G4 HomeMedia: private access portal

Definitions. The Product and the Portal mean G4 HomeMedia and its web interface. The User is any person who accesses the Portal or uses the Mobile App. The Coordinator is the person who provides access or manages the access program. The Mobile App is the official G4 HomeMedia application for mobile devices. Home Infrastructure means the User's local services, storage, and Home Assistant instance. A Wearable Device is a personal device such as a heart rate sensor, blood pressure monitor, or fitness band. A Third-Party Service is any external cloud or vendor system not operated by the Product. Credentials are any tokens, keys, or secrets used for access. Content is any data stored in or transmitted through Home Infrastructure. Operational Data is limited technical data used to keep the Product reliable. Direct Device Mode means a Mobile App connection to a Wearable Device without a cloud service.

Purpose and scope. The Product provides private access to Home Infrastructure behind CGNAT and offers direct integrations with Home Assistant. The Product is a narrowly scoped access and orchestration layer, not a public hosting platform, analytics service, or media distribution network. This policy applies to the Portal, the Mobile App, and supporting connectivity components.

Data minimization. The Product intentionally minimizes data collection. The Product does not scan, index, or analyze photos, videos, or media stored in Home Infrastructure. Content stays within Home Infrastructure and is accessed only when the User initiates a request. The Product does not perform face recognition, behavioral profiling, or automated tagging of Content.

Portal authentication behavior. The Portal does not create real accounts or maintain a user database. Login attempts are simulated for realistic behavior and always return a generic error after a randomized delay. The Product does not store passwords in the Portal and does not validate credentials against any directory.

Operational Data and logging. To keep the Product stable and protect access, the Product may process limited Operational Data such as timestamps, network identifiers, user agent strings, request paths, response codes, and response times. This data is used for diagnostics, availability, and abuse prevention. The Product does not use Operational Data for advertising, profiling, or resale. Logs are stored locally and rotated on a schedule appropriate for a private access system.

Cookies and local storage. The Portal does not use third party trackers or advertising identifiers. Cookies or local storage, if present, are limited to functional preferences such as language selection and remember me settings. These values are not shared with external parties.

Home Assistant integration. The Product integrates directly with the User's Home Assistant instance. Integrations run inside Home Infrastructure, follow User permissions, and use User managed secrets. The Product does not integrate with Third-Party Services and does not transmit data to them.

Wearables and cloud services. Integrations with cloud services that manage Wearable Devices are performed only inside the User's Home Assistant instance. The Product does not connect to those clouds, does not store their tokens, and does not transmit data to them. Any data flow to or from those services is controlled by the User through Home Assistant.

Direct device connections. When the User chooses Direct Device Mode, the Mobile App connects to the Wearable Device in accordance with the device specification and only by explicit User action. Pairing, permissions, and data flow remain under User control and can be revoked at any time.

Position on Personal Data. The Product does not process Personal Data and does not classify any data as Personal Data. If the User transmits data that could be considered personal, the User is responsible for that decision and for compliance with applicable law. The Product treats such data as User owned Content and does not enrich or redistribute it.

No Third-Party sharing. The Product does not share data with Third-Party Services and has no commercial relationships that require data sharing. The Product does not sell data, rent data, or exchange data for advertising or analytics services.

User responsibility. The User controls Home Infrastructure, access policies, and backups. The Product does not guarantee the safety or preservation of Content inside Home Infrastructure. The User remains responsible for redundancy, recovery, and secure network configuration.

Security posture. Connections are encrypted in transit, access is invitation based, and administrative interfaces are restricted. Configuration files that may include sensitive parameters are stored with restrictive permissions and are not exposed to public endpoints. The Product limits exposure to the minimum required for functionality.

Exception for overwrites. The Product does not modify Content except when the User explicitly allows the Mobile App to overwrite data during Direct Device Mode integrations. In such cases, the Mobile App follows device specifications and User intent.

International access. The Product may be accessed from different locations depending on the User's network. Content remains within Home Infrastructure. The Product does not transfer Content across borders on its own.

Updates and feedback. This policy may be updated to reflect technical changes or feedback. Continued use of the Product indicates acceptance of updates. If the User does not agree with an update, the User should stop using the Product and contact the Coordinator.

Contact. The Coordinator is the primary contact for questions about data handling, retention, and integrations. The Product aims to provide reasonable information about storage and access and will adjust where feasible.