Privacy Policy
Last updated: 2026-07-03 · Applies to the microremote.gr panel, the MicroRemote Pro app, and the optional Google Home link.
1. Who we are
Data controller: MicroRemote Pro (microremote.gr). Contact: privacy@microremote.gr.
2. What we collect
Account: your email address and an optional display name.
Sign-in security: one-time sign-in codes emailed to you (stored hashed, expiring in 10 minutes); if you enable two-factor authentication, your authenticator secret and hashed backup codes.
Devices: the name, serial, type, and last-seen time of each device you add.
Command history: which command (e.g. "power", "vol_up") was sent to which device and when — this is how the command queue and history work.
Your configurations: scenes, schedules, and macros you create.
Technical: your IP address is kept temporarily for rate limiting and abuse protection, and appears in standard server logs.
Cookies: strictly necessary only — a session cookie (to keep you signed in) and a language-preference cookie. We use no advertising or tracking cookies and no analytics tools.
3. App permissions
Microphone: used for voice commands. Speech is converted to text by your phone's speech service (e.g. Google's on Android), which may process audio under its own policy. We receive only the resulting text and store no audio recordings.
Camera: used only to scan a QR code when pairing a device. Scanning happens on your device; no photos or videos are stored.
4. Google Home link (optional)
If you link your account to Google Home, we share your device list (name, type, identifier) with Google and receive commands from it (e.g. on/off, volume). Google's side is governed by Google's own privacy policy. You can unlink at any time in the Google Home app, which revokes the related access tokens.
5. How we use data
Only to: (a) operate the service (performance of contract), (b) keep it secure and prevent abuse (legitimate interest), and (c) connect to Google only when you ask for it (consent). We do not sell data, show ads, or build user profiles.
6. Who we share data with
Only the processors needed to run the service: our hosting provider and our email-delivery provider (for sign-in codes), plus Google only if you link Google Home. We may disclose data where required by law.
7. Retention
Account data is kept while you have an account. You can delete your account in the app (Settings → Delete account); this removes your account, devices, and history. Sign-in codes expire in 10 minutes; app tokens expire automatically (30 days idle / 90 days absolute); rate-limit records are short-lived.
8. Security
We use HTTPS, hashed code storage, optional two-factor authentication, and access controls. However, no method of transmission or storage is 100% secure — no one can honestly guarantee that.
9. Your rights (GDPR)
You may request access, correction, deletion, restriction, portability, or object to processing — contact privacy@microremote.gr. You also have the right to lodge a complaint with your supervisory authority (in Greece: the Hellenic Data Protection Authority, www.dpa.gr).
10. Children
The service is not directed to children. If you believe a child has provided us data, contact us and we will delete it.
11. Changes
Any changes will be posted on this page with a new "last updated" date.