GDPR Compliance Statement

Effective Date: July 14, 2026

Sentinel — IP Camera Setup & ONVIF Discovery
Data Controller: 6tSevn BV
Effective Date: July 14, 2026
Last Updated: July 14, 2026

1. Our Commitment

6tSevn BV is committed to protecting the privacy and personal data of all users of the Sentinel app, in full compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable national data protection laws. Sentinel is designed as a local-first application: it communicates only with the devices on your own local network and never transmits your data to 6tSevn BV. This statement explains how we uphold the principles and rights established by the GDPR.

2. Data Controller

Under the GDPR, the data controller is the entity that determines the purposes and means of processing personal data. For the Sentinel app:

Data Controller: 6tSevn BV
Address: Gangboord 11, 3356 DG Papendrecht, The Netherlands
Email: privacy@6tsevn.com
Website: https://6tsevn.com

In practice, 6tSevn BV does not process any personal data from Sentinel users. All data remains under the sole control of the user on their own device and local network.

3. What Data Is Processed

Sentinel processes device and configuration data required to discover, activate, and reconfigure equipment on your local network. This data is processed exclusively on your device and your local network and is never transmitted to 6tSevn BV or any third party.

Most of this data is technical information about network equipment rather than personal data. Depending on your environment, some fields could constitute personal data under the GDPR.

CategoryExamplesLegal Basis
Device informationModel, firmware, MAC address, serial number, IP address, current network settingsLegitimate interest (Art. 6(1)(f)) — core functionality
Configuration you applyIP address, subnet mask, gateway, DHCP modeLegitimate interest (Art. 6(1)(f))
CredentialsAdministrator passwords set or used during activation, stored in the KeychainPerformance of contract (Art. 6(1)(b))
Preference dataApp settings and remembered devicesLegitimate interest (Art. 6(1)(f))

Data NOT collected by 6tSevn BV:

  • Names, email addresses, or contact details
  • Device identifiers or advertising identifiers (IDFA)
  • Usage analytics or telemetry
  • Cookies or browser data
  • Payment or credit card information
  • User account credentials (no accounts exist)
  • Any discovered device information, credentials, or configuration sent to a 6tSevn server

4. Data Processing — Where and How

4.1 On-Device and Local-Network Processing

All data generated or used by Sentinel is processed on your device and communicated directly with the devices on your local network. It resides in the app's sandboxed container, with credentials held in the iOS/macOS Keychain. 6tSevn BV has no access to this data. The app makes no requests to 6tSevn servers.

4.2 Network Discovery

Sentinel uses standard multicast (ONVIF WS-Discovery and SADP probing) to discover devices on the local network, including devices whose IP is outside your current subnet. It reads publicly reported device details over these standard protocols. ONVIF discovery is performed on a read-only basis; configuration changes are always explicit.

4.3 Activation and Configuration

When you activate a device, Sentinel sets an administrator password using encryption on your device before the credential is sent to the target device over your local network. When you reconfigure a device, the new IP, mask, gateway, or DHCP setting is applied directly to that device. These actions require being on the same subnet as the target device.

4.4 Credentials and the Keychain

Administrator passwords and other credentials are stored in the iOS/macOS Keychain, protected by iOS/macOS Data Protection and, where available, hardware-backed security. 6tSevn BV never receives these credentials.

5. Third-Party Data Sharing

6tSevn BV does not share any personal data with third parties. The Sentinel app:

  • Contains no analytics SDKs (no Firebase, Amplitude, Mixpanel, or similar)
  • Contains no advertising networks or trackers
  • Contains no crash reporting services (no Crashlytics, Sentry, or similar)
  • Sends no data to 6tSevn servers — the app communicates only with devices on your local network

6. Data Transfers Outside the EEA

6tSevn BV does not transfer any personal data outside the European Economic Area, because 6tSevn BV does not receive any user data. All data remains on your device and local network within your physical control.

7. Data Retention

Since 6tSevn BV does not collect or store any user data, there is no data retention policy on our end. The user retains full control over their data:

  • Remembered devices and credentials persist on-device for as long as the app is installed and you choose to keep them.
  • You can remove stored devices and credentials at any time within the app.
  • Uninstalling the app permanently removes all local data, including credentials held in the Keychain for the app.

8. Your Rights Under the GDPR

As a data subject under the GDPR, you have the following rights. Because Sentinel is designed as a local-first application and 6tSevn BV holds no personal data, these rights are inherently fulfilled:

RightGDPR ArticleHow It Is Fulfilled
Right of accessArt. 15All data Sentinel holds is visible directly within the app at all times.
Right to rectificationArt. 16You can edit stored devices, preferences, and credentials directly in the app.
Right to erasure ("right to be forgotten")Art. 17You can remove stored devices and credentials, or uninstall the app to erase everything.
Right to restriction of processingArt. 18No processing occurs by 6tSevn BV. You control all processing on your device. You can stop scanning at any time.
Right to data portabilityArt. 20No 6tSevn-held data exists to port; the data on your device is under your direct control.
Right to objectArt. 21No profiling, automated decision-making, or direct marketing is performed.
Right to withdraw consentArt. 7(3)You can revoke Local Network access or notifications at any time in your device settings.

9. Data Protection by Design and by Default (Art. 25)

Sentinel is built according to the GDPR principles of data protection by design and by default:

  • Data minimization: The app only handles data necessary to discover, activate, and configure devices. No metadata or behavioral data is collected by 6tSevn BV.
  • Purpose limitation: Device and configuration data is used solely for the app's core functionality and is never repurposed.
  • Storage limitation: Data exists only as long as the user chooses to keep it. No automatic retention occurs at 6tSevn BV.
  • Integrity and confidentiality: Credentials are stored in the Keychain, protected by iOS/macOS Data Protection. Activation uses encryption on-device.
  • No server surface at 6tSevn: The app sends no data to 6tSevn servers, eliminating server-side breach risk on our part.

10. Data Protection Impact Assessment (DPIA)

Given that 6tSevn BV does not collect, process, or store any personal data from Sentinel users, a formal DPIA under Article 35 GDPR is not required with respect to 6tSevn BV's processing. Users who deploy Sentinel in their own organisations remain responsible for their own compliance obligations regarding the devices and networks they manage.

11. Security Measures (Art. 32)

Although 6tSevn BV does not process personal data from Sentinel users, the app implements the following technical security measures on-device:

  • Keychain storage: Credentials are stored in the iOS/macOS Keychain, never in plain text.
  • Encrypted activation: Device activation uses encryption on-device before credentials are sent to the target device.
  • App sandboxing: iOS/macOS sandboxing ensures no other application can access Sentinel's stored data.
  • Local-only communication: The app communicates only with devices on your local network; it sends no data to 6tSevn servers.
  • Password-policy enforcement: Sentinel enforces a strong password policy to keep the devices you commission hardened.

12. Breach Notification (Art. 33 & 34)

Since 6tSevn BV does not collect, store, or process personal data from Sentinel users, a data breach at 6tSevn BV cannot expose Sentinel user data. In the unlikely event of a vulnerability affecting the app's security, we will:

  • Investigate and address the vulnerability promptly.
  • Release an app update with a fix.
  • Notify users through the App Store update notes.
  • Report to the relevant supervisory authority within 72 hours if required under Article 33 GDPR.

13. Changes to This Statement

6tSevn BV reserves the right to update this GDPR Compliance Statement. Any material changes will be published on our website with an updated "Last Updated" date. We encourage users to review this statement periodically.

14. Contact & Complaints

If you have questions about this GDPR Compliance Statement or wish to exercise your data protection rights, please contact us:

6tSevn BV
Gangboord 11
3356 DG Papendrecht
The Netherlands
Email: privacy@6tsevn.com
Website: https://6tsevn.com

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection supervisory authority. For users in the Netherlands, this is:

Autoriteit Persoonsgegevens (Dutch Data Protection Authority)
Website: https://autoriteitpersoonsgegevens.nl
Phone: +31 (0)70 888 85 00

This GDPR Compliance Statement applies to the Sentinel app available on the Apple App Store, developed and published by 6tSevn BV.