Privacy Policy

Last updated: May 31, 2026

Sentry Studio is a free, open-source project maintained by Jhoan Romero and Scott Vandereems ("we", "us", "our"). This Privacy Policy explains what data we collect, why we collect it, and how we handle it across our free apps and services:

  • Website — sentry-six.com
  • Desktop Application — Sentry Studio for Windows and macOS
  • Sentry USB Device — Raspberry Pi-based smart USB drive for Tesla dashcam recording
  • Sentry Connect iOS App — Companion mobile app for iOS (available on the App Store)
  • Sentry Drive — Desktop drive-history analytics app for Windows and macOS
  • Clip Sharing Service — clip.sentry-six.com
  • Support API — api.sentry-six.com (update checks, diagnostics, support chat)
  • Notification Service — notifications.sentry-six.com (push notification pairing and delivery)

Sentry Cloud (our paid cloud sync service at sentryusb.com) is operated separately and is not covered by this policy. It has its own Terms of Service and Privacy Policy at sentryusb.com/legal.

We are committed to transparency. Sentry Studio is designed with a privacy-first approach — your dashcam footage and personal information stay on your local machine or device unless you explicitly choose to share them.

1. Website (sentry-six.com)

Our website is an informational site. We do not use analytics, tracking scripts, or advertising of any kind on sentry-six.com. With the exception of strictly necessary security cookies used by our infrastructure provider (Cloudflare) to prevent bot attacks, we do not deploy cookies on your device.

The website and the free apps described in this policy have no user accounts or login systems. (Sentry Cloud, our separate paid sync service, does use accounts — it is governed by its own policy at sentryusb.com/legal.) The clip sharing service (clip.sentry-six.com) is a separate service with its own data practices, described below.

Third-Party Services

The website uses the following third-party services:

  • Cloudflare Pages — Our website is hosted on Cloudflare's content delivery network. Cloudflare processes your IP address and request headers to serve the site, and may set a __cf_bm cookie strictly for bot management and security purposes. This is controlled by Cloudflare, not by us. See Cloudflare's Privacy Policy.
  • Google Fonts — We load the Inter typeface from Google's font servers (fonts.googleapis.com). This means your browser makes a connection to Google when loading the site. See Google's Privacy Policy.

2. Desktop Application

Your Dashcam Footage

All of your video files, TeslaCam footage, and SEI telemetry data remain entirely on your local machine. The application processes everything locally. We never access, upload, or transmit your footage — unless you explicitly choose to share a clip using the Clip Sharing feature.

Security & Compatibility Reporting (Mandatory)

To maintain application security, prevent API abuse, and ensure technical compatibility, the app performs a mandatory check with our server during update checks. This includes:

  • User ID (UID) — a SHA-256 hash derived from your machine ID and a salt. This is a pseudonymous, one-way hash: it lets us recognize an installation across update checks but does not, on its own, reveal your name, machine, or identity.
  • Platform and architecture — e.g., "windows", "x64", "macos", "arm64"
  • App version — e.g., "v2026.7.20"

This reporting is a functional requirement for the secure operation of the Service and cannot be disabled. This data helps us ensure you are running a secure version of the app and prevents unauthorized API usage.

Diagnostics (User-Initiated Only)

Diagnostics are never collected automatically. They are only uploaded when you explicitly click "Send Diagnostics" within the in-app support chat. Diagnostic data includes:

  • Operating system and version
  • App version
  • Hardware information (CPU, memory)
  • Redacted terminal/console logs (file paths and personal info are stripped)

Diagnostics are stored on our server for 7 days and then automatically deleted. They are accessible only by the Sentry Studio developer via a secure passcode.

Support Chat

The in-app support chat allows you to communicate directly with the developer. When you open a support ticket:

  • Your messages and any attached media are sent to our support server
  • Your IP address is logged for rate limiting and abuse prevention
  • Messages are forwarded to a private Discord thread for the developer to respond

Closed support tickets and their messages are automatically deleted 7 days after the last activity. Open tickets are retained until resolved.

Local Settings

Your preferences (language, theme, layout, etc.) are stored locally on your machine in a local configuration file. These settings are never transmitted to any server.

3. Sentry USB Device

Local Operation

Sentry USB runs entirely on your local network. Dashcam footage is stored on the Pi's USB drive and is never uploaded to external servers. The Pi serves a local web dashboard accessible only on your network for viewing and managing recordings.

Notification Credentials

When mobile push notifications are enabled, the Pi registers a unique device_id and device_secret with our notification backend (notifications.sentry-six.com). These credentials are used solely to authenticate push notification delivery and are not used for tracking or any other purpose.

Pairing Codes

Temporary 6-character alphanumeric codes are generated on the Pi and registered with our notification backend to pair with the iOS app. Pairing codes expire after 5 minutes and are automatically deleted once consumed or expired.

mDNS / Bonjour

The Pi advertises itself on your local network via mDNS (_sentryusb._tcp) so the iOS app can discover it. This data never leaves your local network.

Bluetooth Low Energy (BLE)

During initial setup, the Pi may advertise a BLE service for WiFi configuration. WiFi credentials are transmitted over BLE directly between your phone and the Pi and are never sent to any external server.

Security & Compatibility Reporting (Mandatory)

Similar to the desktop application, the Sentry USB device performs a mandatory check with our server during update checks. This includes:

  • Device ID (Fingerprint) — a SHA-256 hash derived from the Pi's hardware serial number and a salt. This is a pseudonymous, one-way hash: it lets us recognize a device across update checks but does not, on its own, reveal your name, device, or identity.
  • Platform and architecture — e.g., "arm64"
  • Software version — e.g., "v2026.3.1"
  • SBC model — e.g., "Raspberry Pi 4 Model B"

This reporting is a functional requirement for the secure operation of the device and cannot be disabled. This data helps us ensure your device is running a secure version of the software and prevents unauthorized API usage.

Support Chat

The Sentry USB web interface includes the same in-app support chat system described in Section 2. Messages are proxied through api.sentry-six.com to reach the developer. The same data practices and retention policies apply.

4. Sentry Connect iOS App

Dashcam Footage

The app streams and displays dashcam footage from your Sentry USB device over your local network. Video data never leaves your local network and is never uploaded to our servers.

Push Notifications (APNS)

When you enable push notifications, Apple assigns your device a unique push notification token (APNS token). This token is:

  • Stored locally on your device
  • Sent to notifications.sentry-six.com during the pairing process
  • Used solely to deliver push notifications from your Sentry USB device
  • Not used for tracking, advertising, or any other purpose

Notification Pairing

When you pair with a Sentry USB device for push notifications, the following data is sent to our notification backend:

  • APNS device token — your Apple push notification token
  • Device name — e.g., "Scott's iPhone"
  • Platform — "ios"
  • Pairing ID — a server-generated unique identifier for the pairing

You can remove pairings at any time from the iOS app settings or the Pi's web interface, which deletes your APNS token from our servers.

Saved Devices

Device connection info (hostname, IP address, display name, BLE identifier) is stored locally on your device using iOS UserDefaults. This data is never transmitted to any external server.

Bluetooth (BLE)

The app uses CoreBluetooth for initial device setup, including WiFi configuration. BLE communication occurs directly between your iPhone and the Sentry USB Pi. No BLE data is sent to external servers.

Local Network Discovery

The app uses Bonjour/mDNS to discover Sentry USB devices on your local network. Discovery data (IP addresses, hostnames) stays on your device and is never transmitted externally.

Support Chat

The iOS app includes the same in-app support chat system described in Section 2. When using support chat from the iOS app, your APNS token may also be registered with the support backend to receive reply notifications. The same retention policies described in Section 2 apply.

No Analytics or Tracking

The Sentry Connect iOS app does not include any analytics SDKs, crash reporters, or advertising frameworks. We do not track your usage patterns within the app.

5. Sentry Drive

Sentry Drive is a desktop application for Windows and macOS that visualizes and analyzes your drive history from the SEI telemetry embedded in TeslaCam files. All drive processing happens locally on your computer — your footage and telemetry are never uploaded to us.

Local Processing

Sentry Drive reads the SEI data in your TeslaCam files (GPS coordinates, self-driving state, speed, pedal inputs, and similar) and the optional drives-data.json produced by Sentry USB. This data is processed and stored only on your local machine.

Map Tiles

To display your drives on a map, the app loads map tiles from third-party tile providers (OpenStreetMap/CARTO and Google Maps, depending on the selected map style). Because the tiles requested are determined by where your drives took place, your approximate drive locations are necessarily shared with the chosen tile provider as part of normal map rendering.

Optional Third-Party Features

The following features transmit data only when you explicitly choose to use them:

  • Route reconstruction (OSRM) — The "Fix Broken Drives" feature sends drive coordinates to the public OSRM (Open Source Routing Machine) routing service to reconstruct missing route segments.
  • Tessie import — If you use Tessie import, the app connects to api.tessie.com using an API token you provide to retrieve your drive history. That data is governed by your relationship with Tessie. See Tessie's Privacy Policy.

Updates

Sentry Drive checks for new versions through GitHub Releases. Unlike Sentry Studio and Sentry USB, it does not send a hashed device identifier on update checks.

Sentry Drive is open-source software (originally derived from Sentry USB). Source code: github.com/Sentry-Six/Sentry-Drive.

6. Clip Sharing Service

When you use the clip sharing feature to generate a shareable link, the following data is collected:

  • Video file — your exported MP4 clip is uploaded to our server
  • Original filename — stored alongside the clip for display purposes
  • IP address — logged for rate limiting and abuse prevention
  • Delete token — a unique token generated so you can delete your clip

Clip Viewer Data

When someone views a shared clip, we record their IP address to count unique views (one view per IP per clip). This data is deleted when the clip expires.

Public Accessibility

Shared clips are publicly accessible to anyone with the link. There is no password protection. Do not share clips containing sensitive or private information.

Automatic Deletion

Shared clips are automatically deleted from our servers after a user-selected duration (up to 7 days, default 72 hours). You can also delete your clip at any time using the delete token provided at upload. Once deleted, the video file, thumbnail, and associated view records are permanently removed.

7. Data Retention

Data TypeRetention PeriodDeletion Method
Shared video clipsUp to 7 days (user-selected)Automatic + manual via delete token
Support chat tickets7 days after last activity (closed tickets)Automatic
Diagnostic uploads7 daysAutomatic
Installation records — Desktop (secure device hash)IndefiniteOn request
Installation records — Sentry USB (secure hardware hash)IndefiniteOn request
Rate limiting data (IP-based & secure device hash)In-memory onlyCleared on server restart or window expiry
Security lockout & ban records (IP-based)IndefiniteAt our sole discretion
Local app settingsUntil you uninstallDeleted with app data on uninstall
APNS device tokensUntil unpairing or token invalidationManual unpair or automatic cleanup
Notification pairingsUntil manually removedUser-initiated via app or Pi web UI
Pairing codes5 minutesAutomatic (expiry + consumed cleanup)
Device registrations (device_id, hostname)Indefinite (while Pi is active)On request
Saved devices (iOS local)Until app deletion or manual removalUser-initiated or app uninstall

8. Data Location & International Transfers

Our backend server (api.sentry-six.com) and notification service (notifications.sentry-six.com) are hosted on a dedicated server in Montreal, Canada provided by OVHcloud. Data you send to our API — including shared clips, diagnostics, support messages, and notification pairing data — is stored in Canada.

Our website (sentry-six.com) is served globally via Cloudflare's CDN, which may route your request through servers in various countries.

By using our services, you acknowledge that your data may be processed in Canada and through Cloudflare's global network, which may be in a jurisdiction different from your own.

9. IP Addresses & Access Restrictions

We use IP addresses for rate limiting, abuse prevention, and security purposes. IP addresses are used to:

  • Enforce upload and request rate limits
  • Count unique clip views
  • Detect and prevent brute-force attacks on the support system
  • Temporarily lock out or permanently ban abusive IP addresses

We reserve the right to restrict or deny access to any of our services, at any time, for any reason, without notice or explanation. This includes but is not limited to temporary lockouts, permanent IP bans, and content removal.

10. What We Do NOT Collect

For the free apps and services covered by this policy (this section does not describe Sentry Cloud — see sentryusb.com/legal):

  • We do not require an account, name, email address, or contact information to use these apps
  • We do not use marketing analytics, advertising, or commercial trackers
  • We do not sell, rent, or share your data with third parties for commercial purposes
  • We do not access your dashcam footage — it stays on your local machine or Sentry USB device and is only viewable on your local network
  • We do not track your usage patterns within the desktop applications or iOS app
  • We do not upload your drive telemetry or location data — Sentry Drive processes it locally (see Section 5 for the optional features that contact third parties at your request)
  • We do not use any analytics, crash reporting, or advertising SDKs in the iOS app

11. Your Rights & Choices

  • Delete shared clips — Use the delete token provided at upload, or use the "My Shared Clips" panel in the app.
  • Request data deletion — Contact us to request deletion of your UID installation record or any other data associated with you.
  • Delete local data — Uninstalling the app removes all locally stored settings, diagnostics, and cached data.
  • Unpair notifications — Remove push notification pairings from the iOS app settings or the Pi's web interface. This deletes your APNS token from our servers.
  • Delete saved devices — Remove saved Sentry USB devices from the iOS app at any time. This only affects local storage on your phone.

European & UK Users

These apps are available worldwide, so residents of the EEA and UK may use them. For the limited personal data we receive — the mandatory update-check identifier, and any data you actively send us via clip sharing, diagnostics, or support:

  • Legal basis — We rely on our legitimate interest (GDPR Art. 6(1)(f)) in maintaining the security, integrity, and compatibility of the software for the mandatory update-check reporting, and on your consent or our legitimate interest for data you choose to send us.
  • Your rights — You have the right to access, rectify, erase, restrict, or object to our processing of your personal data, and to data portability, subject to applicable law.
  • How to exercise them — Contact us using the details in the Contact section below. We act as the data controller for these services.

12. Age Requirement

Our services are intended for users who are at least 18 years of age. We do not knowingly collect data from anyone under 18. If you believe someone under 18 has provided us with data, please contact us and we will take steps to remove it.

13. Security

We take reasonable measures to protect your data, including:

  • HTTPS/TLS encryption for all API and website connections
  • Rate limiting and lockout mechanisms to prevent abuse
  • Timing-safe comparisons for authentication tokens
  • Automatic expiration and deletion of temporary data
  • Security headers (HSTS, X-Content-Type-Options, X-Frame-Options, etc.)

No system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

14. Third-Party Links & Services

Our services may link to external sites such as GitHub (for downloads and source code) and Discord (for community and support). These third-party services have their own privacy policies, and we are not responsible for their practices.

Sentry Studio is not affiliated with Tesla, Inc. in any way.

15. Source Code Transparency

The Sentry Studio desktop viewer and Sentry Drive are open-source software licensed under the MIT License. The Sentry USB Pi device software is source-available under the PolyForm Noncommercial License 1.0.0 (some bundled components remain MIT-licensed). In every case, you can review exactly what data these applications collect by inspecting the source code on GitHub:

The Sentry Connect iOS app is distributed via the Apple App Store and is not open source.

16. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of our services after changes constitutes acceptance of the revised policy.

17. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, you can reach us through: