Terms of Service
Effective Date: 16th of July 2026 • Last Updated: 16th of July 2026
CCTVpilot is a product provided by LumoCodes. In these Terms of Service (“Terms”), “LumoCodes,” “we,” “our,” and “us” refer to the provider, and “you” refers to the person or organisation using the Service. These Terms govern the CCTVpilot business-management product website at cctvpilot.com, application at app.cctvpilot.com, and help centre and support documentation at support.cctvpilot.com (collectively, the “Service”). “App” refers specifically to the CCTVpilot application. Part B of these Terms is the Data Processing Agreement (“DPA”) that applies when LumoCodes processes Customer Personal Data on behalf of a CCTVpilot customer acting as controller. A separate program or portal that displays its own terms is governed by those terms instead. By accessing or using the Service, you agree to these Terms. If you do not agree, do not use the Service.
Part A - General Terms of Service
1. Description of Service
CCTVpilot is a business management tool designed for CCTV installation professionals and project managers. The App provides features including, but not limited to:
- Project management and tracking.
- Client, vendor, and personnel management.
- Inventory and equipment tracking, including serial number management and barcode/QR code scanning.
- Financial document generation (Quotations, Invoices, Receipts).
- Cash flow and profit/loss reporting per project.
- Business statistics and analytics dashboard with date-range filtering.
- Procurement management, grouped by vendor and linked to quotations.
- Project logistics tracking
- Authenticated search across your projects, clients, vendors, personnel, inventory, and equipment records.
- Interactive site plan drawing tool with camera placement and cable path planning.
- Specialized CCTV technical calculators.
1.1. Product Representation
Screenshots, mockups, images, and videos of the App in marketing materials are illustrative. The interface and non-essential features may change as the Service develops, so marketing materials may not always show the latest version. Where reasonably practicable, we will provide advance notice before materially removing a core paid feature during an access period already purchased, except where an immediate change is required for security, legal compliance, third-party dependency changes, or prevention of harm.
1.2. Support and Help Materials
The help centre at support.cctvpilot.com, together with its articles, tutorials, screenshots, examples, and other help content (“Support Materials”), is provided as general operational guidance. We use reasonable efforts to keep Support Materials accurate and current, but the Service may change before every affected page is updated. Support Materials may therefore not immediately reflect the latest interface, features, limits, availability, or procedures and may contain errors or omissions.
Support Materials do not independently amend these Terms, guarantee that a feature will remain available, create a warranty or service-level commitment, or override a case-specific commitment expressly confirmed in writing by authorised LumoCodes personnel. If Support Materials conflict with controlling documents, the following documents govern according to their subject matter: checkout or order-specific terms govern the plan, price, billing model, access period, and purchased limits; the Refund Policy governs refund eligibility; the LumoCodes Privacy Policy and Product Data Controls Notice govern LumoCodes’ processing as controller; Part B governs LumoCodes’ processing of Customer Personal Data as processor; and these Terms govern other use of the Service.
This section does not exclude any express commitment or mandatory right that applies to you. When LumoCodes becomes aware of a material inaccuracy in Support Materials that is likely to affect user decisions, rights, data handling, billing, or security, LumoCodes will use reasonable efforts to correct or clearly label it within a reasonable period. If a support page appears to conflict with the App or a controlling document, contact support@lumocodes.com before relying on it for a material decision.
2. Account Registration and Security
To access the App, you must register for an account using a valid email address, a password, and your company name. Upon registration, a verification email will be sent to you. You must verify your email address before you can sign in. You agree to:
- Provide accurate, current, and complete information during the registration process, including your company name.
- Use an email address that you control and that is not a temporary, disposable, or single-use email address. Use of temporary or disposable email addresses is considered a violation of these Terms.
- Maintain and promptly update your account information.
- Maintain the security of your password and accept all risks of unauthorized access to your account and the information you provide. The App offers a “Keep me signed in” option that persists your session across browser restarts; you are responsible for using this option safely, particularly on shared devices.
- Notify us immediately if you discover or otherwise suspect any security breaches related to the App.
2.1 Business Use, Age, and Authority
CCTVpilot is intended for CCTV installation professionals, sole proprietors, companies, and other users acting for business or professional purposes. You must be at least 18 years old and legally capable of entering into a binding agreement. If you create or use an account for an organisation, you represent that you have authority to bind that organisation to these Terms.
The Service is not offered primarily for personal, family, or household use. However, nothing in these Terms excludes any mandatory consumer or other statutory right that applies to you despite that intended business use.
3. User Data and Content
3.1 Ownership
You retain all rights and ownership of the data, files, and information that you upload or input into the App (“User Content”). This includes your client lists, financial records, project details, and company branding assets (such as logos and your own Terms of Service).
3.2 Sensitive Business Information
The App allows you to store sensitive business information in your Settings profile, including company bank account details (account name, account number, bank name, and branch). This information is stored securely in our database and is used exclusively to auto-populate your financial documents. We strongly recommend that you review your account access controls and use a strong, unique password to protect this information.
3.3 License to Use
By using the App, you grant LumoCodes a worldwide, non-exclusive, royalty-free licence to host, store, reproduce, transmit, process, format, index, and display User Content only as reasonably necessary to operate, secure, support, and improve the Service; provide features you request, including search and document generation; comply with law; and use contracted service providers for those purposes. This licence does not transfer ownership of User Content to LumoCodes and ends when the relevant content is deleted, except to the extent that limited copies remain in lawful records or provider backups.
3.4 Data Responsibility
You are solely responsible for the accuracy, quality, integrity, legality, reliability, and appropriateness of all User Content. You confirm that you have obtained all necessary consents to input personal data of third parties (such as your clients or personnel) into the App.
3.5 Data Processing Agreement
Where User Content includes personal data for which you act as controller and LumoCodes acts as processor, Part B of these Terms governs LumoCodes’ processing of that Customer Personal Data on your behalf.
3.6 Product Feedback
Bug reports are private to you and authorised LumoCodes personnel. Feature requests, improvements, and questions or other feedback are displayed to other signed-in CCTVpilot users with the display name shown at submission. You grant LumoCodes a perpetual, worldwide, non-exclusive, royalty-free licence to host, reproduce, display, adapt, and use ideas or suggestions submitted as product feedback without an obligation to compensate you. This does not permit LumoCodes to publish confidential workspace content that you did not choose to include in feedback.
LumoCodes may classify, moderate, edit for formatting, close, or remove feedback to operate the feedback service, protect users, or enforce these Terms. Do not include confidential client data, credentials, payment details, unlawful material, or personal data that is unnecessary for the feedback purpose.
4. Pricing and Billing
The App is offered across multiple plans (Starter, Plus, Pro, and Enterprise), and may also offer optional add-ons such as extra project capacity. Pricing, billing models, available access periods, add-on quantities, currencies, and checkout terms are detailed on our website and may vary by plan, billing region, and over time.
4.1 Free Trial
Eligible new accounts created after the trial feature is launched receive a 14-day Pro trial. No credit card is required to start a trial. A free trial may be claimed only once per person, business, and email address. Deleting your account, abandoning your account, or creating another account with the same email address does not reset trial eligibility or create a right to another trial. If you delete your account during a trial, the trial ends immediately and remains treated as claimed. At the end of the trial period, continued access requires a paid plan.
Attempts to obtain multiple trials, including by using temporary or disposable email addresses, aliases, misleading account information, or other evasive sign-up methods, are a violation of these Terms. We may deny, cancel, suspend, or terminate trial access where we reasonably believe trial limits are being bypassed.
4.2 Access Periods and Billing
Paid access is currently provided through one-time payments for a fixed monthly or yearly period. The plan, access duration, currency, and price applicable to your purchase will be shown at checkout. Paid access expires at the end of the purchased period without automatic renewal.
4.3 Project Add-ons
The App may allow active paid accounts to purchase project add-ons or similar usage-based capacity. Unless otherwise stated at checkout, add-ons increase capacity only for the stated usage period, do not extend your plan access period, do not automatically renew, and unused add-on capacity expires when the applicable usage period resets.
4.4 Cancellation
Because paid plans do not auto-renew, there is no recurring subscription to cancel. You may choose not to renew at the end of the current access period.
4.5 Pricing Changes
We reserve the right to change prices at any time. Updated pricing will be reflected on our website. Changes do not affect access periods already paid for.
4.6 Refunds
Payments are refundable only as stated in our Refund Policy or where required by applicable law. The Refund Policy describes LumoCodes’ discretionary refund rules and does not exclude statutory remedies, service-conformity rights, or other rights that cannot lawfully be waived. If you believe you have been charged in error, contact our support team promptly.
4.7 Data Retention After Expiry or Non-Renewal
When your trial or paid access expires, your ability to access or modify data may be restricted until you renew or upgrade. Plan expiry alone does not delete all account data. Scheduled cleanup currently removes draft or quoted projects and unselected quotations that have not been updated for 45 days on Starter, 60 days on Plus, 90 days on Pro, or 180 days on Enterprise. Other account and transaction records may be retained for the operational, security, legal, accounting, dispute-resolution, renewal, and export purposes described in the Product Data Controls Notice.
If you wish to export your data, you should do so while your account is accessible or contact support before requesting account deletion. Account deletion and stale-data cleanup are described further in our Product Data Controls Notice and the LumoCodes Privacy Policy.
5. Acceptable Use
You agree not to use the App to:
- Violate any applicable local, state, national, or international law.
- Infringe upon the rights of others, including intellectual property rights.
- Upload viruses, malware, or other malicious code.
- Attempt to gain unauthorized access to the App, other user accounts, or computer systems or networks connected to the App.
- Interfere with or disrupt the integrity or performance of the App.
- Use temporary, disposable, or single-use email addresses, or otherwise create accounts to evade trial limits, billing limits, suspension, or enforcement actions.
- Submit feedback or other content that is unlawful, abusive, defamatory, infringing, deceptive, or that exposes another person’s confidential information or unnecessary personal data.
6. Termination and Account Suspension
6.1 Suspension
We may temporarily suspend some or all account access if we reasonably believe that:
- Your account has been compromised or is being accessed without authorisation.
- You are in breach of these Terms or any applicable law.
- Continued access poses a risk to the security or integrity of the App or other users.
We will limit a suspension to the scope and duration reasonably necessary to address the risk. Where reasonably practicable, we will notify you and provide an opportunity to correct the issue. We may suspend immediately where delay could create a security risk, enable fraud or abuse, harm another person, compromise an investigation, or violate law.
6.2 Termination for Violations
We may terminate your account if:
- You materially breach these Terms and, where the breach can reasonably be corrected, do not correct it within the period stated in our notice.
- You repeatedly breach these Terms.
- You engage in fraudulent, abusive, or illegal activity through the App.
- We are required to do so by law or a competent authority.
Advance notice and a cure period are not required where the breach cannot reasonably be corrected, immediate termination is necessary for security or fraud prevention, notice is prohibited by law, or you have repeatedly committed substantially similar breaches.
You may terminate your CCTVpilot account at any time using Settings > Account Security or by contacting support.
6.3 Effect of Termination
Upon termination of your account for any reason:
- Your right to access and use the App will cease immediately.
- Any active free trial will end immediately, and the trial will remain treated as claimed for future eligibility purposes.
- Any outstanding balance or fees owed to us remain payable.
- Sections of these Terms that by their nature should survive termination (including, without limitation, Sections 3, 9, 10, 11, 12, and 14) will remain in full force and effect.
- Your data will be retained, restricted, deleted, or otherwise handled in accordance with Section 4.7, our Product Data Controls Notice, and the LumoCodes Privacy Policy.
- Where reasonably practicable and not prevented by security, fraud, legal, or technical constraints, we may provide a limited opportunity to request an export of applicable data following a non-urgent suspension or termination.
7. Offline Capabilities and Data Sync
The App uses Firebase’s persistent local cache to allow you to read and modify your data without an internet connection. Changes made offline are queued locally and automatically synced with our servers when connectivity is restored. You acknowledge that:
- The offline cache is stored in your browser’s IndexedDB. Clearing your browser data or storage will permanently delete any unsynced offline changes.
- Firebase’s built-in conflict resolution handles concurrent writes across multiple browser tabs. Where conflicts occur, the last write generally takes precedence, which may overwrite changes made simultaneously on another tab or device.
- We are not responsible for data loss resulting from device failure, browser cache clearing, or browser storage limits being exceeded while offline.
8. Financial Tools and Calculations
The App provides tools for generating financial documents (quotations, invoices, receipts) and calculating project profitability, including cash flow summaries, profit/loss breakdowns, and overall business statistics. While we strive for accuracy, you are responsible for verifying all calculations, prices, tax applications, and totals before sending documents to your clients. We do not guarantee that the financial reports will be error-free or compliant with your specific local accounting regulations.
The technical calculators provided (e.g., disk storage, bandwidth, FOV, PoE) are intended as estimation aids only. Real-world results may vary based on environmental conditions, hardware specifications, and installation factors. You are responsible for independently verifying all technical calculations before use in a professional context.
9. Intellectual Property
The App itself, including its source code, design, text, graphics, and interface, is owned by LumoCodes or its licensors. Subject to these Terms and payment of applicable fees, LumoCodes grants you a limited, non-exclusive, non-transferable, and revocable licence to use the App for your internal business purposes during your authorised trial or paid access period.
10. Disclaimer of Warranties
The App is provided on an “AS IS” and “AS AVAILABLE” basis to the maximum extent permitted by law. LumoCodes disclaims warranties that may lawfully be excluded, including implied warranties of merchantability, fitness for a particular purpose, and non-infringement. We do not warrant that the App will be uninterrupted, timely, secure, or error-free. This section does not exclude an express commitment in these Terms or any warranty, statutory remedy, or service-conformity right that cannot lawfully be excluded.
11. Limitation of Liability
To the maximum extent permitted by law, LumoCodes shall not be liable for indirect, incidental, special, consequential, or punitive damages, including loss of profits, data, use, goodwill, or other intangible losses, arising from access to, use of, or inability to use the App.
Liability Cap: To the maximum extent permitted by law, LumoCodes’ total aggregate liability for all claims arising out of or relating to these Terms or the Service shall not exceed the fees attributable to the three (3) months of paid CCTVpilot access immediately preceding the event giving rise to the claim. For yearly or other prepaid fixed-period access, fees will be allocated proportionately across the purchased access period when calculating this cap.
Exceptions: Nothing in these Terms excludes or limits liability for fraud, wilful misconduct, gross negligence, death or personal injury caused by negligence where such liability cannot be limited, breach of obligations that applicable data-protection law does not permit us to limit, or any other liability or statutory right that cannot lawfully be excluded or limited.
12. Indemnification
To the extent permitted by law, you agree to indemnify LumoCodes and its personnel against third-party claims, damages, losses, liabilities, and reasonable legal costs to the extent caused by:
- User Content that infringes another person’s intellectual-property, privacy, confidentiality, or other legal rights.
- Your unlawful or fraudulent use of the App.
- Your material breach of these Terms or of a duty you owe as controller of personal data entered into the App.
LumoCodes will give you reasonably prompt notice of an indemnified claim and reasonable control of its defence and settlement, provided that you may not settle a claim in a way that admits fault by LumoCodes or imposes an obligation on LumoCodes without our written consent. LumoCodes may participate in the defence with counsel at its own expense. Your indemnity is reduced to the extent that LumoCodes caused or materially contributed to the claim.
13. Force Majeure
Neither party shall be liable to the other for any delay or failure to perform its obligations under these Terms to the extent that such delay or failure is caused by circumstances beyond its reasonable control, including but not limited to acts of God, natural disasters, epidemic or pandemic, war, terrorism, civil unrest, government action or regulation, power or internet outages, or failures of third-party service providers (including Firebase, Algolia, PayHere, payment gateways, analytics providers, or other infrastructure providers).
The affected party shall notify the other as soon as reasonably practicable upon becoming aware of a force majeure event and shall use reasonable efforts to resume performance as soon as possible. If a force majeure event continues for more than thirty (30) days, either party may terminate the affected obligations upon written notice, without liability, subject to any amounts already due and payable.
14. Governing Law and Jurisdiction
These Terms and any dispute or claim arising out of or in connection with them (including non-contractual disputes or claims) shall be governed by and construed in accordance with the laws of Sri Lanka, without regard to its conflict of law principles.
You agree to submit to the exclusive jurisdiction of the courts of Sri Lanka for the resolution of any disputes arising out of or relating to these Terms or your use of the App.
Nothing in this section deprives you of the protection of mandatory laws or a mandatory forum that applies despite this choice of law and jurisdiction.
15. Modifications to Terms
We may modify these Terms as the Service, law, or our business changes. Updated Terms will be posted with a revised “Last Updated” date. Changes that do not materially reduce your rights may take effect when posted.
For a material change that adversely affects existing users, we will provide reasonable advance notice through the Service, email, or another appropriate channel where reasonably practicable. A material change will not retroactively alter the price, access period, or core purchase terms of an access period already paid for. If you do not agree to updated Terms, you must stop using the Service before they take effect. Continued use after the effective date constitutes acceptance only to the extent permitted by applicable law.
Changes to the Data Processing Agreement in Part B are governed by Section 27.
16. Contact Us
For questions or concerns regarding these Terms, please contact:
Address: LumoCodes, Elawaka Road, Kumbukwewa, Nikaweratiya.
Email: support@lumocodes.com
Phone: +94 77 020 5866
Part B - Data Processing Agreement
17. Scope and Definitions
17.1 Application
This Part B applies only to the extent that LumoCodes processes Customer Personal Data as a processor on behalf of a customer that is a controller. It does not govern personal data for which LumoCodes independently determines the purposes and means of processing, such as account administration, billing, security, usage analytics, Partner Rewards administration, and LumoCodes’ own legal compliance. Those activities are governed by the CCTVpilot Product Data Controls Notice and the LumoCodes Privacy Policy.
Part B is part of these Terms and becomes binding when the Customer accepts these Terms, creates or uses a CCTVpilot account for an organisation, or otherwise enters into an agreement that incorporates these Terms.
17.2 Parties
The “Customer” is the person or organisation that controls the CCTVpilot account and determines why and how Customer Personal Data is processed. “LumoCodes” is the processor for Customer Personal Data.
If an individual accepts these Terms on behalf of an organisation, that individual represents that they have authority to bind that organisation to this DPA.
17.3 Definitions
For Part B:
- “Applicable Data Protection Law” means data protection or privacy law that applies to the relevant processing, including the Sri Lankan Personal Data Protection Act, No. 9 of 2022, as amended, when applicable.
- “Customer Personal Data” means personal data contained in User Content that LumoCodes processes on the Customer’s behalf, including personal data relating to the Customer’s clients, vendor contacts, personnel, and other individuals entered into the App.
- “Data Subject,” “Controller,” “Processor,” “Processing,” “Personal Data,” and “Personal Data Breach” have the meanings given by Applicable Data Protection Law.
- “Subprocessor” means another processor engaged by LumoCodes to process Customer Personal Data.
17.4 Order of Precedence
If Part B conflicts with Part A or the Product Data Controls Notice concerning LumoCodes’ processing of Customer Personal Data as processor, Part B prevails for that conflict. Part A continues to govern all other matters.
18. Processing Details and Customer Instructions
18.1 Processing Details
The subject matter, duration, nature, purpose, categories of personal data, and categories of data subjects are described in DPA Schedule 1 and the relevant sections of the Product Data Controls Notice.
18.2 Documented Instructions
The Customer instructs LumoCodes to process Customer Personal Data:
- to provide, operate, secure, maintain, and support CCTVpilot;
- to perform the features the Customer selects, including data storage, authenticated search, calculations, document generation, synchronisation, export, and deletion;
- to prevent fraud, abuse, and security incidents affecting the Service or Customer Personal Data;
- through the Subprocessors authorised under Section 22; and
- as otherwise documented in the Customer’s configuration, use of the Service, support requests, and written communications.
LumoCodes will process Customer Personal Data only on documented instructions from the Customer unless processing is required by applicable law. Where legally permitted, LumoCodes will notify the Customer before processing required by law.
If LumoCodes reasonably believes that an instruction infringes Applicable Data Protection Law, it may inform the Customer and suspend the affected processing until the instruction is clarified, corrected, or confirmed as lawful. LumoCodes is not required to perform an instruction that is technically impossible, would compromise the security or rights of another customer or person, or is prohibited by law.
19. Customer Obligations
The Customer is responsible for:
- determining that its instructions and use of CCTVpilot comply with Applicable Data Protection Law;
- having all rights, notices, lawful bases, consents, and authorisations necessary to collect and provide Customer Personal Data to LumoCodes;
- ensuring that Customer Personal Data is adequate, relevant, accurate, and limited to what is necessary;
- responding to Data Subject requests and regulatory enquiries as controller;
- configuring and using the Service securely, protecting account credentials and devices, and limiting access to authorised persons;
- avoiding unnecessary special-category, highly sensitive, or confidential personal data in free-text fields, uploaded files, or other areas not designed for that data; and
- notifying LumoCodes promptly if the Customer becomes aware that an instruction, account activity, or item of Customer Personal Data is unlawful or presents a material security risk.
The Customer must not instruct LumoCodes to process personal data in violation of law or the rights of a Data Subject.
20. LumoCodes Processor Obligations
LumoCodes will:
- process Customer Personal Data only in accordance with Section 18;
- ensure that personnel authorised to process Customer Personal Data are subject to appropriate confidentiality obligations;
- implement and maintain the technical and organisational measures described in DPA Schedule 2;
- provide reasonable assistance under Sections 21, 23, and 24, taking into account the nature of processing and the information available to LumoCodes;
- maintain records and information reasonably necessary to demonstrate compliance with its processor obligations;
- not sell Customer Personal Data or use it for behavioural advertising, model training, or unrelated profiling; and
- notify the Customer if LumoCodes can no longer meet a material obligation under this DPA.
LumoCodes may generate and use information that has been aggregated or anonymised so that it no longer identifies the Customer, a Data Subject, or the contents of Customer Personal Data, provided that the information is not used to re-identify any person.
21. Security and Personal Data Breaches
21.1 Security Measures
LumoCodes will maintain technical and organisational measures appropriate to the nature, scope, context, and risks of the processing. The current measures are summarised in DPA Schedule 2. LumoCodes may update those measures as technology and risks change, provided that an update does not materially reduce the overall protection of Customer Personal Data.
21.2 Incident Notification
After becoming aware of a confirmed Personal Data Breach affecting Customer Personal Data, LumoCodes will notify the Customer without undue delay. The notice will provide information reasonably available to LumoCodes concerning:
- the nature of the breach;
- the categories of data and Data Subjects affected;
- likely consequences;
- measures taken or proposed to contain, investigate, and mitigate the breach; and
- an appropriate contact for follow-up.
Information may be provided in phases where it is not available at the same time. Notification is not an admission of fault or liability.
The Customer remains responsible for determining whether it must notify a Data Subject, authority, client, employee, or other person. LumoCodes will provide reasonable assistance for that assessment and notification where required by Applicable Data Protection Law.
22. Subprocessors
22.1 General Authorisation
The Customer gives LumoCodes general written authorisation to use the Subprocessors listed in DPA Schedule 3 and their disclosed infrastructure subprocessors for the purposes described there.
22.2 New or Replacement Subprocessors
LumoCodes will provide at least fourteen days’ advance notice before appointing a new or replacement Subprocessor that will materially process Customer Personal Data, where reasonably practicable. Notice may be provided by email, through the Service, or by updating these Terms with an additional notice.
The Customer may object during that notice period on reasonable, documented data-protection grounds. The parties will work in good faith to resolve the objection. If no commercially reasonable alternative is available, either party may terminate the affected processing or Service without penalty for the unprovided future portion of the Service. Failure to object within the notice period constitutes authorisation of the change.
An emergency replacement may be made without advance notice where necessary to maintain security, availability, or legal compliance, provided that LumoCodes gives notice as soon as reasonably practicable.
22.3 Subprocessor Obligations
LumoCodes will engage each Subprocessor under a written agreement, which may consist of the Subprocessor’s standard online terms and data-processing addendum accepted by LumoCodes. That agreement must include data-protection obligations applicable to the processing performed by the Subprocessor that are materially consistent with the relevant obligations under this DPA. LumoCodes does not represent that it negotiated or drafted a Subprocessor’s standard terms.
LumoCodes does not control a Subprocessor’s day-to-day operations and does not guarantee that a Subprocessor will never experience a failure, security incident, or breach. This does not limit LumoCodes’ responsibility to the Customer for the performance of applicable Subprocessor obligations to the extent imposed by Applicable Data Protection Law.
23. Data Subject Requests and Compliance Assistance
Taking into account the nature of the processing, LumoCodes will provide reasonable assistance to enable the Customer to respond to requests involving Customer Personal Data, including access, correction, deletion, restriction, objection, or portability where the relevant right applies.
If LumoCodes receives a request directly from a Data Subject concerning Customer Personal Data, LumoCodes may direct the requester to the Customer and will not independently respond on the merits unless authorised by the Customer or required by law.
LumoCodes will also provide information reasonably available to it to assist the Customer with:
- data-protection impact assessments;
- prior consultation or engagement with a competent authority;
- records of processing;
- security and breach assessments; and
- other controller obligations directly related to the Service.
LumoCodes may charge reasonable costs for unusually extensive, repetitive, or customised assistance that goes beyond the standard functionality and support included with the Service, where permitted by law and agreed in advance.
24. Audit and Demonstration of Compliance
On reasonable written request, LumoCodes will provide information reasonably necessary to demonstrate compliance with this DPA. LumoCodes may satisfy this obligation by providing relevant policies, summaries, questionnaires, Subprocessor terms, security documentation, or independent audit or certification materials that are available to it.
If that information is not reasonably sufficient, the Customer may request an audit no more than once in any twelve-month period, except following a confirmed material breach or where a competent authority requires more frequent review. An audit must:
- be limited to processing covered by this DPA;
- be conducted by the Customer or an independent auditor bound by confidentiality;
- take place on at least thirty days’ notice during normal business hours;
- avoid unreasonable disruption, access to another customer’s data, disclosure of security-sensitive information, and testing that could harm the Service; and
- comply with reasonable security and confidentiality procedures.
The Customer bears its audit costs and LumoCodes’ reasonable costs of supporting an audit, unless the audit identifies a material breach of this DPA by LumoCodes.
25. Cross-Border Processing
The Customer authorises LumoCodes and its authorised Subprocessors to process Customer Personal Data in countries where they operate, subject to Applicable Data Protection Law.
LumoCodes will use applicable contractual commitments, provider data-processing terms, approved transfer instruments, or other lawful safeguards required for cross-border processing. Where a new legally required transfer mechanism replaces or supplements an existing mechanism, that mechanism is incorporated into this DPA to the extent necessary to lawfully continue the affected processing.
The Customer is responsible for any cross-border transfer that results from the Customer independently exporting, disclosing, or instructing delivery of Customer Personal Data to a recipient selected by the Customer.
26. Return and Deletion of Customer Personal Data
During an active account, the Customer may delete records through the App and may use available export features or request a structured export through support as described in the Product Data Controls Notice.
Account deletion constitutes an instruction to delete active Customer Personal Data and initiates deletion of the Customer’s private workspace, associated search records, and authentication account. The Customer must complete an available export or request return of reasonably exportable Customer Personal Data before initiating account deletion. Once account deletion is initiated, the private workspace is no longer technically available for return or restoration, and no post-deletion recovery period applies.
If LumoCodes terminates the Service without immediately deleting the account, the Customer may request return during any limited export period that LumoCodes expressly makes available under Section 6.3. Such a period may not be available where immediate suspension or deletion is reasonably necessary for security, fraud prevention, legal compliance, protection of another person, or technical integrity.
Once account deletion is initiated, or after any expressly provided export period following termination ends, LumoCodes will delete the applicable Customer Personal Data from active systems within a reasonable period, except where retention is required or permitted by Applicable Data Protection Law for a legal obligation or to establish, exercise, or defend legal rights. Any such retained Customer Personal Data will be isolated from ordinary product use and processed only for the applicable retention purpose.
Limited copies may remain temporarily in provider backups, logs, or disaster-recovery systems until overwritten or expired under the provider’s ordinary retention cycle. LumoCodes is not required to return or delete information that is not Customer Personal Data or that LumoCodes processes independently as controller, including account, billing, security, fraud-prevention, trial-eligibility, and legal records described in the Product Data Controls Notice.
27. Term, Termination, and Changes to Part B
This DPA remains in effect for as long as LumoCodes processes Customer Personal Data on the Customer’s behalf. Provisions concerning confidentiality, audit evidence, return and deletion, liability, and any other provision that by its nature should survive will continue for as long as relevant Customer Personal Data is retained.
LumoCodes may update Part B where necessary to reflect changes in law, regulation, security practices, Subprocessors, or the Service. Changes that do not materially reduce Customer protections may take effect when posted with a revised “Last Updated” date.
LumoCodes will provide reasonable advance notice of a material adverse change to Part B where reasonably practicable. A material adverse change will not retroactively reduce obligations applicable to processing that occurred before the change took effect. If the Customer objects to such a change, the Customer must notify LumoCodes before its effective date and may stop using or terminate the affected Service. Continued use after the effective date constitutes acceptance to the extent permitted by law.
28. Liability and Governing Law
The liability provisions, exclusions, remedies, governing law, and jurisdiction in Part A apply to this DPA. Nothing in this DPA limits a liability, remedy, regulatory power, or Data Subject right that cannot lawfully be limited.
DPA Schedule 1 - Processing Details
| Item | Details |
|---|---|
| Subject matter | Hosting and operating CCTVpilot features that the Customer uses to collect, store, organise, retrieve, update, search, calculate with, display, export, and delete Customer Personal Data. |
| Duration | For the life of the Customer’s account and any expressly provided pre-deletion return period, deletion period, backup lifecycle, and legally permitted or required retention period described in Section 26. |
| Nature of processing | Collection at the Customer’s direction, recording, organisation, structuring, storage, retrieval, consultation, authenticated display, alteration, calculation, indexing, transmission to authorised Subprocessors, export, restriction, and deletion. |
| Purposes | Providing project, client, vendor, personnel, payroll-support, inventory, procurement, financial-document, site-plan, search, export, support, security, and related CCTVpilot functionality selected by the Customer. |
| Frequency | Continuous or intermittent, depending on the Customer’s use of the Service. |
| Categories of Data Subjects | The Customer’s clients and their contacts; prospective clients; vendor contacts; employees, contractors, freelancers, temporary personnel, and emergency contacts; persons identified in project, site, inventory, procurement, quotation, invoice, receipt, or payment-support records; and other individuals whose personal data the Customer lawfully enters into the Service. |
| Categories of Personal Data | Names, business and personal contact details, addresses, employment and engagement information, skills and certifications, rates and payment records, bank-account details, emergency-contact information, client and site information, project associations, commercial and financial-document information, notes, identifiers, serial numbers where linked to a person, and other personal data included by the Customer in records or uploaded content. |
| Sensitive or special data | Financial account information, emergency-contact information, and any special-category or otherwise sensitive personal data that the Customer chooses to enter. The Customer must use such data only where necessary and lawfully authorised. |
| Controller rights and obligations | The Customer retains control of the purposes of processing, account configuration, data entered, permitted users, retention choices available through the Service, Data Subject communications, and the lawfulness of its instructions. |
DPA Schedule 2 - Technical and Organisational Measures
The measures applicable to Customer Personal Data include:
- authenticated, account-scoped access controls for private workspace records;
- server-side authorisation and validation for protected operations;
- HTTPS/TLS encryption for supported data transmission;
- provider-managed infrastructure safeguards and access controls for Firebase and authorised cloud services;
- time-limited, account-scoped Algolia search credentials and per-record account identifiers;
- restricted operational access by authorised LumoCodes personnel where reasonably necessary for support, security, administration, or legal compliance;
- confidentiality obligations for personnel with authorised access;
- minimisation of payment callback data and separation of payment-method processing from private workspace data;
- logging, monitoring, error handling, abuse prevention, and incident-response procedures appropriate to the Service;
- deletion or deactivation workflows for active application data and related search indexes;
- software-development, dependency, credential, and deployment controls appropriate to a cloud-hosted application; and
- periodic review and adjustment of safeguards based on changes to the Service, technology, and identified risks.
The Customer remains responsible for device security, browser storage, credential management, permissions granted to its personnel, lawful data entry, and secure handling of exported files.
DPA Schedule 3 - Authorised Subprocessors for Customer Personal Data
| Subprocessor | Processing |
|---|---|
| Google LLC | Firebase Authentication, Cloud Firestore, cloud storage, Cloud Functions, hosting, and related Google Cloud infrastructure used to store, secure, transmit, and operate Customer Personal Data. |
| Algolia, Inc. | Hosted search indexing and retrieval of the selected Customer Personal Data fields identified in Section 13.6 of the Product Data Controls Notice. Algolia may use infrastructure and group subprocessors disclosed in its published subprocessor list. |
Providers described in the Product Data Controls Notice that process account, analytics, website-request, payment, or Partner Rewards data only where LumoCodes acts as controller are not Subprocessors for Customer Personal Data merely because they are mentioned in that notice.