Privacy Policy

Account and profile data

When you register as a resident, gate verifier, or estate administrator, we collect your name, email address, phone number, and the estate or unit you are associated with. This information is required to create and manage your Sycure account.

Visitor pass data

Residents generate visitor passes that include the visitor's name, intended visit date and time window, and the associated estate. This data is stored so that verifiers can validate passes at the gate and so residents can review their own visitor history.

Verification and gate activity logs

Every gate verification event — including the outcome (approved or rejected), timestamp, method (QR scan or manual code entry), and the guard who performed it — is recorded automatically. These logs form the audit trail that estate administrators can review.

Device and usage data

We may collect device identifiers, IP addresses, browser or app version, and interaction data to operate the platform reliably, diagnose errors, and improve product quality. This data is not used for advertising.

Delivering the service

We use your data to authenticate users, generate and validate visitor passes, deliver real-time entry and rejection notifications, and maintain the gate activity log for your estate.

Estate security and access control

Visitor pass data, guard assignments, and verification outcomes are processed to enforce estate-specific access rules — ensuring that passes are only accepted at the correct estate and within the approved time window.

Audit and compliance

Verification logs are retained so that estate administrators can review entry history, investigate security incidents, and support internal compliance or reporting requirements.

Platform improvement

Aggregated, anonymised usage data may be used to understand how residents, verifiers, and administrators interact with the platform, so we can improve reliability and product experience.

Within your estate

Visitor pass details are shared with gate verifiers assigned to your estate so they can approve or reject entry. Estate administrators can view verification logs and guard activity across all properties they manage.

Service providers

We use trusted third-party providers for cloud infrastructure, authentication, and notifications. These providers are contractually bound to process data only on our behalf and in accordance with this policy.

Legal obligations

We may disclose your data when required to do so by law, court order, or regulatory authority, or when necessary to protect the safety or rights of Sycure, its users, or the public.

Business transfers

If Sycure is involved in a merger, acquisition, or asset sale, your data may be transferred as part of that transaction. We will notify affected users before any such transfer takes place.

Active accounts

We retain your account and profile data for as long as your account is active and in use on the platform.

Verification logs

Gate activity logs are retained for a minimum of 90 days to support audit, incident review, and estate compliance workflows. Estate administrators may request longer retention periods.

Visitor pass records

Visitor pass records are retained for 30 days after the pass expires, after which they are deleted or anonymised unless required for an active audit trail.

Deleted accounts

When an account is deleted, personal identifiers are removed within 30 days. Aggregated or anonymised log data may be retained for longer as part of estate audit records.

Access and correction

You may request a copy of the personal data we hold about you and ask us to correct any inaccuracies. You can update most profile information directly from within the Sycure app.

Deletion

You may request deletion of your account and associated personal data. Note that verification log entries may be retained in anonymised form to preserve estate audit records.

Data portability

You may request an export of your visitor pass history and account data in a machine-readable format.

Objection and restriction

Where applicable under your local privacy laws, you may object to or request restriction of certain processing activities. Contact us using the details below to submit a request.

Technical measures

Data is transmitted over encrypted connections (TLS) and stored with access controls that limit which system components and personnel can read it. Visitor passes use short-lived codes that cannot be reused after expiry.

Access controls

Guard and administrator access is scoped to specific estates. A guard assigned to one estate cannot view passes or logs for a different estate. All access is authenticated and logged.

Incident response

In the event of a data breach that affects your personal data, we will notify affected users and relevant authorities as required by applicable law.

Essential cookies

We use strictly necessary cookies and local storage to maintain your authenticated session and remember your preferences within the app. These cannot be disabled without breaking the service.

Analytics

We may use privacy-preserving analytics tools to understand product usage patterns. These tools do not use third-party advertising identifiers and do not track you across other websites.

Notification of changes

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or an in-app notice at least 14 days before the changes take effect. Your continued use of Sycure after that date constitutes acceptance of the updated policy.