Legal & Compliance

Data Controls

CCTVpilot Product Data Controls Notice

Effective Date: 16th of July 2026 • Last Updated: 16th of July 2026

Product: CCTVpilot product and program services, including cctvpilot.com, app.cctvpilot.com, support.cctvpilot.com, partner.cctvpilot.com, and related CCTVpilot subdomains

Provider: LumoCodes (lumocodes.com)


1. Purpose and Relationship to the LumoCodes Privacy Policy

This Product Data Controls Notice is the supplementary product privacy notice for CCTVpilot. It supplements and does not replace the LumoCodes Privacy Policy. Both documents must be read together to understand how personal data is handled when you use CCTVpilot.

Division of scope:

  • The LumoCodes Privacy Policy governs company-level matters such as account registration, general technical data, payment and billing data, common service providers, retention principles, and general user rights.
  • This document provides the more specific inventory, provider disclosures, access rules, retention controls, and user procedures that apply to CCTVpilot. Where a provider or processing activity is described here but not named in the company-level policy, this document supplies the CCTVpilot-specific disclosure.

Where a matter is addressed in both documents, this document takes precedence with respect to CCTVpilot-specific data processing activities.

1.1 Support Site and Privacy Explanations

The help centre at support.cctvpilot.com may contain articles, tutorials, screenshots, and examples that explain CCTVpilot features, privacy settings, deletion steps, retention behaviour, or other data-handling procedures. Those Support Materials are explanatory guidance and may not immediately reflect every Service change. If a Support Material conflicts with the LumoCodes Privacy Policy, this notice, or Part B of the CCTVpilot Terms of Service, the applicable legal document governs according to its subject matter.

This precedence rule does not reduce LumoCodes’ obligation to provide notices required by applicable law or to take reasonable steps to correct a known material inaccuracy that could affect a person’s privacy choices or rights.


2. Data Controller and Processor Roles

2.1 LumoCodes as Data Controller

For data collected in the course of operating the CCTVpilot service — including your account credentials, usage analytics, feedback, and plan billing — LumoCodes is the data controller. Processing in this capacity is governed by the LumoCodes Privacy Policy as supplemented by this notice.

2.2 LumoCodes as Data Processor; You as Data Controller

For all personal data that you, as the account holder, input into CCTVpilot relating to your clients, vendors, and personnel, LumoCodes acts solely as a data processor on your behalf. You are the data controller in respect of such personal data.

As the data controller, you are solely responsible for:

  • (a) establishing and documenting a valid lawful basis for each category of personal data you process through the App;
  • (b) providing adequate privacy notices to the individuals whose personal data you input;
  • (c) handling data subject rights requests (including access, rectification, erasure, restriction, and portability) from those individuals; and
  • (d) ensuring that all personal data you input has been obtained and is used in a manner consistent with applicable data protection legislation.

LumoCodes processes such data on your documented instructions, including the instructions expressed through your configuration and use of the App’s features, subject to the DPA in Part B of the CCTVpilot Terms of Service.

Data processing agreement: Part B of the CCTVpilot Terms of Service contains the data processing agreement between you and LumoCodes where LumoCodes processes Customer Personal Data on your behalf.

Data minimisation advisory: You are encouraged to input only the personal data that is strictly necessary for your operational purposes. Fields such as emergency contact information and bank account details for personnel are optional and should only be populated where there is a clear operational need and, where required, the individual’s informed consent.

2.3 General Data Access and Sharing Principles

The following principles apply to all data stored through CCTVpilot, unless otherwise stated in a specific section of this notice:

  • Account isolation: Private workspace data is restricted to your authenticated account. The specific exceptions are public feedback that you choose to submit, limited Partner Rewards referral information described in Section 7.7, access by authorised LumoCodes personnel when reasonably necessary for support, security, legal compliance, or service administration, and processing by service providers needed to operate the Service.
  • Storage and processing infrastructure: Primary workspace data is stored using Google Firebase, operated by Google LLC. Selected search fields are synchronised to Algolia, billing and checkout data is transmitted to PayHere or another identified payment processor, limited usage analytics events may be sent to Google Analytics for Firebase unless you disable analytics, and website delivery or security may involve Cloudflare and external asset providers. These providers and flows are described in Section 13.
  • No sale or advertising use: We do not sell your data, share it with data brokers, or use user-input data for behavioural advertising, model training, or cross-account profiling. Service-provider processing is limited to operating, securing, searching, billing, supporting, and improving the Service.

3. Personnel and Payroll Data

3.1 Data Fields Collected

The App permits you to store records for employees, freelancers, contractors, and temporary staff. The following categories of personal data may be recorded per personnel record:

  • Identity: Full name, email address, phone number, residential address
  • Employment: Employment type (employee, freelancer, contractor, or temporary), employment status, start date, end date
  • Professional: Skills, certifications, notes
  • Payroll rates: Payment type (daily wage, per-camera, or per-contract), daily rate, per-camera rate, overtime rate, contract fee amount
  • Financial personal data: Bank account number, bank account name, bank name, bank branch
  • Emergency contact: Emergency contact information
  • Payment records: A history of payments made to the individual, including payment date, amount, payment method, reference number, and payment status

3.2 Purpose

Personnel data is processed for the following purposes within the App: calculating labour costs per project, generating payroll documentation, maintaining employment records, and populating financial documents. The legal basis for this processing must be determined and upheld by you as the data controller. Applicable lawful bases may include performance of a contract (the individual’s employment or engagement contract), compliance with a legal obligation, or the individual’s explicit consent.

3.3 Bank Account Data: Heightened Protection Requirement

Bank account details (comprising account number, account name, bank name, and bank branch) recorded under a personnel record constitute sensitive financial personal data. Before entering any individual’s bank account details into the App, you must ensure that you hold the explicit, informed consent of that individual for the specific purpose of payroll documentation, or that you otherwise hold a valid legal basis under applicable data protection legislation. By entering such data, you represent and warrant to LumoCodes that the required consent or lawful basis exists.

By entering personal data of any individual into the Personnel section of the App, you represent and warrant that you have:

  • (a) informed the relevant individual that their personal data will be stored and processed using a third-party software application;
  • (b) obtained any consent required under applicable data protection legislation for the specific purposes of your intended processing; and
  • (c) documented a valid lawful basis for each category of personal data entered.

LumoCodes, acting as your data processor, bears no responsibility for the legality of processing activities you authorise.


4. Client Data

4.1 Data Fields Collected

Client personal data stored through the App includes: full name, email address, phone number, and postal address. Project records associated with a client may additionally include site address.

4.2 Processor Role

LumoCodes processes client personal data solely as your data processor. You are the data controller. You are responsible for: having a valid lawful basis for storing and processing client data; providing clients with an appropriate privacy notice; and responding to any data subject rights requests submitted by your clients.

4.3 No Independent Use by LumoCodes

LumoCodes does not independently collect, analyse, profile, or monetise client personal data entered into the App. This data is stored solely to enable the service features you use, such as project management, document generation, and record-keeping.

4.4 No Profiling, Advertising, or Model Training

LumoCodes does not use user-input data for profiling, behavioural advertising, model training, or cross-account analytics. This applies to all personal data you enter into the App, including client, vendor, and personnel records.


5. Vendor Data

5.1 Data Fields Collected

Vendor records may include: company name, contact person name, email address, phone number, postal address, and notes.

5.2 Processor Role and User Responsibility

Contact persons named within vendor records are natural persons and may hold rights under applicable data protection legislation. LumoCodes processes this data as your data processor. You are responsible for informing vendor contact persons that their details are stored in a third-party application and for maintaining a valid lawful basis for such processing. The same consent and responsibility principles set out in Section 4.2 apply to vendor contact data.


6. Company Profile, Preferences, and Banking Information

6.1 Company Profile and Preferences

The Settings section may store your company name, company registration number, company email address, phone number, postal address, and company logo. It may also store operational preferences such as date format, measurement unit, project-name prefix, default installation amount, document cover-page preference, and default site-plan cable-routing mode.

These details and preferences are used to configure your workspace, identify your business inside the App, populate generated documents, and apply your selected display and workflow defaults.

6.2 Company Banking Fields

The Settings section of the App permits you to record your company’s bank account details for use in financial documents. The following fields may be stored: bank account number, bank account name, bank name, and bank branch.

6.3 Sole Purpose of Company Banking Fields

This data is used exclusively to auto-populate the company details fields of financial documents generated by the App, including quotations, invoices, and receipts. It is not used for any payment processing, fund movement, or platform-level billing, and is not accessible to payment processors or billing providers.

6.4 LumoCodes Access

LumoCodes does not access this data in the ordinary course of providing the Service.

6.5 Account Holder Responsibility

Anyone with valid access to your CCTVpilot account can view this information. You are responsible for maintaining strong, unique credentials for your account and for restricting access to authorised individuals only.


7. Financial and Commercial Data

7.1 Quotation Data

Quotation records include itemised line items with commercially sensitive fields per item, including: retail price, price adjustment, dealer price, actual purchase price, quantity, vendor name, and item type.

7.2 Invoices

Invoice records include: invoice number, subtotal, tax amount, total amount, and due date.

7.3 Receipts

Receipt records include: receipt number, receipt type (advance, balance, tips, or opening balance), and amount.

7.4 Cash Flow Entries

Cash flow records include: description, vendor or customer name, entry type (such as advance, balance, cost of goods sold, logistics, labour, or miscellaneous), amount, quantity, total, and entry date.

7.5 Aggregated Project Statistics

The App pre-computes and persistently stores aggregated financial figures per project to power the Statistics dashboard, including totals for retail value, dealer cost, actual cost, non-quoted costs, amounts paid, and tips. These figures are persistently stored data records, not computed on demand.

7.6 Billing, Payment, and Add-On Records

If you purchase a paid plan or project add-on, the App collects and stores a billing profile, including: first name, last name, email address, phone number, street address, city, country, country code, billing region, pricing country, and currency. This billing profile is separate from the company banking information described in Section 6.

For checkout, CCTVpilot may create and store payment order records containing: order type, plan tier, billing period, add-on pack size or quantity, usage month, amount, currency, discount amount, promo code, order ID, payment ID, payment method label, PayHere status code, and PayHere notification parameters used to verify and reconcile payment status. Payment history records may be shown to the account holder inside the App.

Payment processors such as PayHere may receive checkout details necessary to process payment, including your billing profile, order ID, item description, amount, currency, and technical payment fields. LumoCodes does not store full payment card numbers or full card security codes.

Project add-ons increase project capacity for the applicable usage month or other checkout-specified period. The App stores add-on quantity, pack details, applied month, and payment status so that capacity can be applied and audited.

7.7 Referral and Promo Code Records

If you sign up using a promo code or referral link, CCTVpilot may store referral attribution records, including the promo code, referrer identifier, masked email address, hashed email address, sign-up status, paid subscription count, first-payment discount status, plan tier, billing period, currency, payment references, and reward status. These records are used to validate discounts, prevent abuse, administer referral rewards, reconcile payments, and maintain accounting records.

If you sign up for CCTVpilot using a promo code or referral link issued through CCTVpilot Partner Rewards, limited information about the resulting referral attribution may be shown to the Partner Rewards participant who owns that code or link. This display is limited to referral progress, reward qualification, payout, accounting, dispute-resolution, fraud-prevention, and support. It may show referral and reward history, but it does not show your full payment history or later payments made after the referral has already qualified or been rewarded. The limited information shown may include your masked email address, sign-up date, referral status, progress label, paid subscription count needed for referral qualification, plan tier, billing period, country or currency indicator, estimated or earned reward amount, reward status, next milestone, and related update timestamps. Full account email addresses, payment method details, and workspace data are not shown to Partner Rewards participants.

If you participate as a referrer or affiliate through CCTVpilot Partner Rewards, LumoCodes may collect additional contact and payout information, including name, phone number, billing address, company name, NIC or business registration number, bank account holder name, bank name, branch, and account number. Referral payout records may retain payout snapshots for accounting, dispute-resolution, and fraud-prevention purposes.

7.8 Trial Eligibility and Abuse-Prevention Records

CCTVpilot free trials may be claimed only once. To enforce this limit, the App may store a trial-claim record containing a hashed version of the normalised account email address, the user ID that claimed the trial, and the date the trial was claimed.

Trial-claim records may be retained after account deletion so that deleting an account and creating a new account with the same email address does not create another trial entitlement. These records are used only for trial eligibility, abuse prevention, security, support, and legal enforcement purposes.

7.9 Product Feedback and Voting

When you submit feedback, CCTVpilot stores your user ID, a display name, feedback category, title, description, status, visibility, vote and activity counts, and relevant timestamps. The display name is taken from your company name where available, or otherwise from the portion of your account email address before the @ symbol. You should not include confidential client information, credentials, payment information, or other unnecessary personal data in feedback.

Bug reports are private to their author and authorised LumoCodes personnel. Feature requests, improvement suggestions, and questions or other feedback are public to other signed-in CCTVpilot users, who may view and vote on them. A vote record links the voting user’s ID to the feedback item so that duplicate votes can be prevented.

You may delete feedback you submitted while your account remains active. Feedback and vote records are stored outside your private workspace and are not automatically removed by the workspace account-deletion process. They may therefore remain after account deletion for product planning, community continuity, moderation, security, or dispute handling. You may request deletion or anonymisation of residual feedback personal data by contacting [email protected], subject to applicable legal exceptions.


8. Site Plans and Spatial Data

8.1 Nature of Data

The site plan drawing tool stores spatial data per project, including camera placement coordinates and coverage zones, cable path routing data, and floor plan annotations. This data is stored per site plan record and linked to a specific project.

8.2 Confidentiality

Site plan data documents the physical security infrastructure of a client’s premises. You should treat this data with a corresponding level of confidentiality and limit access to authorised personnel only.

8.3 Camera and Image Handling

The site plan tool stores vector and coordinate data. If you choose to use the device camera, the browser requests camera permission and may hold captured camera photos temporarily in the active site-plan session. Those photos are not included in the saved site-plan record and are not transmitted to LumoCodes servers. Scan and camera images should nevertheless be treated as visible on the device until the session is closed or refreshed.


9. Inventory and Equipment Data

9.1 Equipment Catalogue

Your equipment catalogue includes: equipment name, description, retail price, dealer price, associated vendor, category, warranty information, and price last updated date. This data constitutes commercially sensitive business information.

9.2 Physical Inventory

Physical inventory records include: equipment name, description, quantity, unit cost, total cost, and serial numbers.

9.3 Barcode and QR Scan Data

Serial numbers may be captured via barcode or QR code scanning. Only the decoded text string (serial number) is retained as part of the inventory record. Scan images are not captured or stored by the App. No biometric or image data is retained as a result of scanning.


10. Offline Functionality and Local Data Cache

10.1 Mechanism

The App supports offline functionality by maintaining a local data cache in your browser. This enables read and write access to your data when internet connectivity is not available. Changes made offline are queued locally and synchronised to our servers when connectivity is restored.

10.2 Conflict Resolution

Where the same record is modified simultaneously across multiple browser tabs or devices, the most recently written version of the record will overwrite earlier concurrent changes. LumoCodes is not responsible for data loss resulting from concurrent editing conflicts.

10.3 Local Cache Risk Disclosure

You acknowledge and accept the following risks associated with offline data storage:

  1. Browser storage clearing: If your browser’s local cache is cleared or reset before offline changes have been synchronised, those changes will be permanently lost and cannot be recovered by LumoCodes.
  2. Storage quota exceeded: If your browser’s storage quota is reached while you are offline, new changes may fail to be queued for synchronisation. LumoCodes is not liable for data loss occurring in this scenario.

10.4 Device Security Responsibility

Data held in the local browser cache is not encrypted at rest on your device. You are solely responsible for implementing appropriate device-level security measures — including device encryption, access controls, and screen locking — to prevent unauthorised access to locally cached data. This responsibility is heightened when a persistent session is maintained on a shared or unattended device.

LumoCodes shall not be liable for any loss, unauthorised disclosure, or corruption of data arising from: (i) the clearing of local browser storage before offline changes have been synchronised; (ii) the exhaustion of browser storage quotas; (iii) device failure, theft, or loss; or (iv) concurrent editing conflicts. All limitations of liability set out in the CCTVpilot Terms of Service apply to this notice.


11. User-Uploaded Documents

You may upload a company logo image. This image is displayed as your account profile picture within the App and on generated financial documents.

11.2 Custom Terms of Service PDF

You may upload a PDF of your own Terms of Service to be appended to printed or exported quotations.

11.3 Purpose Limitation

These files are used exclusively for the purposes described above. They are not indexed, analysed, used for model training, or applied to any other purpose by LumoCodes.


12. Technical Calculators: No Data Persistence

12.1 Calculator Features

The App includes CCTV-specific technical estimation tools, including: disk storage estimator, network bandwidth calculator, field of view (FOV) calculator, and PoE power budget calculator.

12.2 Session-Only Processing

All inputs provided to these calculators — including camera specifications, resolution, frame rates, network parameters, storage duration targets, lens angles, and power draw values — and all results generated, are processed entirely within your browser session. No calculator input, intermediate value, or calculation result is transmitted to LumoCodes servers, stored against your user account, or retained after the browser session ends or the calculator is closed.

Calculator results are provided as estimation aids only. LumoCodes makes no warranty as to the accuracy or fitness for purpose of calculation results for professional, commercial, or regulatory applications. You are responsible for independently verifying all technical calculations before acting on them.


13. Data Storage Infrastructure

13.1 Primary Data Store

Google Firebase, operated by Google LLC, is the primary system of record for account and workspace data. Copies or related records are also processed through Algolia, PayHere or another identified payment processor, Google Analytics for Firebase unless analytics is disabled, Cloudflare, the browser’s local storage, and the other providers described below. Data transmitted between supported browsers and these services is encrypted in transit using HTTPS/TLS.

13.2 Access Controls

Private workspace records are restricted by authentication and account-scoped access controls. Cross-account visibility is limited to the intentional features and operational access described in this notice, including public feedback, Partner Rewards referral information, authorised support or administration, legal or security access, and service-provider processing. These exceptions do not permit another ordinary CCTVpilot customer to browse your private workspace.

13.3 Sub-Processor: Google LLC

Google LLC operates the Firebase cloud infrastructure used by CCTVpilot and acts as a sub-processor of personal data stored through the App, including third-party personal data you input. Google processes this data in accordance with its Data Processing and Security Terms.

13.4 International Data Transfers

Data may be processed in countries outside Sri Lanka, the European Economic Area, or your jurisdiction of operation. LumoCodes relies on applicable provider contracts, data-processing terms, approved contractual safeguards, and other lawful transfer mechanisms required for the relevant transfer. Provider infrastructure locations and subprocessors may change over time.

13.5 Security Measures

LumoCodes implements reasonable technical and organisational security measures appropriate to the nature of the data processed, including access controls, authentication safeguards, and encryption of data in transit. These measures are designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

13.6 Sub-Processor: Algolia

CCTVpilot uses Algolia to provide authenticated search across larger sets of records. Algolia search indexes are not the primary system of record; they contain selected fields copied from Firebase so that search can return relevant results quickly.

Every indexed record includes an account-scoping user identifier and an entity or record-type identifier. Depending on the record type, indexed data may also include:

  • Projects: project name, client name, client email, client phone, client address, status, project type, and timestamps.
  • Equipment: equipment internal name, display name, and category.
  • Inventory: equipment names, category, and serial numbers from purchase entries.
  • Clients: client name, email, phone, and address.
  • Vendors: vendor name, contact person, and email.
  • Personnel: personnel name, email, phone, skills, payment type, status, and employment type.
  • Equipment options: equipment and vendor-pricing identifiers, equipment names, category, vendor identifier, vendor name, warranty, retail price, dealer price, and price updated date.

Search access is restricted using authenticated, time-limited search keys scoped to the account holder’s user ID and the requested index. Records are removed from Algolia when source records are deleted, and account deletion triggers deletion of the account’s Algolia search records. Provider-side propagation and backup deletion may not be instantaneous.

13.7 Payment Processors: PayHere and Other Gateways

CCTVpilot currently uses PayHere for checkout and payment confirmation. The PayHere JavaScript SDK may be loaded in the browser when you access billing or checkout features. PayHere processes payment method details and returns payment status notifications to CCTVpilot. LumoCodes uses those notifications to verify payments, activate or extend access, apply add-ons, record payment history, and investigate billing issues.

CCTVpilot retains only the callback fields needed for verification and reconciliation, such as merchant, order and payment identifiers, amount, currency, status code and message, payment-method label, and internal checkout references. Callback signatures are used for verification but are not retained in the stored callback record. Cardholder names, masked card numbers, card expiry values, full card numbers, and card security codes returned or processed by PayHere are not retained in CCTVpilot’s callback record.

Where future payment gateways are introduced, the checkout page or payment flow will identify the applicable processor. Payment processor handling of card or payment method details is governed by that processor’s own terms and privacy practices in addition to the LumoCodes Privacy Policy.

13.8 Firebase Analytics

CCTVpilot uses Google Analytics for Firebase to measure page and feature usage, login and sign-up method, checkout outcomes, onboarding progress, project-creation categories, and similar service events. LumoCodes relies on its legitimate interests in understanding how the Service is used and improving its reliability, usability, onboarding, and commercial operation. This processing is not necessary to use CCTVpilot, and you may object to it by disabling analytics as described below.

CCTVpilot limits its event parameters to predefined operational metadata and does not intentionally include account email addresses, client or personnel details, free-form workspace content, document contents, or payment card details. Advertising personalisation and Google Signals are disabled. Google may separately process ordinary device, browser, network, and analytics identifiers as described in Google’s privacy and Firebase terms.

Analytics is enabled by default on supported browsers. CCTVpilot is presently offered only for its supported Sri Lankan market, and LumoCodes currently relies on legitimate interests rather than consent for this limited analytics processing, so no analytics consent prompt is displayed. You may disable or re-enable analytics at any time under Settings > Preferences. Disabling analytics stops future analytics collection from that browser, but does not remove events already collected while analytics was enabled where their continued retention remains lawful.

13.9 Support Site, Cloudflare, and External Browser Assets

CCTVpilot websites, including cctvpilot.com and support.cctvpilot.com, may use Cloudflare for content delivery, security, request routing, and country-level pricing-region detection. Cloudflare may process IP addresses, request headers, browser or device information, security signals, and an approximate country associated with the request.

The search function on support.cctvpilot.com operates in the browser over a static help-documentation index and is separate from the authenticated Algolia search used for private App workspace records. Using help-centre search does not by itself transmit private CCTVpilot workspace records to the documentation search.

Some pages may retrieve fonts or browser assets from providers such as Google Fonts, unpkg, or cdnjs. When the browser requests those resources, the provider receives ordinary HTTP request information such as IP address, user-agent information, referring page, and request time. These providers do not receive private CCTVpilot workspace records through the asset request itself.


14. CCTVpilot Data Retention

  • In-app deletion: Client, vendor, personnel, project, inventory, and related records deleted within the App are removed from active application storage and are no longer accessible through the App. Where a deleted record was indexed for search, the related Algolia search record is deleted or queued for deletion.
  • Stale-data cleanup: CCTVpilot runs scheduled cleanup for draft or quoted projects and unselected quotations that have not been updated within the applicable plan window. The current windows are 45 days for Starter, 60 days for Plus, 90 days for Pro, and 180 days for Enterprise. Cleanup is based on the account’s plan tier when the scheduled process runs. LumoCodes may change these windows prospectively as the Service evolves and will update this notice if it does so.
  • Main CCTVpilot account deletion: You may delete your account directly under Settings > Account Security. This purges active private workspace data and uploaded files from the primary application store, purges associated Algolia records, and requests deletion of the Firebase Authentication account. Any active trial ends immediately. Trial-eligibility records and the records specifically identified below are not part of that workspace purge.
  • Product feedback: Feedback and vote records are retained until deleted by the author, removed by LumoCodes, or no longer reasonably needed for product planning, community continuity, moderation, security, or dispute handling. Because feedback is stored outside the private workspace, it may remain after account deletion as described in Section 7.9. Requests concerning residual personal data may be sent to support.
  • Partner Rewards accounts: Deleting or deactivating a CCTVpilot Partner Rewards account ends access to the Partner Rewards interface and disables its active referral access. Referral attribution, qualification, payout, tax, accounting, fraud-prevention, and dispute records may remain where reasonably necessary. Deleting a main CCTVpilot account does not by itself delete a separate Partner Rewards account, and deleting a Partner Rewards account does not delete a separate main CCTVpilot account.
  • Billing, referral, trial, security, and legal retention: Billing orders, payment records, the limited PayHere callback fields described in Section 13.7, referral attribution and payout records, trial-claim records, security logs, support records, tax or accounting records, fraud-prevention records, and dispute records are retained for the period reasonably necessary for the stated purpose and any applicable legal, tax, accounting, audit, chargeback, or limitation period. When no fixed legal period applies, retention is determined by the continuing account or transaction relationship, the risk of a claim or abuse, and whether the record remains necessary to establish, exercise, or defend legal rights.
  • Analytics: Analytics events are retained according to the configured Google Analytics retention settings and the LumoCodes Privacy Policy. Disabling analytics stops future collection from that browser but does not require immediate deletion of lawfully collected aggregate or historical reports.
  • Backup and recovery: LumoCodes does not maintain application-level backups of individual user data for customer self-service restoration. Data deleted within the App or upon account deletion cannot be recovered by LumoCodes, although limited copies may remain temporarily in infrastructure provider backups until those backups expire.

15. Data Subject Rights: CCTVpilot-Specific Procedures

15.1 Your Own Account and Business Data

You may access and update your business profile information, preferences, and company banking information directly through Settings. Billing profile information may be accessed and updated through the billing area. You may delete your main CCTVpilot account and associated private workspace from Settings > Account Security. You may also contact [email protected] for assistance with access, correction, deletion, restriction, objection, or other rights available under applicable law, including residual records that are not part of the automated workspace purge.

If you also hold a CCTVpilot Partner Rewards account, it is treated as a separate account for access and deletion purposes and must be managed through Partner Rewards or through support.

15.2 Third-Party Data You Control

As data controller for client, vendor, and personnel data, you are responsible for receiving and responding to data subject rights requests from those individuals. You may fulfil most requests — including access, rectification, and erasure — directly within the App by updating or deleting the relevant records. Where you require LumoCodes’ assistance in fulfilling a data subject request, submit a written request to [email protected].

15.3 Data Portability

Financial documents such as quotations, invoices, and receipts may be exported as PDF directly within the App. PDF export is a document feature and is not the only portability procedure. Where a data-portability right applies, you may request an export of applicable account and workspace data in a structured, commonly used, machine-readable format such as JSON or CSV by contacting [email protected]. LumoCodes may need to verify your identity and may exclude data that would adversely affect another person’s rights or that is not covered by the applicable right.


16. Data Breach Notification

In the event of a personal data breach affecting data held within CCTVpilot, LumoCodes will notify affected account holders without undue delay following discovery of the breach, subject to verification and investigation, and in accordance with applicable legal obligations.

Where the affected data includes personal data of your clients, vendors, or personnel — for which you are the data controller — you are responsible for assessing whether notification obligations to those individuals apply under governing data protection legislation and for taking appropriate action. LumoCodes will provide reasonable assistance upon request.

For breach-related communications, contact: [email protected]


17. Changes to This Notice

LumoCodes may update this notice from time to time. Changes will be published at this location with a revised “Last Updated” date. Where a change materially alters how existing personal data is used, disclosed, or retained, LumoCodes will provide additional notice before the change takes effect where reasonably practicable and will obtain consent where applicable law requires it.


18. Contact

For questions or concerns regarding this document or data handling within CCTVpilot:

Address: LumoCodes, Elawaka Road, Kumbukwewa, Nikaweratiya.
Email: [email protected]
Phone: +94 77 020 5866


This notice is to be read with the LumoCodes Privacy Policy. The Data Processing Agreement is contained in Part B of the CCTVpilot Terms of Service.