Privacy Policy
Last updated: July 10, 2026
1. Introduction
Lockstry ("we," "us," or "our") provides self-storage access technology, including mobile
apps, an owner and manager web portal, NFC-powered smart lock hardware, cloud services,
optional facility camera viewing and computer-vision features ("Vision"), and this website
(collectively, the "Services"). This Privacy Policy explains how we collect, use, share, and
protect your personal information when you use any part of our Services.
By using our Services, you agree to the practices described in this policy. If you do not
agree, please do not use our Services. This policy should be read alongside our
Terms of Service.
2. Information We Collect
(a) Information you provide
- Account information: Name, email address, and account status.
-
Organization and facility access: Invitations, organization roles,
facility assignments, and permissions granted to organization owners and facility
managers.
-
Move-out content: Photos of your storage unit taken during the move-out
process, along with any optional notes or survey responses you submit.
-
Key sharing details: When you share access to your unit, we collect the
name, email address, and access parameters (such as expiration date) of the person you
share with.
-
Support communications: Any information you provide when contacting us
for help.
(b) Information collected automatically
-
Device information: Device type, operating system, and app version.
- Network information: IP address.
-
Usage and audit data: App and portal interactions, authentication events,
invitations, permission changes, lock and unlock activity, and feature usage. Access
events may include the user, facility, unit, lock, time, action, and result. We may also
record move-out notification delivery and read status.
-
Location data: Approximate location, only if you enable location services
on your device.
(c) Information from third parties
-
Facility and lease data: Your storage facility provides us with
information from their storage management platform, such as your unit assignment, lease
status, and contact details, so we can set up and manage your access.
(d) Vision information
If a facility enables Vision, authorized users may view camera feeds made available by that
facility. Software running on facility-controlled equipment may analyze visible activity to
indicate whether a person or vehicle appears in view. The current Vision service does not
perform facial recognition, identify individuals, or make claims about a person's identity.
(e) Information we do NOT collect
-
Payment card data: We do not collect, process, or store credit card
numbers or other payment credentials. All billing is handled by your facility's payment
provider.
-
Biometric templates: If you enable Face ID or Touch ID in the app, your
biometric data is processed and stored entirely on your device by your operating system.
Lockstry never receives, transmits, or stores biometric templates.
-
Facial recognition data: Vision does not create facial templates or use
facial recognition to identify people.
We also collect non-personal information, such as aggregated usage statistics, for
analytics.
3. How We Use Your Information
We use the information we collect to:
-
Authenticate your identity: Send email sign-in links or one-time codes,
depending on the part of the Services you use.
-
Provide lock access: Deliver encrypted digital keys to your device so you
can lock and unlock your storage unit via NFC.
-
Process move-outs: Collect and store required unit photos and route them
to your facility operator.
-
Manage facility teams: Process invitations, organization roles, facility
assignments, and feature permissions for owners and managers.
-
Provide facility operations tools: Show authorized users access history,
move-out notifications, and, when enabled, facility camera feeds and visible
person-or-vehicle indicators.
-
Send transactional communications: Notify you about account activity,
access changes, and service updates via email.
-
Maintain security: Enforce rate limiting, log access events for audit
purposes, and detect unusual activity.
-
Improve our Services: Analyze usage trends to enhance functionality and
reliability.
-
Comply with legal obligations: Respond to lawful requests and enforce our
terms.
4. How We Protect Your Information
We use layered security measures to protect your data:
-
NFC encryption: Communication between the app and our smart locks is
encrypted. Authorized lock credentials may be stored in device-protected storage so that
some lock operations continue without an internet connection. Temporary shared credentials
retain their expiration date.
-
Authentication: Sessions use secure tokens that expire automatically. API
endpoints enforce rate limits to prevent abuse.
-
Access controls: Server-side authorization limits organization owners and
facility managers to the organizations, facilities, and features assigned to them.
-
Biometric security: If you enable Face ID or Touch ID, your biometric
data remains in your device's secure keychain and is never sent to our servers.
-
Photo storage: Move-out photos are stored in encrypted cloud storage.
No system is completely secure, and we cannot guarantee absolute security. If you believe
your account has been compromised, contact us immediately at
[email protected].
5. Data Sharing
We do not sell your personal data. We may share your information with the following parties:
-
Cloud infrastructure: We use third-party cloud services for hosting,
email delivery, encryption key management, photo storage, and monitoring. These providers
process data on our behalf under their data processing agreements.
-
Your storage facility: We share access activity, move-out photos, and
account information with your facility operator through their storage management platform
so they can manage their property.
-
Authorized facility users: Organization owners and permitted facility
managers may view information for the organizations, facilities, and features they are
authorized to manage. Organization owners may also view and manage organization team
information. Depending on assigned access, other information may include access history,
move-out notifications, and enabled Vision feeds.
-
Legal compliance: We may disclose information when required by law,
regulation, or legal process such as a court order or subpoena.
-
Business transfers: If Lockstry is involved in a merger, acquisition, or
sale of assets, your information may be transferred as part of that transaction. We will
notify you of any such change.
6. Data Retention
We keep information only while it is reasonably needed to provide the Services, support a
facility's operations, protect security, maintain an audit record, resolve disputes, or meet
contractual and legal obligations. The exact period can vary by data type and by the
facility's agreement and legal requirements.
-
Active account data: We retain your account information for as long as
your account remains active.
-
Access and audit records: The current portal lets authorized users search
up to 12 months of access history. That visibility window is not a promise that records
are automatically deleted or archived after 12 months. Records may remain in active
systems longer when needed for facility operations, security, audits, disputes,
contractual requirements, or law. Any longer-term archive or deletion schedule is governed
by our written procedures and applicable facility agreements as those processes are
implemented.
-
Move-out photos: Photos are retained according to your facility
operator's policy.
-
Authentication records: Email sign-in codes expire after a short time. We
may retain limited authentication and session records temporarily to prevent fraud,
investigate security issues, and maintain service integrity.
-
Vision media: The current Lockstry Vision service does not retain camera
video, frames, clips, or person-or-vehicle detection results in Lockstry cloud storage. A
facility may separately record and retain video using its own network video recorder (NVR)
or camera system. The facility operator controls that system and its retention policy.
-
After account closure: Closing an account disables access, but it does
not necessarily erase every associated record immediately. We delete or de-identify
personal information when it is no longer reasonably needed, while retaining information
required for facility records, security and audit history, disputes, contracts, or law.
You may request account deletion through the Settings screen in the app or through our
account deletion request page.
7. Your Rights and Choices
You have the following rights regarding your personal information:
-
Access and update: View and edit your profile information through the
app's Settings screen.
-
Delete your account: Request account deletion through the app's Settings
screen or our account deletion request page. Certain
facility, access, move-out, security, and audit records may be retained or de-identified
as described above.
-
Location services: You can enable or disable location access through your
device's system settings. Disabling location may limit certain app features.
-
Biometric authentication: You can enable or disable Face ID/Touch ID
through the app's Settings screen at any time.
-
Promotional communications: Opt out of promotional emails via unsubscribe
links or by contacting us. Transactional messages, including sign-in, invitation,
permission, access, and move-out messages, cannot be opted out of while they are needed to
provide your account or facility services.
To exercise any of these rights, contact us at
[email protected]. You may also have additional
rights under applicable local privacy laws.
8. International Data Transfers
Our Services are hosted in North America. Lockstry currently operates exclusively in North
America. If you access our Services from outside this region, your data will be transferred
to and processed in North America. By using our Services, you consent to this transfer,
subject to applicable data protection laws.
9. NFC Technology and Lock Communication
Our smart locks use Near Field Communication (NFC) technology to provide battery-free,
phone-powered access to storage units. Here is how we handle data in this process:
-
How it works: When you tap your phone to the lock, your device supplies
power to the lock via NFC and transmits an encrypted access credential. The lock verifies
the credential and responds with a lock or unlock confirmation.
-
Encryption: Communication between your phone and the lock is encrypted.
Credentials are issued by our servers and protected using device security controls.
-
Secure offline credentials: After the app obtains an authorized
credential, it may keep that credential in device-bound protected storage to support
offline lock operation. Credentials for ongoing tenant or owner access may remain on an
offline device until the user signs out, the app reconnects and receives an access change,
or the physical credential is rotated. Temporary shared credentials remain subject to
their configured expiration.
-
Operation logging: Lock and unlock events are recorded with a timestamp
and user or access-grant identifier for security and audit purposes. If the device is
offline, the event may be uploaded after connectivity returns.
10. Photographs and Media
During the move-out process, you are required to take photos of your storage unit. These
photos are:
- Uploaded to and stored in encrypted cloud storage.
- Shared with your facility operator as part of the move-out record.
- Retained according to your facility operator's policy.
You may also submit optional notes and a brief survey as part of the move-out process. This
information is shared with your facility operator.
11. Facility Vision
Vision is an optional facility feature. Authorized organization owners and facility managers
with the required permission may view camera feeds for assigned facilities. Video is routed
from facility-controlled camera equipment through secured connections. The current Lockstry
Vision service analyzes frames only to indicate visible people or vehicles; it does not
identify individuals or use facial recognition.
Lockstry does not retain Vision video, frames, clips, or detection results in Lockstry cloud
storage as part of the current service. A facility's separate camera system or NVR may
record the same feed under the facility operator's own settings and policies. Questions
about facility recordings should be directed to the facility operator.
12. Changes to This Policy
We may update this policy. Significant changes will be notified via email or app
notifications. Continued use constitutes acceptance.
13. Contact
For privacy concerns, contact
[email protected].