§ Camera & Data Policy

Camera & Data Policy

Last updated: 21 April 2026

This policy describes how TaperCam cameras work, what they capture, what happens to the images, and what rights everyone involved has. It is published for transparency and applies to every TaperCam camera we deploy.

If you are a shop using TaperCam, parts of this policy describe your legal obligations as a data controller. If you are a customer of a shop that uses TaperCam, this policy explains what the camera does in plain terms and what your rights are.

Our privacy promises

TaperCam is built so that customers waiting in a shop are served, not surveilled. Every design choice in the product follows from these promises:

No video. The camera produces still images only, at an interval of several minutes. There is no continuous video stream.
No archive. Each new image overwrites the previous one. We keep no history, no backup, and no downloadable feed.
No faces matched. We do not run facial recognition, biometric extraction, or any identity lookup. We never will.
No footage to disclose. Because we hold no history, there is nothing to hand over to anyone — even in response to a lawful request.
Signage, always. Every camera ships with clear customer-facing signage. Shops are contractually required to display it where the camera is operating.

1. What TaperCam is, and what it is not

TaperCam is a small camera that a shop fits in its customer-facing waiting area. Several times an hour, the camera captures a still image and uploads it to a relay, which makes the most recent image visible on the shop’s own website. The purpose is to let customers see how busy the shop is before they visit.

TaperCam is not, and must not be used as:

A video recorder or CCTV system for security, evidence gathering, or incident investigation
A system for monitoring employees
A facial-recognition or identity-matching system
A camera pointed at anything other than the shop’s own customer-facing waiting area

2. What each camera captures

Each TaperCam captures a still image of the shop’s waiting area at a fixed angle. The interval between captures is set by TaperCam and is measured in minutes, not seconds.

The camera must be installed so that it covers only the waiting area, and must not be positioned to capture:

The street outside or any public highway
Neighbouring premises
Private areas of the shop (staff rooms, toilets, treatment rooms)
Any space where a person has a reasonable expectation of privacy beyond a waiting room

The resolution is deliberately modest. It is sufficient to convey how busy the room is, but not intended or suitable for reliable identification of individuals.

3. The snapshot cadence is deliberate

The every-few-minutes cadence is a privacy design choice, not a technical limitation. It is fast enough for a customer to judge whether to visit, and slow enough that the camera cannot be used as real-time surveillance of any individual. People passing briefly through the waiting area often do not appear in any captured frame at all.

4. What happens to each image

Each image is uploaded from the camera to a TaperCam relay server over an encrypted connection. The relay holds only the most recent image per shop. When a new image arrives, the previous one is overwritten and permanently gone.

No archive is created. No historical frames are retained. TaperCam does not back up, export, or log individual frames, and cannot provide historical footage to anyone — including the shop, law enforcement, or a data subject.

The only information TaperCam retains about camera operation is aggregate service metadata (for example, timestamps of successful uploads and error counts per shop) used for reliability monitoring and billing. This metadata does not contain image content.

5. Legal roles and responsibilities

Under UK GDPR and the Data Protection Act 2018:

The shop operating the camera is the data controller. The shop decides to install the camera, sets the purpose, has the relationship with its customers, and is responsible for informing them and honouring their rights.
TaperCam is the data processor. We process images on behalf of the shop, under written contract, strictly to relay the most recent frame to the shop’s website. We do not use images for any other purpose.

A Data Processing Agreement (DPA) forms part of every TaperCam subscription. It sets out our processor obligations, security measures, sub-processors (such as our cloud relay provider), and breach-notification duties.

6. Signage in the shop is required

Every shop using TaperCam must display clearly visible signage in the area covered by the camera, informing customers that:

The area is captured by a TaperCam camera
Still images are made visible on the shop’s website
Images are not recorded or stored beyond the next capture
Customers have the right to object, and how

TaperCam provides signage with every unit. Displaying it is a contractual obligation on the shop, not a suggestion. A customer who does not wish to appear in any captured frame can wait outside the camera’s field of view, ask the shop for an alternative, or return at a different time.

7. Children and vulnerable people

Barbershops commonly serve children, and other service businesses may serve vulnerable adults. TaperCam has been designed to minimise privacy risk to all subjects, but shops should exercise additional judgement where children or vulnerable adults are present.

Where a parent, guardian, or carer raises a concern or objection, the shop should accommodate it (for example, by offering to seat the person outside the camera’s view) without requiring a formal process.

8. Your rights as a customer

Because the shop is the data controller, rights requests should be directed to the shop in the first instance. The shop will contact TaperCam where our help is needed.

You have the right to:

Be informed (via the in-shop signage and this policy) that the camera exists and what it does
Object to processing in a specific case
Lodge a complaint with the Information Commissioner’s Office at ico.org.uk if you believe your rights have been infringed

Because no historical images exist, we cannot provide you with copies of past frames — there are none to provide. Once a frame is overwritten by the next, it cannot be recovered from any backup, log, or cache.

9. Security

All images are transmitted from camera to relay over TLS-encrypted connections.
Each camera is authenticated to the relay by a device-specific secret so that images cannot be forged or injected by an unauthorised party.
Cameras do not accept inbound connections. They cannot be accessed remotely except via the TaperCam relay, reducing their exposure to attack.
Access to the relay and to shop-facing embeds is authenticated and rate-limited.

10. Breach notification

In the event of a personal data breach that meets the reporting threshold, we will notify:

The ICO within 72 hours
Affected shops without undue delay
Affected data subjects where required by law

Because TaperCam retains no historical images, the most significant breach we could suffer is compromise of the most recent live frame across cameras. Our systems are designed so that this is the practical worst case.

11. Third parties and legal orders

TaperCam does not share image content with any third party. We do not:

Sell, rent, or licence image data
Allow advertising or analytics vendors to access images
Integrate with social-media platforms in a way that transmits images
Respond to speculative or commercial data requests

We will comply with lawful orders such as court orders or regulatory requests, but because we retain no historical images, in practice we will usually have no responsive data to disclose.

12. Changes, contact, and the regulator

We may update this policy as the product evolves. Material changes affecting data subjects will be reflected in the in-shop signage and notified to shops in writing.

Questions about this policy: privacy@tapercam.com.

Information Commissioner’s Office, the UK regulator for data protection:

Website: ico.org.uk
Helpline: 0303 123 1113