Skip to main content
Order Now

Privacy Policy

Introduction

At Key-Master, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains what data we collect, how we use it, and your rights under GDPR.

What Data We Collect

  1. Contact Information (email, mobile number) - Encrypted or Hashed for security - even we cannot access them.
  2. Key Safe Access Data - Only stored in encrypted form.
  3. Usage Data - Basic analytics to improve the service (no personal tracking).

How We Use Your Data

  1. To provide secure access to your Service.
  2. To notify authorised Family & Friends when access to a Service is requested.
  3. To notify authorised Family & Friends when access to a Service is granted.
  4. To notify Family & Friends when they have been added to a Service.
  5. To improve the service and troubleshoot issues.

Data Security

  1. All stored contact details are encrypted or hashed, so even we cannot access them.
  2. No third-party data sharing - We never sell or share your data with third parties.
  3. Data is processed securely and the key safe code is only displayed over a secure connection.
  4. Data is never transferred outside our infrastructure boundary, which includes all servers, cloud environments, and hosting providers under our direct control, except for secure backup purposes. Any such backups are encrypted at rest and in transit in accordance with industry standards to ensure data protection and regulatory compliance.

GDPR Compliance

Under GDPR, users in the UK and EU have specific rights regarding their personal data:

GDPR Right What It Means

  • Right to Access - Request a copy of the personal data we store about you.
  • Right to Rectification - Request corrections to incorrect or incomplete data.
  • Right to Erasure (“Right to be Forgotten”) - Request deletion of your personal data.
  • Right to Restrict Processing - Request limited processing of your data.
  • Right to Data Portability - Request your data in a machine-readable format.
  • Right to Object - Opt out of processing for direct marketing or legitimate interest.

To exercise these rights, contact us with the subject line "GDPR Data Request".

Data Retention Policy

  1. Encrypted contact details are retained for as long as the Service is enabled + a 4 week reactivation window.
  2. Disabled Services will be automatically deleted after 4 weeks.
  3. You can request a Service deletion at any time.

Emergency Service Access Disclaimer

  1. Emergency service access is a convenience feature and does not guarantee entry.
  2. We are not responsible for delays, failures, or miscommunications related to emergency access.

Third-Party Services & Data Transfers

  1. Our servers are located in the EU.
  2. We do not transfer data outside of the UK/EU.
  3. If we use external services, they are GDPR-compliant and listed here: Stripe, AWS, IONOS.

Changes to This Privacy Policy

We may update this Privacy Policy. If significant changes occur, we will notify users.

Contact Us

For GDPR-related requests or privacy concerns, please contact us.

Last updated: 11-02-2025

New Key-Master is a new service. Help us improve it and give your feedback (opens in new tab).