Volteec Privacy Policy

Last updated: 2026-02-18

This Privacy Policy explains how Volteec (“Volteec”, “we”, “us”, “our”) processes information when you use:

  • Volteec iOS App (“App”)
  • Volteec Backend (“Backend”) – self-hosted software you operate
  • Volteec Push Relay (“Relay”) – the hosted push relay service
  • Volteec Website (“Website”) – pages, contact, and related site services

Contact: [email protected]

1) Who is responsible for the data

App: Volteec provides the software. Data stored on your device is under your control.

Backend (self-hosted): the operator of the backend server (you or your organization) is the data controller for backend data.

Relay (hosted): Volteec is the data controller for data processed and stored by the Relay service.

Website: Volteec is responsible for data processed through the Website. We may use service providers (for example, hosting and security providers) that process technical data on our behalf as processors.

2) Data we collect and process

App (on device):

  • Server configuration you add (server name, server URL, and an authentication token for your Backend)
  • UPS list and last known status/telemetry returned by your Backend (may include device metadata such as model/serial/vendor IDs, depending on what your Backend provides)
  • App settings (for example: demo mode, refresh interval, display preferences)
  • APNs device token (stored securely in iOS Keychain)
  • Relay pairing info per server (Relay URL, tenant ID, installation ID, session token; stored securely in iOS Keychain)
  • Relay “device ID” (a randomly generated UUID stored securely in iOS Keychain)
  • UPS visibility preferences (which UPS devices are hidden from notifications), stored in shared app storage accessible by the notification service extension
  • Server and UPS display aliases stored locally and in shared app storage (used for human-readable notification content)
  • Local diagnostic logs stored in the app’s cache directory (timestamps, event types, server and UPS identifiers, and status values). These logs are not sent automatically; you may export them manually through the app’s diagnostics settings.

Backend (self-hosted):

  • UPS telemetry and status stored by your Backend (battery/runtime/load, input/output voltage, online/on_battery/offline status, etc.)
  • Extended UPS metadata from NUT/SNMP, depending on configuration (may include driver versions, diagnostics fields, and device/UPS identity fields such as model/serial/vendor/product IDs)
  • Registered devices for notifications: your Backend stores device registrations that include UPS ID, optional UPS alias, push environment (sandbox/production), an encrypted APNs device token, and a token hash used for lookups/deduplication
  • Authentication and access logs produced by your server configuration; on authentication failures, logs may include a SHA-256 hash of the client IP address, plus request path and method
  • Relay integration data (if enabled): your Backend sends signed requests to the Relay service to create pairing codes and deliver push events (the Backend does not receive your device tokens back from Relay)

Relay (hosted):

  • Tenant records (tenant ID, encrypted tenant secret, status, timestamps; optional server heartbeat metadata including server status (online/offline), last heartbeat timestamp, and server identifier)
  • Installations (installation ID, platform, notifications enabled, last seen timestamp)
  • Session tokens for app-to-relay authenticated operations (time-limited)
  • APNs device tokens stored encrypted at rest, plus a SHA-256 token hash used for deduplication
  • Pairing codes (short-lived)
  • UPS visibility rules per installation (which UPS devices are hidden from push notifications for a given device)
  • Event receipts (tenant ID + event ID) used to prevent duplicate processing (idempotency)
  • Relay credential records (tenant ID + app-generated device ID + environment + timestamps)
  • Security/abuse prevention: a hashed client IP (SHA-256 with a server-side salt) used for rate limiting and logged for monitoring

Website:

  • Information you submit through the Website (for example, when you contact us): email address and the contents of your message
  • Technical data needed to serve and protect the Website (for example: IP address, user agent, request timestamps, and requested URLs in server/proxy logs)
  • Cookies and similar technologies that are necessary for the Website to function and for security (for example, to prevent abuse or maintain sessions). If we enable optional analytics or marketing cookies in the future, we will update this policy and, where required, request consent.

We do not collect names, emails, or personal profiles by default through the App or Relay. Website contact data is collected only when you submit it to us.

3) Why we process data (purposes)

  • Provide UPS monitoring and real-time updates through your self-hosted Backend
  • Deliver push notifications to your devices through Apple Push Notification service (APNs)
  • Secure pairing and prevent abuse (rate limiting, replay prevention)
  • Monitor Backend server availability and notify users of server status changes (online/offline)
  • Operate and protect service reliability and security
  • Respond to inquiries and provide support when you contact us via the Website or email

4) Legal basis (GDPR)

Where GDPR applies, we rely on:

  • Contract: to provide the services you request
  • Legitimate interests: security, abuse prevention, and service reliability
  • Consent: push notifications (you can opt out in iOS Settings)

5) Where data is stored

  • App data: stored locally on your device
  • Backend data: stored on your own server (you control location and storage)
  • Relay data: stored on Volteec-hosted servers used for push delivery and security
  • Website data: stored and processed on Volteec systems and/or service providers used to host and protect the Website

6) Data retention

Relay:

  • Pairing codes: expire after approximately 10 minutes
  • Session tokens: expire after approximately 24 hours
  • Invalid device tokens: deleted after approximately 90 days from the last failure timestamp (or creation time if missing)
  • Installations with no device tokens: may be deleted after approximately 90 days based on creation time
  • UPS visibility rules: retained as long as the associated installation exists; deleted when you unpair
  • Event receipts (tenant ID + event ID): retained for operational purposes to prevent duplicate processing
  • Relay credential records (device ID, environment, timestamps): retained for operational and security purposes
  • Logs (may include hashed client IP for security/abuse prevention): retained as needed for operations and security, and handled according to the hosting/logging configuration

Backend: Retention is controlled by the backend operator (you). By default, the Backend stores registered devices and UPS status/telemetry in its database until the operator deletes them (no automatic cleanup is defined by default).

App: Stored until you delete the app, remove configured servers/devices, or clear the app’s data. Diagnostic logs are stored in the app’s cache directory and rotated automatically (approximately 1 MB per log file).

Website: We retain contact requests and related correspondence for as long as needed to respond and for recordkeeping/security purposes. We retain technical logs for operational and security purposes and remove or rotate them according to the hosting/logging configuration.

7) Data sharing

We do not sell your data. We share only what is necessary to deliver notifications and operate the services:

  • Apple Push Notification Service (APNs) receives device tokens and notification payloads required to deliver notifications. Notification payloads may include event type, UPS identifier, status, server identifier, environment, event identifier, timestamp, tenant identifier, and battery level.
  • Website service providers (for example, hosting/security providers) may process technical data as processors to deliver and protect the Website.

8) Security

We use industry-standard protections including:

  • TLS for data in transit where applicable
  • Signed requests between the Backend and Relay to authenticate sensitive operations
  • Replay protection for sensitive operations
  • Automatic credential rotation with grace periods (where applicable)
  • Encryption at rest for APNs device tokens stored on the Relay
  • Redaction of sensitive fields from certain service logs (where applicable)
  • Access controls on Relay infrastructure
  • Security measures on the Website and supporting infrastructure to prevent abuse and unauthorized access

9) International transfers

Relay and Website data may be processed in the region where the services are hosted. If you are outside that region, data may be transferred internationally.

10) Your rights

Where applicable, you have the right to:

  • Access your data
  • Correct inaccurate data
  • Delete data
  • Restrict or object to processing
  • Data portability

How to exercise your rights:

  • Relay data: you can unpair your devices through the App to delete your installation and device tokens from the Relay. For other requests, contact [email protected] with your request.
  • Backend data: contact your backend operator (you) since it is self-hosted.
  • App data: you can delete the app or remove configured servers/devices.
  • Website data: contact [email protected] and describe your request.

11) Children’s privacy

The services are not directed to children under 13 (or the age required by local law).

12) Changes to this policy

We may update this policy. The “Last updated” date will reflect changes.

13) Contact

For privacy questions or requests:

[email protected]

Home · Get started · App · About · FAQ · Contact

Privacy · Terms · GitHub · Reddit · YouTube · [email protected]

© 2026 Volteec. A DIOND Software product.