Privacy by Design

Our Commitment to Data Protection

Powerful insights from your existing cameras — 100% anonymous, privacy-by-design.

Privacy by Design Data Processing Compliance

"Aura Vision's insights and analytics are anonymised data, do not constitute personal data under the EU GDPR and UK GDPR, and are created in line with regulatory guidance."

— Mishcon de Reya, December 2025
Download White Paper (PDF)

Privacy by Design

Built in the UK since 2017 following privacy-by-design principles. No facial recognition — faces are never stored or identified.

100% Anonymous

Video is converted into anonymous analytics on-premise and discarded immediately. Only aggregated counts reach the cloud.

No Customer Sign-Up

No T&Cs or WiFi sign-ups required. A simple entrance notice is typically sufficient for compliance.

Face Blurring

Faces are blurred at source before any image leaves the device. The process is non-reversible.

Edge Processing

All video is processed on-device — only anonymous analytics are transferred to the cloud.

No Sensitive Data

No Special Categories of Personal Data are ever collected.

Clean Heatmaps

Heatmaps and thumbnails are pre-cleaned to remove any visible person before upload.

Data Processing

All video is processed on-premise at the edge. Only anonymous analytics reach the cloud platform on AWS in the EEA.

On-Premise Processing

A plug & play APU connects to each location's CCTV, converting live video into anonymous analytics in real-time.

No Video Storage

No historic footage is stored or recalled. Surveillance remains with the existing camera system.

No Software Integration

The APU connects like another monitor — no changes to existing CCTV infrastructure.

AI Model Training

During setup, face-blurred snapshots are sent to our AWS-hosted training service in the EEA. Blurring is non-reversible; images are deleted within two weeks.

Compliance

Compliant with the world's most stringent data protection regulations across the EU, UK and US.

GDPR

Privacy-by-design approach following GDPR principles. Aura Vision acts as a Data Processor on behalf of the client (Data Controller).

CCPA

Compliant with the California Consumer Privacy Act.

EU AI Act

Assessed as limited / minimal risk (the 2 lowest of 4 levels) by Mishcon de Reya. AI Literacy measures are in place for all team members operating AI systems.

Data Controller & Processor

The client is the Data Controller; Aura Vision is the Data Processor converting CCTV footage into anonymous analytics on their behalf.

ICO Registration

Registered with the Information Commissioner's Office.

Looking for security details?

Learn about our hardware, network and account security measures.

View Security →

Ready to learn more?

Get in touch to see how Aura Vision can deliver powerful, privacy-first analytics for your spaces.

Contact Us