Privacy Policy
How KeyShare collects, uses, and protects your personal information.
Effective Date: March 1, 2026 | Last Updated: March 13, 2026
On This Page
Table of Contents
1. Overview
KeyShare, Inc. ("KeyShare," "we," "us," or "our") provides an identity verification and credential delivery platform used across hospitality, physical access control, visitor management, and government digital identity ecosystems.
This Privacy Policy describes how we collect, use, store, and protect personal information when you:
- Visit our website (keyshare.id)
- Interact with our hardware (the KeyShare Puck)
- Use our software platforms (Guest Experience Platform, KeyShare Connect, Visitor Experience Platform, Digital ID Platform)
- Communicate with us through any channel
By using our services, you acknowledge that you have read and understood this Privacy Policy. If you are a deploying organization (hotel, building, government), you are the data controller for personal data processed through our platform in your deployment; KeyShare acts as the data processor.
2. Information We Collect
2.1 Information You Provide
| Category | Examples |
|---|---|
| Contact information | Name, email address, company name, phone number — when you submit a form or contact us |
| Account information | Login credentials, role, organization — when you access a KeyShare platform |
| Communication content | Messages, inquiries, feedback you send us |
2.2 Information Collected Automatically
| Category | Examples |
|---|---|
| Device & browser data | IP address, browser type, operating system, device identifiers |
| Usage data | Pages visited, time spent, referral source, click patterns |
| Cookies & tracking | Session cookies, analytics cookies (see Section 9) |
2.3 Information Collected Through Our Platform
| Category | Examples | Retention |
|---|---|---|
| Identity verification data | Document type, issuing authority, verification result, credential claims presented | Per deployment configuration |
| Biometric identifiers | Face geometry for 1:1 matching (see Section 4) | Zero retention — processed in RAM, immediately discarded |
| Access events | Door ID, credential match, grant/deny, timestamp | Per deploying organization's policy |
| Credential delivery data | Credential type, delivery method, recipient device | Per deployment configuration |
3. How We Use Information
We process personal information for the following purposes:
Service Delivery
To operate our identity verification, credential delivery, and access control platforms on behalf of deploying organizations.
Communication
To respond to your inquiries, provide support, and send service-related communications.
Improvement
To improve our products, services, and user experience through aggregated analytics.
Security & Compliance
To protect our platform, prevent fraud, and comply with legal obligations.
4. Biometric Data
5. Data Sharing & Disclosure
We do not sell personal information. We share personal information only in the following circumstances:
| Recipient | Purpose | Data Shared |
|---|---|---|
| Deploying organizations | Service delivery as contracted | Verification results, access events, credential delivery confirmations — as configured by the deploying organization |
| Service providers | Infrastructure and operations | Cloud hosting (AWS), analytics, email delivery — under data processing agreements |
| Legal authorities | Legal obligation | When required by law, subpoena, court order, or to protect rights and safety |
| Corporate transactions | Merger, acquisition, restructuring | Subject to the same privacy commitments described in this policy |
6. Data Retention
| Data Category | Retention Period |
|---|---|
| Biometric face data | Zero retention — processed in RAM and immediately discarded |
| Identity verification results | Configurable per deployment — typically 30–90 days |
| Access event logs | Configurable per deploying organization's policy |
| Website analytics | 26 months (aggregated and anonymized) |
| Contact submissions | Duration of business relationship + 2 years |
| Account data | Duration of account + 30 days post-deletion |
For government deployments, retention periods are determined by the deploying government's data governance policies.
7. Data Security
We implement technical and organizational measures to protect personal information:
- Encryption in transit: TLS 1.3 for all data in transit. Mutual TLS (mTLS) between internal services.
- Encryption at rest: AES-256 for all data at rest.
- Key management: HSM-based key management (PKCS#11) for cryptographic operations. Keys never exist outside the secure element unencrypted.
- Access control: Role-based access control (RBAC) with multi-factor authentication for all administrative access.
- Monitoring: Comprehensive audit logging with SIEM integration. Tamper-resistant, append-only logs.
- Penetration testing: Regular third-party penetration testing. Reports available under NDA.
For our full technical security architecture, see our Security & Trust Center.
8. Your Rights
Depending on your jurisdiction, you may have some or all of the following rights:
Request a copy of the personal information we hold about you.
Request correction of inaccurate or incomplete personal information.
Request deletion of your personal information, subject to legal retention obligations.
Receive your personal information in a structured, machine-readable format.
Object to processing of your personal information for specific purposes.
Opt out of the sale or sharing of personal information. Note: KeyShare does not sell personal information.
To exercise any of these rights, contact …. We will respond within 30 days (or as required by applicable law).
10. International Data Transfers
KeyShare is headquartered in the United States. Data residency is configurable per deployment:
| Deployment | Data Location |
|---|---|
| Website (keyshare.id) | United States (AWS) |
| Hotel deployments (GEP) | Configurable: US, EU, or regional |
| Building access (Connect) | Configurable: US, EU, UK |
| Visitor management (VEP) | Configurable: US, EU, UK, other on request. Biometric data never leaves device. |
| Government (DPI) | Sovereign in-country deployment. No cross-border transfer without explicit configuration. |
Where personal information is transferred internationally, we rely on Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms as required under GDPR and applicable law.
11. Children's Privacy
Our services are not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected such information, please contact us at … and we will promptly delete it.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated "Last Updated" date. If changes are significant, we will provide additional notice through our platform or by email. Your continued use of our services after changes take effect constitutes acceptance of the updated policy.