Privacy Policy
Last updated: 25 March 2026 · Effective: 25 March 2026
Short version: SentiHome collects only what is necessary to run the service. Your smart home data is yours. We do not sell it, share it with advertisers, or use it to train AI models. All data is stored in the EU.
1. Who We Are
SentiHome ("we", "us", "our") is operated by:
SentiHome
ul. Jasieńska 85L, 80-175 Gdańsk, Polska
Email: admin@sentihome.app
SentiHome is a smart home monitoring and AI assistant platform for residential and small commercial properties. We are subject to the General Data Protection Regulation (GDPR) and Polish data protection law.
2. What Data We Collect
2.1 Account Data
- Email address (required for registration)
- Password (stored as a bcrypt hash — we never see your plain password)
- Home name and configuration preferences
- Language preference
2.2 Smart Home Device Data
- Shelly device identifiers, names, and states (on/off, power readings)
- Energy consumption readings (kWh per device, per room, per day)
- Automation rules and schedules you configure
- Your Shelly API key (encrypted at rest, used only to communicate with your devices)
2.3 Usage Data
- AI chat messages you send to the Senti assistant
- Commands and queries (used to generate your response only)
- Login timestamps and session identifiers
- Browser type and OS (for compatibility, no fingerprinting)
2.4 Telegram Integration (if enabled)
- Your Telegram chat ID (to route notifications to you)
- Messages you send to the SentiHome Telegram bot
2.5 What We Do NOT Collect
- Camera or audio footage
- Location data (GPS)
- Biometric data
- Payment card details (processed by Stripe directly)
- Data from third-party social profiles beyond authentication tokens
3. How We Use Your Data
| Purpose | Data used | Legal basis |
|---|---|---|
| Provide and operate the service | Account, device, usage data | Contract (Art. 6(1)(b) GDPR) |
| AI assistant responses | Chat messages, device states | Contract |
| Send notifications & alerts | Email, Telegram ID | Contract |
| Improve service reliability | Anonymised usage logs | Legitimate interest (Art. 6(1)(f)) |
| Security & fraud prevention | Login logs, session data | Legitimate interest |
| Legal compliance | Account data, transaction logs | Legal obligation (Art. 6(1)(c)) |
| Send product updates (opt-in) | Consent (Art. 6(1)(a)) |
We never use your data to train AI models. Chat messages are processed in real time and are not retained beyond 90 days (configurable in your dashboard).
4. Data Storage and Security
- Region: All data is stored in the EU (Frankfurt, AWS eu-central-1)
- Encryption at rest: AES-256 for all stored data
- Encryption in transit: TLS 1.2+ for all connections
- API keys (BYOK): Your Shelly API key is encrypted and never logged in plain text
- Backups: Daily encrypted backups, retained 30 days
5. Data Sharing and Third Parties
We do not sell your data. We share data only with the following sub-processors, all bound by GDPR-compliant Data Processing Agreements:
| Sub-processor | Purpose | Location |
|---|---|---|
| Amazon Web Services (AWS) | Cloud infrastructure, database, authentication | EU (Frankfurt) |
| Anthropic / AWS Bedrock | AI language model inference | EU / AWS Bedrock |
| Telegram | Notification delivery (if you connect Telegram) | International |
| Stripe | Payment processing (paid plans) | EU |
We may disclose data if required by law, court order, or to protect the safety of users or the public.
6. Your Rights (GDPR / RODO)
As a data subject under GDPR, you have the right to:
- Access — request a copy of your personal data
- Rectification — correct inaccurate data
- Erasure — request deletion of your account and all associated data
- Restriction — ask us to limit processing while a dispute is resolved
- Portability — receive your data in a machine-readable format (JSON)
- Objection — object to processing based on legitimate interest
- Withdraw consent — for any consent-based processing (e.g. marketing emails)
To exercise any right, email admin@sentihome.app. We respond within 30 days. You also have the right to lodge a complaint with the Polish supervisory authority: UODO (uodo.gov.pl).
7. Data Retention
| Data type | Retention period |
|---|---|
| Account data | Until account deletion + 30 days |
| Device state logs | 90 days (configurable) |
| Energy reports | 24 months |
| AI chat history | 90 days (configurable) |
| Billing records | 7 years (legal obligation) |
| Security/access logs | 12 months |
8. Cookies and Tracking
SentiHome uses minimal cookies:
- Session cookie: Keeps you logged in (expires on browser close or after 7 days)
- Preference cookie: Stores your language choice (PL/EN)
We do not use advertising cookies, tracking pixels, or third-party analytics scripts (no Google Analytics, no Facebook Pixel).
9. Children
SentiHome is intended for users aged 18 and over. We do not knowingly collect data from children under 18. If you believe a child has registered, contact us at admin@sentihome.app for immediate deletion.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify registered users by email at least 14 days before material changes take effect. The "Last updated" date at the top reflects the most recent revision.
11. Contact
Data Controller: SentiHome
ul. Jasieńska 85L, 80-175 Gdańsk, Polska
📧 admin@sentihome.app
🌐 sentihome.app