Privacy policy
Last updated: April 2026
Our Commitments to You
- You are a contributor, not a product. We do not sell your personal information to third parties. Our revenue comes from the value of the robot training datasets our community builds together.
- We only collect what the platform needs to function. No advertising identifiers, no installed app lists, no phone calls or SMS for marketing.
- Your images train robots, not ad algorithms. Every photo you contribute goes toward building embodied AI training data — that is the only purpose.
- Your privacy controls are real. You can export your data and delete your account at any time. Marketing communications can be withdrawn at any time.
- Your wallet stays yours. We never touch your private keys. All wallet interactions happen locally on your device.
Questions or requests: mk@robotin.ai
1. Who We Are
Robotin Network is operated by Robotin INC, registered at 10 Corporate Park Ste 330, Irvine, CA 92606, USA ("Robotin", "we", "us", "our").
We build a decentralized data contribution network where contributors capture real-world home environment scenes using the Robotin app. Contributed images, after privacy processing, are used to train embodied AI and robotics models. Contributors earn points and rewards for their participation.
We comply with the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. What We Collect and Why
We follow the principle of data minimization: we only collect information that is necessary for the platform to operate.
2.1 Account Information
When you register, we collect:
- Email address — required to create your account and send security notifications.
- Password — stored as a one-way cryptographic hash; we never see your plaintext password.
- Device ID — a random identifier generated by your app on first launch, used to associate your uploads with your account.
- RSA public key — generated on your device and used to verify that uploads genuinely came from your registered device. Your private key never leaves your device.
We do not support third-party sign-in (e.g. Google, Apple) at this time.
2.2 Contributed Data
When you submit a contribution through the app, we receive:
- The data file (currently image files) — stored in secure private cloud storage after privacy processing.
- Annotation data — the room type, clutter categories, and bounding boxes you draw.
- A client-side timestamp — the time your device recorded when the upload was initiated.
- A cryptographic signature — proves the upload came from your registered device.
Currently this includes image files and annotations. As the platform evolves, this may also include video clips, sensor recordings, and scene data collected through the app.
Privacy processing: Before storage, our system automatically detects and blurs any human faces in images. The coordinates of detected face regions are retained to support quality review and dataset curation. We do not store unprocessed images containing identifiable faces.
Data use: Your contributed data, once accepted, becomes part of a robot training dataset. This is the core purpose of the platform and the value your contribution creates. Once accepted, the data is considered contributed to the Robotin dataset; account deletion removes the personal link but does not remove the contributed data itself (see Section 5).
2.3 Location Data (Upload-time)
When you upload data, we use your IP address to estimate your approximate geographic location (country and city level). This estimate is stored alongside each submission record.
We use this to understand the geographic diversity of our dataset and to detect anomalous upload patterns for security purposes. We do not use GPS or any device-level location service. All location estimates are derived solely from your IP address at upload time.
2.4 Rewards and Points Data
We maintain records of:
- Activity points and contribution points you have earned, and the source of each reward (task completion, daily check-in, referral milestones, Genesis Contributor status).
- Your referral code and referral relationships, if applicable.
- Your wallet address, if you choose to connect one for reward settlement.
If you participate in on-chain reward settlement, the wallet address and transaction details are recorded on a public blockchain. Blockchain records are permanent and cannot be deleted — this is a technical property of public blockchains that applies regardless of any account deletion request.
2.5 Security and Technical Data
For platform security and integrity, we collect:
- IP address — used for rate limiting, fraud detection, and geographic inference (see 2.3).
- Device activity timestamps — last active time, submission timestamps.
We do not collect:
- Advertising identifiers (IDFA, GAID, OAID)
- Android ID or device hardware serial numbers
- Installed application lists
- Wi-Fi network names (SSID / BSSID)
- Precise GPS location
2.6 Communications
- Email verification codes — sent when you register or reset your password. These expire in 10 minutes and are deleted after use.
- Security notifications — sent for password changes and other security events. These cannot be opted out of as they protect your account.
- Product updates — with your consent, we may send product news by email. You can unsubscribe at any time.
We do not use SMS, phone calls, or third-party push services for marketing.
3. How We Use Your Data
| Data | Purpose | Legal Basis (GDPR) |
|---|---|---|
| Email, password, device ID | Account creation and authentication | Contract performance |
| Uploaded images and annotations | Robot training dataset construction | Contract performance |
| IP-based location per submission | Dataset geographic diversity; fraud detection | Legitimate interest |
| Rewards and points records | Operating the incentive system | Contract performance |
| Wallet address | On-chain reward settlement | Contract performance |
| IP address, activity timestamps | Platform integrity; fraud and abuse prevention | Legitimate interest |
| Email (marketing) | Product news and updates | Consent |
We do not use your data for advertising profiling and we do not sell it to data brokers.
4. Data Storage and Third-Party Processors
We use trusted third-party infrastructure providers for cloud hosting, database storage, image storage, transactional email, and IP-based geolocation. All providers are contractually bound to process your data only as instructed and to maintain appropriate security standards.
A full list of current processors is available upon request to users exercising their GDPR data rights — contact mk@robotin.ai.
Our infrastructure is hosted on enterprise-grade cloud infrastructure. Cross-border data transfers from the EEA are covered by Standard Contractual Clauses (SCCs) approved by the European Commission.
5. Data Retention
| Data Type | Retention Period |
|---|---|
| Active account data | Until account deletion |
| Accepted submission images and annotations | Retained as part of the training dataset (anonymized after account deletion) |
| Email verification codes | 10 minutes (auto-expired and deleted) |
| Points and rewards history | Retained in anonymized form after account deletion (ledger integrity) |
| On-chain settlement records | Permanent (blockchain records cannot be modified or deleted) |
Upon account deletion, all personal identifiers (email, password, username, avatar, wallet address, referral links) are permanently erased. Accepted contributed data is retained in fully anonymized form with no link to your former identity.
6. Your Rights and Controls
To exercise any of the rights below, contact mk@robotin.ai. We respond within 30 days at no charge.
6.1 Right to Access (GDPR Art. 15)
Request confirmation of whether we hold personal data about you, and a description of that data.
6.2 Right to Export (GDPR Art. 20)
Download your contribution history via Settings → Export My Data in the app. You will receive a CSV file with the following columns: Time | Task | Status | Contribution Points. This is designed to help you reconcile your on-chain rewards. The export does not include image files or image content.
6.3 Right to Correct (GDPR Art. 16)
Update inaccurate information in your account profile, or contact us for corrections you cannot make yourself.
6.4 Right to Delete (GDPR Art. 17)
Request deletion of your account via Settings → Delete Account in the app, or by emailing us. Upon deletion:
- Your email, password, username, avatar, wallet address, and referral data are permanently erased.
- Your accepted image contributions are retained in the training dataset in anonymized form, with no link to your identity.
- On-chain settlement records cannot be removed due to the technical nature of blockchain.
6.5 Right to Object (GDPR Art. 21)
Object to processing based on legitimate interest by contacting mk@robotin.ai.
6.6 Withdraw Marketing Consent
Unsubscribe from product emails at any time via the unsubscribe link in any email, or in app settings.
6.7 California Residents (CCPA)
California residents have the right to know, access, delete, and correct personal information we hold. We do not sell personal information. Contact mk@robotin.ai to exercise these rights.
7. Web3 Wallet
Connecting a crypto wallet is optional and only required if you wish to receive on-chain reward settlement.
- We store only your public wallet address.
- We never request, access, or store private keys or seed phrases.
- All wallet interactions occur locally through your device's Web3 provider.
- We do not initiate any on-chain transaction without explicit action from you.
- Your wallet address is used solely to identify settlement recipients and link participation rewards.
As the Robotin Network evolves, we may introduce additional decentralized features — such as on-chain identity, governance participation, or token-based rewards. Any such features will be introduced transparently, and this policy will be updated accordingly before they go live.
8. Security
We protect your data with the following measures:
- Every upload is verified by a cryptographic signature to ensure data integrity and prevent spoofing.
- Passwords are stored in a non-reversible hashed form; we cannot recover your password.
- All data in transit is encrypted via HTTPS.
- Images are stored in a private, non-publicly-accessible storage environment.
- Login and registration endpoints are rate-limited to prevent brute-force attacks.
- Access tokens are validated on every request; banned or deleted accounts are blocked immediately.
Security also depends on you — keep your password confidential and do not share it.
9. Children
The Robotin app is not intended for users under 18 years of age. We do not knowingly collect data from minors. If you believe we have collected data from a child under 18, contact mk@robotin.ai and we will delete it promptly.
10. Changes to This Policy
We will notify you of material changes by email or in-app notification before they take effect. The date at the top of this document reflects the latest revision. Continued use of the app after a change constitutes acceptance of the updated policy.
11. Complaints and Contact
If you believe your data has been mishandled, you have the right to lodge a complaint with your local data protection authority. EEA users may do so under GDPR Art. 77.
Robotin INC
10 Corporate Park Ste 330, Irvine, CA 92606, USA
mk@robotin.ai
- Choosing a selection results in a full page refresh.