1. Terms of Use

1.1 Eligibility & basic rules

• Who we are. “Naptio”, “we”, “us” refers to the Naptio project and its maintainers.
• Who may use Naptio. You must be at least 16 years old and capable of entering a binding contract, or have a parent/guardian do so on your behalf.
• Personal use. Naptio is provided for private, personal use only. Commercial use, including use by businesses, institutions, or organizations, requires a prior commercial licence.”
• Consent. You are responsible for obtaining consent from anyone who may be seen or heard by the devices you set up.
• Compliance. You must comply with the laws of your location, including those on recording, surveillance, and data protection.

1.2 Acceptable use

You agree not to misuse Naptio. For example, you may not:

• Use it for covert surveillance, stalking, discrimination, or any unlawful purpose.
• Try to bypass security, probe systems, or disrupt networks.
• Upload or route malware, infringing, or illegal content.
• Resell access or use Naptio in critical life-support scenarios.

1.3 Safety & medical disclaimer

• Not a medical device. Naptio does not diagnose, treat, or prevent any condition. It is not a replacement for human supervision.
• AI limitations. On-device detections (e.g., cry/motion/pose cues) can be inaccurate or fail. Configure thresholds carefully and always monitor your child appropriately.
• Environment. Avoid unsafe device placement, cabling, and overheating risks. Ensure reliable power and network if you rely on alerts.

1.4 License to use Naptio

We grant you a revocable, non-exclusive, non-transferable, royalty-free license to access and use Naptio for personal, lawful purposes. We reserve all rights not expressly granted. You may not reverse-engineer, copy at scale, or modify parts of the service except as permitted by applicable law or relevant open-source licenses.

1.5 Ownership & third-party components

Naptio and its content are owned by us and/or our licensors. Some features rely on third-party, open-source components (e.g., WebRTC, ML libraries). Those are licensed by their respective authors.

1.6 Changes, availability & support

Naptio may change, suspend, or discontinue features at any time. Service is provided on a best-effort basis without uptime guarantees. We may update these terms when needed. If changes are material, we’ll post a new effective date at the top of this page.

1.7 Warranty disclaimer

Naptio is provided “as is” and “as available” without warranties of any kind, whether express or implied, including merchantability, fitness for a particular purpose, accuracy, non-infringement, and non-interference.

1.8 Liability cap

To the maximum extent permitted by law, we will not be liable for indirect, incidental, special, consequential, exemplary, or punitive damages, or any loss of data, profits, or goodwill.

1.9 Governing law

These terms are governed by the laws of England and Wales, and the courts of England and Wales shall have exclusive jurisdiction, except where local law gives you mandatory consumer protections.

2. Privacy Notice

This section explains what data Naptio processes and why. Naptio aims to minimise personal data and keep processing on-device whenever possible.

2.1 No accounts, no cloud video

• Naptio does not require an account or password.
• We do not run cloud video/audio storage. Monitoring streams are intended to be peer-to-peer between your devices.

2.2 WebRTC connections

• Signalling. Devices exchange session setup data via a signalling server. Signalling messages are transient and contain connection metadata (e.g., session descriptions, ICE candidates). Media itself is not transported over signalling.
• Media path. After setup, media is intended to flow directly between your devices using WebRTC. In some network conditions, a relay (TURN) may be used to traverse NATs. We do not intentionally store media content.
• Pairing. Naptio supports pre-shared keys and/or fingerprinted device pairing (local cryptographic keys stored on your device). Treat pairing codes and QR links like passwords.

2.3 Local storage on your device

To make Naptio work across sessions and to show history locally, your browser may store small items on your device only:

• localStorage / sessionStorage for preferences, pairing records, and feature flags.
• IndexedDB for local alert history (e.g., cry/motion/prone events) and cached UI state.
• Service worker caches for static assets.

These stay on your device unless you clear them via the app’s Settings page or your browser controls.

2.4 Minimal analytics

To understand feature usage and keep the service healthy, the app may send lightweight analytics events, for example: page loads, feature toggles, active time, and coarse technical telemetry (browser/OS). Network IP information may be hashed or truncated for abuse-prevention and debugging, with exact IPs, if collected, pruned after a short window. Aggregate analytics rows are removed after a longer window. We do not build behavioural profiles or sell data. You can restrict analytics by using content blockers or by self-hosting.

2.5 Legal bases

Where UK/EU data protection law applies, we process limited personal data under legitimate interests to operate, secure, and improve Naptio, balanced against your privacy. Where consent is required (e.g., for optional features), we will rely on it.

2.6 Sharing & international transfers

• Vendors. We may use hosting or CDN providers (for example, to serve static pages or receive analytics). They act as processors and are bound by contract.
• Legal. We may disclose data when required by law or to protect users, the public, or our rights.
• Transfers. Analytics and logs may be processed in the UK, EU, or US depending on hosting location. We use appropriate safeguards for cross-border transfers where required.

2.7 Retention

• On-device data (pairing records, alerts) persists until you clear it in Settings or your browser.
• Server analytics keep exact IP data only briefly and summary rows for longer, after which they are deleted or anonymised.

2.8 Your rights

Depending on where you live, you may have rights to access, rectify, erase, port, or object to processing of your personal data. To exercise rights, contact us as described below. For device-local data, you can also use the app’s Settings page to reset local storage and caches.

2.9 Children

We do not knowingly collect personal data from children. Naptio is configured by adults/guardians and used with parental supervision.

2.10 Contact

Questions or privacy requests: naptioai@gmail.com.

3. Security notes & responsible disclosure

• Keep your devices updated and locked. Treat pairing codes/QRs as secrets.
• WebRTC is encrypted by design; however, misconfiguration, extensions, insecure networks, or compromised devices can weaken security. Use trusted Wi-Fi and modern browsers.
• If you discover a vulnerability, please email naptioai@gmail.com with details. Do not publicly disclose issues until we confirm a fix or mitigation.

4. Attributions

This project may incorporate third-party software and model weights (for example, WebRTC APIs and on-device ML libraries). Their licenses are provided by their respective authors.