Privacy Policy

Last updated: 2025-09-07

SecureEntry360 is a product of DCS Software Solutions LLC (“we”, “us”, “our”). We respect your privacy. This policy explains what we collect, why we collect it, how we use and share it, and the choices you have.

1) Scope

This policy covers data collected through our websites (e.g., secureentry360.com), the SecureEntry360 applications (web and mobile), and customer support channels. It does not cover third-party sites or services that we do not control.

2) Who is the data controller?

• Marketing & account data: DCS Software Solutions LLC is the controller.
• Customer tenant data: our customer (e.g., a property management company) is the controller of personal data stored in its tenant database (residents, visitors, staff, access logs). We act as the processor.

Architecture note: Each customer has a separate database by default; data is not co-mingled across tenants.

3) Information we collect

• Account & contact data (when you sign up or contact us): name, email, company, role, phone (optional).
• Billing data (for paid plans): billing name, address, last-4 card details via our payment provider. We don’t store full card numbers.
• Product usage & device data: pages/actions, timestamps, IP address, device/OS/browser info, app crash and performance telemetry.
• Support data: messages, attachments you send to our help channels.
• Tenant data (processor): residents, staff and vendor profiles; visitor invitations; passes (QR/PIN hashes only); check-ins/outs; blacklist entries; audit logs. The customer chooses what to collect and how long to keep it.
• Cookies/Local storage: to keep you logged in, remember preferences, and measure site performance.

4) How we use information

• Provide, operate, secure, and improve the service
• Set up and manage accounts, subscriptions, and billing
• Authenticate users, prevent fraud and abuse, and audit access
• Provide support and communicate about service changes
• Analyze aggregated usage to improve features and performance
• Comply with legal obligations

5) Legal bases (EEA/UK)

• Contract: to provide the service you requested
• Legitimate interests: security, fraud prevention, product analytics
• Consent: where required (e.g., certain cookies/marketing)
• Legal obligation: tax and compliance record-keeping

6) How we share information

We don’t sell personal information. We share data only with:

• Service providers / subprocessors under contract (hosting, CDN, email, payments, analytics, error tracking). They may process data on our behalf and only as instructed.
• Compliance and safety: to comply with law, respond to lawful requests, or protect rights, safety, and security.
• Business transfers: if we engage in a merger, acquisition, or asset sale, we’ll notify you and honor this policy.

A current list of core subprocessors is available on request at [email protected].

7) Data retention

• Account & billing: kept for the life of the account and as required by law (typically 7 years for invoices).
• Operational logs: app/server logs typically kept 30–90 days.
• Tenant data: retained according to each customer’s settings and contract (default: 12 months for audit logs unless the customer configures otherwise).
• Backups: encrypted backups are kept for a limited rolling window (e.g., 30 days) and then deleted.

8) Security

• Data isolation: one database per customer tenant by default
• Encryption in transit and at rest for supported fields; sensitive credentials are hashed with per-record salt
• Role-based access controls and audit logging
• Rate limiting and protections against common web threats
• Backups, monitoring, and incident response procedures

9) International transfers

We may process data in the United States and other countries. Where required, we use appropriate safeguards for cross-border transfers (e.g., Standard Contractual Clauses).

10) Your rights

Depending on your location, you may have rights to:

• Access, correct, or delete your personal data
• Object to or restrict certain processing
• Port your data
• Withdraw consent where processing is based on consent

If your data is held in a customer’s tenant (e.g., you are a resident or visitor), please contact that customer directly. We will assist them as processor. For other requests, contact us at [email protected].

11) California (CCPA/CPRA)

We do not sell or share personal information for cross-context behavioral advertising. California residents can exercise rights of access, deletion, and correction by emailing [email protected].

12) Cookies & analytics

We use cookies or similar technologies for authentication, preferences, performance, and limited analytics. You can control cookies via your browser settings. Some features may not work without essential cookies.

13) Children

Our services are not directed to children under 16. We do not knowingly collect data from children under 16.

14) Changes to this policy

We may update this policy from time to time. We will post the updated version here and change the “Last updated” date. If changes are material, we will provide additional notice.

15) Contact us

Questions or requests? Email [email protected].
DCS Software Solutions LLC — Privacy

This template is provided for general information and does not constitute legal advice. Please adapt for your specific data flows and consult counsel where appropriate.