Data Privacy & Security
Contributors retain full control of their data. Every technical decision in RoboX is designed around privacy, transparency, and minimal data collection. No data leaves the device without explicit consent, and contributors decide exactly what they share and for how long.
Privacy Principles
Minimize collection: Only the sensor data required for each active campaign is collected. Permissions are requested per campaign, not as blanket access. If a campaign only needs camera and IMU, those are the only sensors activated.
Anonymize at source: Personal identifiers are stripped on-device before any data is uploaded. Raw footage is processed locally so that identifiable information never reaches RoboX servers.
Transparency: Contributors see exactly what data is collected for each campaign before joining. Sensor types, data retention terms, and how the data will be used are disclosed upfront.
User control: Contributors can stop recording, leave campaigns, or delete their data at any time. No lock-in, no penalties.
On-Device Anonymization
Location data:
Raw GPS coordinates are coarsened to approximately 50m grid cells before upload
Exact coordinates are never stored or transmitted
Device identifiers:
Hardware IDs are never accessed
A pseudonymous identifier is generated per campaign
Pseudonyms cannot be linked across campaigns or back to devices
Data Security
All uploads are encrypted in transit
Server-side data is encrypted at rest
Access to contributor data is restricted and logged
Compliance
RoboX is designed to comply with GDPR requirements:
Lawful basis for processing is explicit opt-in consent per campaign
Contributors can request access to or deletion of their data through the app
Deletion is permanent and irreversible
Already-paid compensation is not affected by deletion
Your Rights
Access: Request a copy of your data through the app
Deletion: Delete your data at any time through the app
Control: Choose which campaigns to join and leave at any time
Last updated