Registrees and users of Raspberry Pi Connect have been emailed a notice of changes to the Terms Of Service that include these troubling UK GDPR-based updates:

  -   Schedule 1 (Acceptable Use Policy):
  Introduces guardrails in respect of acceptable
  use. It also defines what constitutes a
  Security Event—such as introducing
  vulnerabilities, network scanning, etc. It also
  prohibits using the service to view or stream
  high-risk data.
  
  -   Schedule 2 (Data Processing Schedule):
  Codifies our respective privacy roles under the
  UK GDPR and the Data Protection Act 2018.
  Raspberry Pi acts as a “mere conduit” for
  encrypted session data, guarantees that visual
  feeds are never stored or inspected in a
  decrypted format, and locks down metadata log
  retention to a strict 90-day deletion cap.
  
  Additionally, the new terms reinforce that they
  apply in addition to the Raspberry Pi General
  Terms and Conditions and shall prevail
  regarding your use of Connect in the event of
  any conflict.