Privacy Policy

Effective date: May 6, 2026 · Last updated: May 6, 2026

Overview

This Privacy Policy describes how Summit Veil LLC ("Summit Veil," "we," "us," or "our") handles information in connection with the mobile application Serin: Privacy Radar (the "App"). Serin is a privacy-awareness tool for iOS that detects nearby electronic devices via Bluetooth Low Energy (BLE), local network (WiFi) discovery, and infrared (IR) camera analysis.

Our core principle is simple: your data stays on your device. Serin performs all scanning locally and does not require an account, login, or personal information to function. We have designed the App so that we cannot read your scan history, ignore lists, or audit reports.

Information We Do Not Collect

  • We do not collect your name, email address, phone number, or other personally identifiable information ("PII").
  • We do not require account creation or login.
  • We do not access your contacts, photos, or files (except when you explicitly save an IR camera capture to your photo library).
  • We do not sell, rent, or share your personal information with third parties for their direct-marketing or cross-context behavioral-advertising purposes.

On-Device Data

The following data is generated and stored entirely on your device. It is not transmitted to Summit Veil's servers:

  • Bluetooth (BLE) scan results — device names, signal strength, manufacturer identifiers, and service UUIDs of nearby Bluetooth devices. These are processed in real time on your device and are never transmitted to Summit Veil.
  • WiFi network scan results — devices discovered on your local network via Bonjour/mDNS and port scanning. Like BLE results, these are processed locally and never transmitted to Summit Veil.
  • Infrared camera captures — images from the IR Camera Finder are saved to your photo library only when you explicitly choose to save them.
  • Detection logs and ignore lists — historical records of detected devices.
  • Privacy Audit reports — audit results and PDF exports.

Location: Serin does not request or use your location. Detection happens entirely through Bluetooth and local network scanning, neither of which require location access.

Data We Transmit

The App transmits limited, non-personal data to our backend in the following circumstances:

Device Database Sync

On launch, Serin checks for updated detection signatures from the Serin API. The request contains only the App version and the current database version number. No personal data is included.

Community Submissions

The App includes an opt-in "Submit Device" form that lets you tell us about a device Serin failed to identify, or a new device you have encountered. Together with the Detection Feedback flow described below, these are the only paths by which information about a detected device reaches our servers — passive Bluetooth and WiFi scan results never leave your device, regardless of device type.

When you submit the form, we receive only the fields you fill in, plus minimal technical metadata:

  • Device name (free text you provide)
  • Manufacturer (free text you provide)
  • Whether the device has a camera (yes/no)
  • Whether the device is always listening (yes/no)
  • Additional details (optional free text)
  • App version
  • Your device's vendor identifier (identifierForVendor) — used to deduplicate submissions and to enable the in-App "Delete My Data" feature; it is not linked to your Apple ID and resets if you uninstall the App

We do not capture or transmit the raw technical fingerprints (BLE service UUIDs, advertisement payloads, mDNS records, MAC addresses, etc.) of the devices you report — only the user-provided text fields above. No location data and no personal information is included.

Detection Feedback

The App also lets you long-press a detected device to report a detection issue (for example, a false positive or a wrongly categorized device). When you submit feedback, we receive only:

  • The feedback type (e.g., "false positive")
  • The Bluetooth SIG manufacturer ID associated with the matched signature, if any (a 16-bit company code, not a device identifier)
  • The name Serin displayed for the device
  • What you say the device actually is (optional free text)
  • Your free-text note
  • App version
  • Your device's vendor identifier (identifierForVendor), used for rate-limiting and to enable "Delete My Data"

We do not transmit BLE MAC addresses, raw advertisement payloads, service UUID lists, or any location data through the feedback flow.

Apple iCloud / CloudKit

Serin uses Apple's CloudKit to synchronize certain data across your own devices:

  • Private database. Your ignore list and personal logs sync to your private iCloud container. Summit Veil has no access to data in your private container — it is encrypted and accessible only to you. See Apple's Privacy Policy.

Third-Party Services

Google AdMob (Free tier only)

The free tier of Serin displays advertisements provided by Google AdMob. AdMob acts as an independent data controller for the ad-related data it collects. Categories of data Google may receive include:

  • Advertising identifier (IDFA), only if you grant App Tracking Transparency permission
  • IP address and coarse location derived from it
  • Device type, OS version, and general App-usage signals
  • Ad interaction data (impressions, clicks)

For details, see Google's Privacy Policy and how Google uses information from sites or apps that use its services. You can limit personalized advertising in iOS Settings > Privacy & Security > Tracking, and you can remove all advertising by upgrading to Serin Pro.

Apple StoreKit

In-app purchases are processed by Apple through StoreKit. We do not receive your payment information. Purchases are governed by Apple's Media Services Terms.

Analytics & Crash Reporting

Serin does not integrate any third-party analytics or crash-reporting SDKs (such as Firebase, Sentry, Mixpanel, or Amplitude). If you have opted into Apple's "Share with App Developers" setting at the iOS level, Apple may share aggregated, anonymized crash and usage data with us; this is governed by Apple's privacy practices.

Permissions

Serin requests the following device permissions, each for a specific purpose:

  • Bluetooth — Required for BLE device scanning.
  • Local Network — Required for WiFi/Bonjour scanning to detect networked cameras and streaming devices.
  • Camera — Used by the IR Camera Finder to detect hidden camera lenses via infrared reflection.
  • Photo Library (write) — Used only when you explicitly save an IR capture.
  • Notifications — Used for background detection alerts.

Legal Bases for Processing (EEA / UK Users)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, the legal bases on which we process limited data are:

  • Performance of a contract — processing necessary to provide the App's core features.
  • Consent — for opt-in features such as personalized advertising via App Tracking Transparency. You may withdraw consent at any time.
  • Legitimate interests — improving and securing the App, deduplicating community submissions, and preventing abuse.

Your Rights

Because Summit Veil does not maintain user accounts or hold personal information that identifies you, most data-subject rights can be exercised directly from the App or your device:

  • Delete My Data (in-App) — Settings > Delete My Data sends a request to our servers to remove any user-submitted device reports and in-App feedback associated with your device's vendor identifier. See the next section for exactly what this does and does not cover.
  • Delete on-device data — uninstall the App, or use in-App settings to clear logs and ignore lists.
  • Delete private CloudKit data — Settings > [Your Name] > iCloud > Manage Account Storage > Serin.
  • Withdraw consent — revoke App Tracking Transparency in iOS Settings.

Scope of "Delete My Data"

Tapping Delete My Data in Settings asks our servers to remove records associated with your device's vendor identifier (identifierForVendor). Specifically:

  • Deleted: any user-submitted device reports (forms you have filled out to tell us about an unknown device or one Serin failed to identify) and in-App feedback you have sent to Summit Veil, where the record was tagged with your vendor identifier.
  • Not deleted (because they live on your device): on-device logs, ignore lists, trusted-device lists, audit reports, IR captures, and any data in your private iCloud container. To remove these, use the in-App settings, uninstall the App, or remove Serin's iCloud data through iOS Settings.

If you are an EEA, UK, or Swiss resident, you also have rights of access, rectification, erasure, restriction, portability, and objection under the GDPR, and the right to lodge a complaint with your supervisory authority.

If you are a California resident, you have the right under the CCPA/CPRA to know what personal information we collect, to delete it, to correct it, to opt out of "sale" or "sharing" of personal information, and to be free from retaliation for exercising these rights. We do not sell personal information, and we do not share it for cross-context behavioral advertising as those terms are defined under the CCPA.

To exercise any right that requires our action, contact us at support@serinradar.com. Because we generally do not hold information that identifies you, we may be unable to verify or fulfill some requests.

Data Retention

  • On-device data — retained until you delete it or uninstall the App.
  • Private CloudKit data — retained in your iCloud account until you delete it.
  • Community submissions — retained for the purpose of improving the detection database; the anonymous device identifier is purged after deduplication windows close (typically 90 days).
  • AdMob data — retained by Google per its policies; Summit Veil does not receive or retain copies.

International Data Transfers

Summit Veil operates in the United States. Apple's CloudKit and Google's AdMob also process data internationally. If you access the App from outside the United States, you understand that information may be transferred to, stored in, and processed in the United States and other countries where we or our service providers operate, which may have data-protection laws different from those in your jurisdiction. Where required, transfers from the EEA/UK/Switzerland rely on appropriate safeguards such as the EU Standard Contractual Clauses adopted by our service providers.

Children's Privacy

Serin is intended for users aged 13 and older and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided information to us, contact support@serinradar.com and we will take appropriate action.

Security

We use Apple's standard CloudKit encryption in transit and at rest. No method of transmission over the Internet is 100% secure, but because the App is designed so that we never receive PII, the practical exposure of any breach to you is limited.

Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be highlighted in the App or on this page, with an updated "Effective date." Continued use of the App after the effective date constitutes acceptance of the revised policy.

Contact

For privacy questions, requests, or complaints, contact:

Summit Veil LLC
Email: support@serinradar.com