizer who created the event is the data controller for the video content and is responsible for informing attendees that filming is taking place and that videos may be collected and published via the OMNIVIEW viewer.

Payment information

Payments are processed by Stripe. We never see or store your full credit card number, bank account details, or iDEAL credentials. Stripe handles all payment data under their own privacy policy.

Cookies

We use a single session cookie (omniview_session) to keep you logged in. This cookie:

Is HTTP-only (not accessible to JavaScript)
Expires after 72 hours
Contains only your session token — no tracking data

We do not use analytics cookies, advertising cookies, or third-party tracking.

2. How we use your data

Provide the service — synchronize videos, display the viewer, manage your events
Authentication — verify your identity and protect your account
Notifications — send verification emails, password resets, and sync status updates
Payments — process upgrades via Stripe

We do not use your data for advertising, profiling, or selling to third parties.

3. Third-party services

We share data with the following services, only as needed to operate:

Stripe (payments) — receives your email and plan selection during checkout. Stripe Privacy Policy
Resend (email delivery) — receives your email address and name to deliver notifications. Resend Privacy Policy
Google Fonts (typography) — fonts are loaded from Google servers. Google Privacy Policy

4. Where your data is stored

All data is stored on servers hosted by Hetzner in Germany (EU). This means your data is protected under the General Data Protection Regulation (GDPR) and European data protection laws.

5. How long we keep your data

Account data — kept as long as your account exists. Delete your account by contacting us.
Videos — kept for the duration specified by the event organizer's plan (30 days for Free, 12 months for Pro, 24 months for Business). After expiration, videos and all associated metadata (GPS, timestamps, sync data) are permanently and automatically deleted. This applies to videos uploaded by account holders and event attendees alike.
Payment records — retained as required by tax law (typically 7 years).

6. Your rights (GDPR)

As an EU resident, you have the right to:

Access — request a copy of your personal data
Rectification — correct inaccurate data
Erasure — request deletion of your data ("right to be forgotten")
Portability — receive your data in a machine-readable format
Object — object to data processing

To exercise any of these rights, email us at privacy@omniview.live.

7. Security

We protect your data with:

HTTPS/TLS encryption for all connections
bcrypt password hashing
HTTP-only session cookies
Server-side input validation

8. Changes to this policy

We may update this policy from time to time. Significant changes will be communicated via email or a notice on the website. The "last updated" date at the top reflects the most recent version.

9. Contact

Questions about this privacy policy? Contact us at privacy@omniview.live.