Privacy

Zero telemetry. No analytics. No phone-home.

This is an architecture statement, not a policy promise. ChannelWatch has no telemetry code, no analytics SDK, and no outbound connections to any external service. The application cannot phone home because there is no endpoint to call and no code that would call it.

All data ChannelWatch touches stays on your machine, in your /config volume.

What data ChannelWatch stores

ChannelWatch stores the following data locally:

/config/settings.json - your configuration: DVR server addresses, notification provider credentials (encrypted), alert thresholds, and display preferences.
/config/channelwatch.db - a SQLite database containing alert history, notification delivery logs (30-day retention), and session state for active viewers.
/config/encryption.key - the encryption key used to protect DVR API keys stored in settings.json. This file is created automatically at first run with permissions 0600 (readable only by the process owner).
/config/backups/ - automatic backups created before schema migrations and before restore operations.

No data from this list is transmitted anywhere unless you explicitly configure an outbound integration (a notification provider or a crash reporting DSN).

Notification providers

When you configure a notification provider (Pushover, Discord, Telegram, etc.), ChannelWatch sends alert payloads to that provider’s API. The payload contains the alert content you configured: channel name, program name, device name, and similar fields from your Channels DVR. No ChannelWatch configuration data, no DVR API keys, and no personal identifiers are included in notification payloads.

You control which providers receive which alerts through the notification routing matrix in Settings > Notification Providers.

Optional crash reporting (user-supplied DSN)

ChannelWatch supports an optional user-supplied error reporting DSN for Sentry or GlitchTip. This is disabled by default and requires explicit configuration:

environment:
  - CW_SENTRY_DSN=https://your-key@your-sentry-instance/project-id

When a DSN is configured, unhandled exceptions are sent to the endpoint you specified. You control the destination. ChannelWatch does not have a default DSN and does not send crash data anywhere without your explicit configuration.

If you use a self-hosted GlitchTip instance, crash data never leaves your infrastructure.

If you enable RBAC and create user accounts for other people, you become the data controller for those accounts under GDPR and similar regulations. ChannelWatch stores usernames and hashed passwords in channelwatch.db. No email addresses or other personal identifiers are collected by default.

As the operator, you are responsible for:

Informing users what data you collect and why.
Providing a way for users to request deletion of their account data.
Ensuring your deployment environment meets your jurisdiction’s data protection requirements.

ChannelWatch does not provide a built-in user-facing privacy portal. For small HomeLab deployments with trusted users, this is rarely a concern. For any deployment where you’re managing accounts for people outside your household, consult your local data protection requirements.

Data retention

The notification delivery log retains entries for 30 days. Older entries are pruned automatically by a background job. Alert history in channelwatch.db follows the same 30-day retention window.

Backup files in /config/backups/ are retained for 30 days and then pruned by the same background job.

You can export alert history as CSV at any time from Settings > Data > Export.

This website

The ChannelWatch website (this site) uses Cloudflare Web Analytics, which is cookieless and does not collect personal data. No cookies are set. No cross-site tracking occurs. Cloudflare’s privacy practices for Web Analytics are documented at cloudflare.com/web-analytics-privacy-policy/.

Disclaimer - third-party trademark notice
Security modes - RBAC and access control
Backup & Restore - what’s in the backup zip and how to restore