Our approach to camera privacy.
Every CCTV and AI-camera install we do follows the same principles. This page is the long version — useful before you commission us, and a handy artefact to hand to a workplace H&S officer, a neighbour, an insurer, or a DPIA reviewer who asks "how is this actually set up?".
1. Footage stays on your kit
Every system we install records to a Network Video Recorder (NVR) or Cloud Key that lives at your property — a small appliance in a cupboard, comms rack or site cabinet. Footage does not pass through a third-party cloud service to be stored or analysed. If your broadband goes down, the cameras keep recording locally; nothing is lost.
Off-site backup is an option, not a default. If you want encrypted off-site copies, we'll set it up — to a location you choose (your own object storage, a second site you own, or a UK-based service we agree on together). It's never a condition of the system working.
2. AI runs on the camera, not in someone's data centre
The cameras we install carry their own neural-processing hardware. Person, vehicle, package, animal and number-plate detection all run on the camera itself. Your video stream is never shipped to a third party for "analysis". Optional features like face recognition are explicitly opt-in, configured per-camera, and the enrolled-faces database lives on your NVR (not a vendor cloud) so you control it — including being able to wipe it in one click.
3. Schedules & geofences are configured before handover
A camera that records 24/7 is rarely what's appropriate, and rarely what's lawful in a workplace or shared environment. Every install ships with recording schedules and geofencing configured to match what you actually need:
- Time-of-day schedules per camera — for example, internal cameras off during occupied hours, on overnight; site cameras off during the working day, on out of hours.
- Geofenced arming using household / staff phones — when the last authorised phone leaves the property, internal cameras switch to "armed" recording; when the first phone returns, they disarm. No manual arming, no forgotten alarm.
- Day-of-week patterns — "weekday only" or "weekend only" schedules where they make sense.
- Holiday modes — a single tap on the dashboard switches the whole system into a configured "away" pattern.
4. Privacy zones are masked at the camera
Where a camera's natural field-of-view includes areas it has no business recording — a neighbour's window, a footpath that isn't yours, a child's bedroom door, a staff break-room — we configure privacy masks at the camera. Those zones are blacked out before the image is encoded, so they aren't stored in the recording at all. We document each mask in the handover pack so the configuration is auditable.
5. Access is per-user, two-factor and audited
Every person who needs to view the system gets their own named login with two-factor authentication mandatory. There is no shared admin password. The system logs who viewed what, when, and from where — so if a question is ever raised, there's an answer. Adding or removing a user is a one-click job; we'll do it for you on care-plan accounts or hand you the dashboard if you'd rather manage it yourself.
6. No ports are opened on your firewall
Remote viewing on a phone or laptop goes through either the vendor's encrypted relay (authenticated end-to-end) or a private VPN we configure on your router. We never expose the recorder or cameras directly to the internet, which is the single most common cause of CCTV systems being compromised in the wild.
7. Retention is set deliberately, not by default
We agree a retention period with you on install — typically 7 days for residential, 30 days for commercial sites where incidents may need investigating — and the recorder is sized accordingly. Once the retention window passes, footage is overwritten automatically. Specific clips can be exported and kept longer (an incident, a billing dispute) but the default is "delete after N days, unless explicitly saved".
8. Workplace installs get a DPIA and signage
For business installs — offices, sites, retail premises, letting properties — we draft a Data Protection Impact Assessment as part of the install package. We supply the mandatory signage for every entrance and viewable area, and we hand over a one-page "what we record, for how long, who can see it, lawful basis" document that satisfies the ICO requirements you'd be checked against in an audit.
We don't provide legal advice and we're not a solicitor — but the documents we hand over are the documents you'd otherwise have to commission separately, and they're written in plain English. You can run them past your own lawyer if you want belt-and-braces.
9. You can leave with everything
We don't lock you into proprietary platforms you can't get out of. The recorder is hardware you own. The footage is files on a disk you own. The configuration is documented in your handover pack. If you ever stop working with us, you can hand the system to another competent engineer (or run it yourself) without losing access to anything.
10. We won't install what we wouldn't install at home
That rules out a list of common things:
- Cloud-only systems where your footage is hostage to a subscription.
- Any system where the AI runs in a third-party data centre and your video is the training data.
- Cameras that share a single account across every household, with no audit trail.
- Installs that require us to open ports on your firewall.
- Cameras pointed at things they shouldn't be pointed at, no matter who's asking.
If a camera install needs one of those things to work, we'll tell you honestly — and either redesign it so it doesn't, or recommend you talk to someone else.