Privacy Policy
Last updated: July 2026
DRAFT for attorney review — not yet legally operative. Placeholder pending counsel sign-off before go-live.
Keyless Technologies LLC ("Keyless", "we", "us") provides a smart key-access platform to automobile dealerships. This policy explains what we collect, why, and your choices. It covers our website, dealer portal, mobile app, and lockbox hardware.
Who our users are
Keyless is a business-to-business service. Our direct users are dealership staff (owners, general managers, managers, salespeople, porters) and dealership customers whose limited information a salesperson may record for a test drive. We do not sell a consumer product or run consumer accounts.
What we collect
- Dealership & staff data: business name, address, staff names, work emails, roles, and authentication data. Passwords are stored only as salted hashes; we never see them. Two-factor secrets are encrypted at rest.
- Access & audit events: which staff member unlocked which lockbox, when, and from where (app session). This audit trail is the core of the product.
- Vehicle & lockbox data: inventory details, lockbox status, battery, and — on GPS-equipped lockboxes — location during active test drives.
- Test-drive customer data: at the dealership's direction, a salesperson may record a customer's name, phone, and optional email for a test drive. We do not collect or scan driver's licenses.
- Website requests: if you request a demo, the business and contact details you submit, plus basic technical data (IP, browser) for security.
What we do NOT do
- We do not sell personal information.
- We do not store payment card or bank-account numbers — payments are processed by Stripe; card/bank data goes to Stripe, not to us.
- We do not capture, photograph, or store government-issued identification.
How we use data
To operate the platform: authenticate users, authorize and record lockbox access, show fleet status, generate reports, detect and escalate security anomalies (for example, an unlock attempt from an unauthorized surface), and support the dealership. With a dealership's consent, we may pass agreed data to their DMS/CRM to enrich their own records.
How we protect it
- Encryption in transit (TLS) and at rest for sensitive fields; per-lockbox keys are encrypted and never leave our backend.
- Tenant isolation — each dealership's data is scoped to that dealership.
- Role-based access, two-factor authentication, rate limiting, brute-force lockout, and a tamper-evident audit log.
- A web-application firewall and DDoS protection at the edge.
Data ownership & retention
A dealership's operational data belongs to that dealership. It is exportable at any time, and we return or delete it on request when an agreement ends, subject to legal retention obligations.
Your choices
Dealership administrators manage their staff accounts and can request access, correction, export, or deletion of data by contacting us. A test-drive customer who wants their recorded contact information removed can ask the dealership or email us directly.
Contact
Keyless Technologies LLC — ygor@keylesstech.net · Orlando, FL