GateGuardX is designed to keep access control secure without compromising individual privacy. We understand that every vehicle passing through your gate represents personal or sensitive information, and we follow strict data protection principles to safeguard it.
Our Privacy Principles
• Transparency: We clearly explain what data we collect, how we use it, and how long we keep it.
• Minimal Collection: We only gather the data required for accurate and secure gate access control.
• Client Ownership: You, as our customer, remain the owner of all data collected by our system.
• Full Control: You can request data deletion or export at any time.
What Data We Collect
GateGuardX may process the following information during normal operation:
• License Plate Data: Vehicle license plate images and recognition results.
• Event Metadata: Date, time, and location of each access event.
• System Logs: Diagnostic and performance data for troubleshooting and audit purposes.
We do not collect personal names, driver photos, or other identifiable information unless explicitly configured by the client.
Data Storage & Retention
• Configurable Retention: Data is stored only as long as needed for operational purposes (e.g., default 30 days, customizable per client policy).
• Automatic Deletion: Old data is securely and irreversibly deleted after the retention period.
• Encrypted Storage: All images, event logs, and recognition results are encrypted locally on the device and in our cloud database.
Anonymization & Pseudonymization
Where possible, GateGuardX anonymizes or hashes license plate data. This ensures that even in the event of a data breach, sensitive information cannot be linked back to an individual vehicle owner without authorized access.
Data Transmission Security
• TLS 1.2+ Encryption: All communication between local image processing servers, controllers, and the cloud is encrypted end-to-end.
• Certificate-Based Authentication: Each device securely identifies itself to prevent spoofing or unauthorized access.
Access Control
• Role-Based Access (RBAC): Different user levels (e.g., operator, admin, auditor) with restricted permissions.
• Multi-Factor Authentication (MFA): Strong access security for administrative accounts.
• Client-Specific Data Segregation: Your data is logically isolated from other organizations in our cloud environment.
Compliance with Global Regulations
GateGuardX is designed to comply with major privacy regulations:
• GDPR (EU): Data minimization, lawful basis for processing, right to access, and right to be forgotten.
• CCPA (California): Clear notice of data collection and opt-out rights for personal information.
• Future Compliance: We are actively preparing for emerging privacy standards in the U.S. and EU (e.g., NIS2 Directive, updated CCPA rules).
Third-Party Vendors
Any vendors we work with for cloud hosting, analytics, or storage (e.g., AWS GovCloud, Azure Government) are under strict Data Processing Agreements (DPAs) that enforce privacy protections and compliance with GDPR and other applicable laws.
Your Rights as a Client
• Access Your Data: Request a full export of your stored data at any time.
• Request Deletion: Instruct us to permanently erase all stored data related to your organization.
•
Audit Support: We provide documentation and logs to help meet your internal or regulatory audits.