KeepsLock

Privacy Policy

Last updated: 2026-05-12

KeepsLock takes your privacy seriously and complies with applicable laws including GDPR (EU), CCPA (California), and PIPA (Korea). This policy explains what data we collect and why.

1. Information We Collect

① Account

  • Email address
  • Display name

② Contact (optional)

  • Mobile phone number — only if you opt in to SMS alerts

③ Asset data

  • Serial number
  • Model and brand
  • Photos
  • Registration date and approximate location

④ Lookup history

  • Lookup time
  • Scanner identity
  • Approximate location (city / region / country)

⑤ Payment

  • Payments are processed by Paddle.
  • We do not store card numbers or sensitive payment data on our servers.

2. How We Use Your Data

We use collected data to:

  • Identify stolen assets and notify owners
  • Process asset registration and ownership transfers
  • Operate, maintain, and improve the service
  • Prevent fraud and abuse
  • Respond to support requests
  • Process and record payments

3. Legal Basis (GDPR)

For users in the European Economic Area, we process data on the following bases:

  • Performance of contract — registering assets, processing transfers
  • Consent — SMS alerts, optional location data
  • Legitimate interest — fraud prevention, service improvement
  • Legal obligation — tax and payment record-keeping

4. Camera & Location Permissions

① Camera

  • Used solely for serial number recognition (OCR). Captured images are not transmitted externally without your consent.

② Location

  • Used to record approximate region (city / country) of lookups. Precise GPS coordinates are not stored.

③ Denial

  • You may deny these permissions. Some features will be limited but core functions remain available via manual entry.

5. Data Retention

  • Account, asset, and lookup data are deleted immediately when you delete your account.
  • Payment records may be retained up to 5 years where required by law.

6. International Data Transfers

Our infrastructure (Supabase) and payment processor (Paddle) operate servers globally, including in the United States and the European Union. By using KeepsLock you consent to your data being transferred and processed outside your country of residence under appropriate safeguards (Standard Contractual Clauses where applicable).

7. Third-Party Services

We do not sell your personal data. We use the following processors strictly to operate the service:

  • Paddle (payment processing)
  • Supabase (data storage and authentication)
  • BigDataCloud API (location reverse-geocoding)

8. Your Rights

Depending on your jurisdiction (GDPR, CCPA, PIPA, etc.) you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data
  • Export your data (data portability)
  • Object to or restrict processing
  • Lodge a complaint with your local supervisory authority
  • Opt out of the sale of personal data (we do not sell data)

Send any request to the contact below.

9. Security

We apply reasonable technical and organizational safeguards (encryption in transit, access control, audit logging). No system can guarantee absolute security on the public internet.

10. Children

KeepsLock is not directed to children under 14 (or under 16 in certain EU jurisdictions).

11. Changes

We may update this policy. Material changes will be announced in-app.

12. Operator