Privacy Policy
Effective date: July 1, 2026 Last updated: July 1, 2026
This Privacy Policy explains how Revivo Project Inc., doing business as Iron Lock ("Iron Lock," "we," "us," or "our"), collects, uses, shares, and protects personal information in connection with the Iron Lock mobile app (iOS and Android), our cloud services, and our smart safe / lock box products (together, the "Services").
We built the Iron Lock app to control a physical security product. We collect as little personal information as possible, we do not sell your personal information, and — importantly — your fingerprints never leave your safe. This policy describes exactly what we do and do not do, and the rights you have.
This document is provided for transparency and is not legal advice.
1. Quick summary (the short version)
What we collect: your email address and password (to create your account), names and labels you type (members, rooms, devices), an activity log of lock/unlock events, the access codes (PINs) you set, references to which fingerprint sensor slots are in use, and any messages you send to our in-app support assistant.
What we do NOT collect: your location or GPS, your fingerprint images or templates, advertising identifiers, push-notification tokens (see Section 3.10 for the future-alerts caveat), or any data for advertising or tracking. We use no advertising SDKs and no third-party analytics/tracking, and no crash/diagnostics SDKs.
Fingerprints stay on the safe. Fingerprint templates are created and stored only on your safe's fingerprint sensor hardware. They are never sent to the app, our servers, or us.
We do not sell or "share" your personal information (as those terms are defined under California and other U.S. state laws), and we do not use it for cross-context behavioral advertising.
You can delete your account and data at any time from inside the app (Settings → Account → Delete Account), or by emailing us.
Who helps us run the Services: Google Firebase (account sign-in, database, and real-time device state and commands — United States), Netlify (hosting for our support-chat backend — United States), Anthropic (AI-assisted support replies), Shopify (order lookups for support), Resend (sending support email), and Expo / EAS (app build infrastructure). These are service providers acting on our behalf.
The rest of this policy gives the full detail.
2. Who we are (data controller / business)
Revivo Project Inc., dba Iron Lock 1303 E Warner Avenue, Santa Ana, CA 92705, USA Website: https://shopironlock.com Privacy contact: info@shopironlock.com
The Iron Lock app and related services are offered only in the United States. We do not direct them to, or make them available to, individuals in the European Economic Area (EEA) or the United Kingdom. See Section 13.
3. The personal information we collect
We collect the following, and only the following, categories of information.
3.1 Account information
Email address and password. Collected when you sign up or sign in. Authentication is handled by Google Firebase Authentication; Firebase manages your password using its own hashing — the Iron Lock app does not store your password itself.
Display name. A name you provide for your account profile.
We use this to create and secure your account, sign you in, send password-reset and email-verification messages, and identify you within the app.
3.2 Information you enter to manage your safes
Member/user names and roles (for example "Spouse," "Cleaner," and access levels such as Admin, Normal, or Temporary) that you, as the owner, type in to give other people access.
Device names, type, and settings (for example auto-lock, notification, and sound preferences).
Room names you create to organize your devices.
Optional profile or device photos, if you choose to add them.
We use this to let you set up, organize, and manage your safes and the people you authorize.
3.3 Access codes (PINs)
Numeric access codes (PINs) that you set so that you or people you authorize can unlock a safe with the keypad.
We use access codes solely to operate your safe. Access codes are handled by our backend and synchronized to your safe over an authenticated, encrypted connection (Google Firebase, United States) so the keypad can verify them; they are not published in the clear. Keep your access codes confidential, do not reuse codes you use elsewhere, and change a code if you believe it may have been exposed. See Section 7 (Security).
3.4 Activity / access log
An activity log of lock and unlock events — including the actor's name, the method used (for example keypad, fingerprint, or app), the result, the device, and a timestamp.
We use this to give you an access history for your safe (a security feature). We disclose at account creation that access events are logged, and you consent to this logging as part of using the Services. The app retains a limited, rolling number of recent events (see Section 6, Retention).
3.5 Real-time device state
The current state of your safe — locked/unlocked, door open/closed, online/offline, and battery level.
This live state flows through our real-time database (Google Firebase Realtime Database, United States) so the app can show and control your safe in real time. This live state is not stored long-term by us; it exists only transiently to operate the device.
3.6 Fingerprint information — read this carefully
Some Iron Lock safes include a fingerprint sensor so you can unlock the safe with your fingerprint.
Your fingerprint and any fingerprint template are created and stored only on the safe's own fingerprint sensor hardware. They are never transmitted to, uploaded to, stored by, or accessible to the Iron Lock app, our cloud services, or Revivo Project Inc. We have no ability to view, copy, or reconstruct your fingerprint.
The only fingerprint-related data in our systems is a slot reference and a label you choose (for example, "Slot 2 — Right Thumb"), so you can manage which fingerprints are enrolled. This is not biometric information and cannot be used to identify you or recreate a fingerprint.
Because we never receive or store a biometric template, we do not collect, capture, store, sell, lease, trade, or profit from biometric identifiers or biometric information. See Section 11 for our statement under state biometric laws (including Illinois BIPA and Texas CUBI) and Section 13 for the EU/UK position.
3.7 Bluetooth proximity (setup only)
During setup, the app uses Bluetooth Low Energy (BLE) to detect your nearby safe so it can pair with it. Signal-strength information is used only in memory, only during pairing, to find the right device. We declare Bluetooth as "never for location" and do not use Bluetooth in the background. We do not collect GPS or any location data.
3.8 In-app support assistant ("Maya")
If you use our in-app support assistant, we process the content of your support messages and the name and email associated with your request. When you send a message, it leaves your device and is processed by our support-chat backend, which is hosted on Netlify (United States) and uses Anthropic to help draft a reply, may look up your order on Shopify to assist you, and may email a transcript to our support team via Resend when your conversation is closed. Please avoid sending information in support chat that you do not want shared with our support system. See Section 5.
3.9 Technical security data
A signed command counter / message authentication code used to protect lock commands against replay attacks. This is operational security data, not data about you.
3.10 What we do NOT collect
For clarity, the Iron Lock Services do not collect:
Precise or approximate location / GPS. None. (Bluetooth is set to "never for location.")
Fingerprint images or templates. They stay on the safe's sensor.
Advertising identifiers, and we run no advertising SDKs.
Crash/diagnostic analytics SDKs or third-party trackers/analytics.
Push-notification device tokens — not collected today. (Notification settings in the current app are preferences only.) If a future update adds safe-event push alerts, the app will collect a push token only after you turn those alerts on, will use it solely to deliver them, and will delete it when you turn them off or delete your account; this policy will be updated first.
Social Security numbers, government IDs, financial-account numbers, payment-card data entered in the app, health data, or protected-class information.
Personal information from children under 13. (See Section 10.)
4. How we use personal information
We use personal information to:
Create, secure, and operate your account and authenticate you;
Operate your safe — sync settings, members, rooms, device state, and access codes, and let you lock/unlock and view status;
Maintain your activity/access log as a security feature;
Protect the Services and your device against tampering, replay attacks, and unauthorized access;
Respond to your support requests through the in-app assistant and our support team;
Send service and account communications (for example, password resets and verification);
Comply with law and enforce our terms.
We do not use your personal information for advertising, profiling, or automated decisions that produce legal or similarly significant effects, and we do not build advertising profiles about you.
Legal bases (EEA/UK users)
Where the EU or UK GDPR applies, our legal bases are:
Performance of a contract (Article 6(1)(b)) — creating and operating your account and your safe, and responding to your support requests;
Legitimate interests (Article 6(1)(f)) — maintaining the security activity log and protecting your device against tampering and replay attacks;
Consent (Article 6(1)(a)) — where we ask for it, such as before fingerprint enrollment and before using the support assistant. You may withdraw consent at any time.
5. How we share personal information — service providers
We do not sell your personal information and we do not share it for cross-context behavioral advertising. We disclose limited personal information only to service providers who process it on our behalf, under contract, and who are prohibited from using it for their own purposes:
Service provider What it does Location
Google Firebase Account authentication, account database, and real-time device state and commands (live lock/door state and command delivery) United States
Netlify Hosting for our support-chat backend (processes your support messages and the associated name and email) United States
Anthropic AI-assisted drafting of support replies in the in-app assistant United States
Shopify Looking up your order when you contact support United States / Canada
Resend Sending support and transactional email United States
Expo / EAS App build and delivery infrastructure United States
We may also disclose personal information: (a) to comply with law, legal process, or a lawful government request; (b) to protect the rights, safety, or property of you, us, or others; and (c) in connection with a merger, acquisition, or sale of assets, in which case we will continue to protect your information consistent with this policy.
A current list of our service providers is available on request at info@shopironlock.com.
6. How long we keep information (retention)
This section is our published data-retention policy. We keep personal information only as long as reasonably necessary for the purposes described in this policy.
Account data (email, names, member/room/device names and settings): retained while your account is active, and deleted when you delete your account.
Activity/access log: the app retains only a limited, rolling number of the most recent events stored with your account (currently up to 100 events); older entries are automatically removed.
Access codes (PINs): retained only while active; removed when you delete the code, the relevant member, or your account, including from our real-time database.
Live device state (locked/unlocked, door, battery): not stored long-term; it exists only transiently to operate the device.
Fingerprint templates: not held by us at all — they remain on the safe's sensor only until you delete the fingerprint or reset the safe.
Support messages: retained by our support systems as needed to handle and follow up on your request.
When you delete your account, your account data is erased from our database and your safe's stored codes are cleared from our real-time database. Residual copies may persist briefly in routine backups maintained by our service providers and are overwritten on their ordinary cycles.
7. Security — and a physical-product honest note
We use commercially reasonable administrative and technical safeguards to protect your information, including encryption of data in transit (TLS) for our app-to-cloud connections, authenticated and encrypted real-time database connections, server-side access rules on the lock channel, and access controls on your account.
No method of transmission or storage is completely secure, and — because Iron Lock is a physical security product — no lock can guarantee absolute security or that it will prevent forced entry, theft, hacking, or unauthorized access. Iron Lock is one layer of a broader security plan. You are responsible for keeping your account credentials and access codes confidential, retaining your mechanical backup key, and maintaining adequate battery and connectivity.
If we become aware of a data breach affecting your personal information, we will notify you and the relevant authorities as required by applicable law.
8. Your privacy rights
Depending on where you live, you may have some or all of the following rights:
Know / access the personal information we hold about you;
Delete your personal information;
Correct inaccurate personal information;
Portability — receive a copy of your information;
Opt out of the sale or "sharing" of personal information, targeted advertising, or profiling (note: we do none of these);
Limit the use of sensitive personal information (note: we use it only to provide the Services);
Non-discrimination — we will not deny you services or charge you differently for exercising your rights;
Appeal a decision on your request, where your state provides an appeal right;
Withdraw consent at any time, where processing is based on consent.
How to exercise your rights
In the app: delete your account and associated data directly via Settings → Account → Delete Account. This re-authenticates you, erases your account data tree from our database, clears your safe's stored codes from our real-time database, and removes your sign-in.
By email: contact info@shopironlock.com. To exercise access, correction, or portability, email us and we will respond within the time required by law (generally 45 days in the U.S., extendable; one month under GDPR/UK GDPR, extendable to three for complex requests). We may need to verify your identity before fulfilling a request. We currently fulfill access and portability requests manually on request rather than through an in-app export tool.
You may use an authorized agent to submit a request where the law permits; we may ask the agent to prove authorization and ask you to verify your identity.
9. "Do Not Sell or Share" and sensitive information (California and other U.S. states)
We do not sell your personal information for money or other valuable consideration, and we do not share it for cross-context behavioral advertising, as those terms are defined under the California Consumer Privacy Act (CCPA/CPRA) and similar U.S. state laws. We have not done so in the preceding 12 months. Because we do not sell or share personal information, we do not offer a "Do Not Sell or Share My Personal Information" link; however, we will honor any opt-out preference signal (such as Global Privacy Control) that we are required to recognize.
Notice at collection (connected device). Because Iron Lock is a connected device, we surface a link to this Privacy Policy in the app at or before the point the app first collects personal information, consistent with California's connected-device notice requirements.
Sensitive personal information. To the extent any information we handle is considered "sensitive" (for example, the on-device biometric capability described in Sections 3.6 and 11), we use it only to provide the Services you request — to let you unlock your safe — and not for inferring characteristics or for any purpose that would require us to offer a "Limit the Use of My Sensitive Personal Information" right. We do not sell or share sensitive personal information.
Categories collected and disclosed (CCPA). In the prior 12 months we have collected the following CCPA categories and disclosed them to service providers (Section 5) for the business purposes described above:
Identifiers (email, display name, member names, account/user/device IDs);
Customer records (account profile information);
Commercial information (order lookups via the support assistant);
Biometric information — note: we collect only non-biometric fingerprint slot references and labels; fingerprint templates are never collected (see Section 11);
Internet/network activity (app interactions, support-chat content);
Audio/electronic/visual information (optional profile/device photos);
Inferences — none; we do not create profiles about you.
State rights. Residents of California, Virginia, Colorado, Connecticut, Texas, and other states with comprehensive privacy laws may exercise the rights described in Section 8, including the right to appeal a denied request. To appeal, reply to our decision or email info@shopironlock.com with "Privacy Appeal" in the subject line.
10. Children's privacy
The Iron Lock app and Services are intended for a general adult audience and are not directed to, marketed to, or intended for use by children under the age of 13 (or under 16 where a higher age of digital consent applies). We do not knowingly collect, use, or disclose personal information from children under 13.
If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us at info@shopironlock.com and we will promptly delete that information and terminate any associated account. We do not condition a child's participation in any activity on disclosing more personal information than is reasonably necessary.
11. Biometric information (fingerprints) — U.S. state biometric laws
This section describes our practices regarding biometric identifiers and biometric information under laws such as the Illinois Biometric Information Privacy Act (BIPA), the Texas Capture or Use of Biometric Identifier Act (CUBI), and Washington (RCW 19.375). This section, together with the standalone Biometric Data Notice & Consent, serves as our publicly available written policy on biometric retention and destruction.
We do not collect, capture, receive, store, sell, lease, trade, or otherwise profit from your fingerprints or any biometric identifier or biometric information. When you enroll a fingerprint, the safe's on-device sensor converts the scan into a mathematical template stored only on the safe's hardware. That template is never transmitted to the Iron Lock app, our servers, the cloud, or any third party, and we cannot access, view, or reconstruct it.
The only fingerprint-related data in our systems is a slot reference and a label you assign (for example, "Slot 3 — Right Thumb"), which is not biometric information.
Consent. Before any fingerprint is enrolled, we show an in-app notice describing the purpose and handling of fingerprint data and obtain your consent (including, where applicable, your written release / electronic signature). Fingerprint unlock is always optional — you may instead use a numeric access code or the mechanical key.
Retention & destruction. Because we hold no fingerprint template, there is no biometric data on our servers to retain. The on-device template is retained on the safe only until you delete that fingerprint in the app or reset the safe, at which point it is erased from the sensor. The associated slot reference is deleted from our records when you remove the fingerprint or delete your account, and in no event is any biometric-related reference retained longer than necessary to provide the Services or, where required, beyond 3 years of your last interaction with us — whichever is earlier.
No disclosure. We do not disclose biometric data to any third party because we do not possess any.
Changes require fresh consent. If we ever materially change how we handle biometric functionality or this biometric policy, we will ask you for a fresh, affirmative in-app re-consent before the change applies to you, rather than treating your continued use as acceptance (see Section 14).
12. International users and data transfers
We are based in the United States, and the Services are offered only in the United States. Your information is processed in the United States (and, for Shopify order lookups, potentially Canada, which has an EU adequacy decision) by the service providers listed in Section 5. We do not offer or direct the Services to individuals in the EEA or the United Kingdom (see Section 13), so we do not routinely engage in transfers of EEA/UK personal data.
If the EU or UK GDPR nonetheless applies to any transfer to us, we rely on the EU-US Data Privacy Framework and its UK Extension where a recipient is certified, and on the EU Standard Contractual Clauses (with the UK Addendum / International Data Transfer Agreement for UK transfers) as an additional safeguard. You may request more information at info@shopironlock.com.
13. EEA and UK users — additional information
Availability and representatives. The Iron Lock app and related services are offered only in the United States and are not directed to, or made available to, individuals in the EEA or the United Kingdom. Because we do not target or offer services to individuals in those regions, we have not appointed a representative under Article 27 GDPR or Article 27 UK GDPR. If we begin offering the Services in the EEA or the UK, we will appoint and name a representative here before doing so. The remainder of this section applies only to the extent the EU or UK GDPR applies to you.
Data Protection Officer. Based on the nature and scale of our processing, we are not required to appoint a Data Protection Officer. Direct privacy questions to info@shopironlock.com.
Your GDPR rights. You may request access, rectification, erasure, restriction of or objection to processing, and portability, and you may withdraw consent at any time. You can delete your account and all associated data in the app (Settings → Account → Delete Account) or email us; we will respond within one month (extendable to three for complex requests), free of charge.
Right to complain. You have the right to lodge a complaint with your local supervisory authority, or in the UK with the Information Commissioner's Office (ico.org.uk).
Special-category (biometric) data. As explained in Sections 3.6 and 11, we do not receive or store any biometric template; the relationship for fingerprint enrollment is between you and your safe's sensor. Where any biometric processing is attributed to us, our legal basis is your explicit consent (Article 9(2)(a)), obtained at enrollment.
Children. The Services are not intended for children under 16; see Section 10.
14. Changes to this policy
We may update this policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you in the app or by email. We review this policy at least once every 12 months. Your continued use of the Services after an update means you accept the revised policy.
Biometric re-consent. For material changes to how we handle biometric functionality or to the Biometric Data Notice & Consent, we will obtain your affirmative in-app re-consent (a fresh biometric consent) before the changed practice applies to you, rather than relying on continued use as acceptance. This is a specific exception to the general "continued use means acceptance" rule above.
15. Contact us
Revivo Project Inc., dba Iron Lock 1303 E Warner Avenue, Santa Ana, CA 92705, USA Email: info@shopironlock.com Website: https://shopironlock.com
If the EU or UK GDPR applies to you, the additional information in Section 13 also applies.
*This Privacy Policy is provided for transparency and does not constitute legal advice. Iron Lock is a trademark / DBA of Revivo Project Inc.*
