Privacy Policy

Last updated 2026-04-18

Royale is a private security and visitor-management application provided to residents and security personnel of a single residential neighbourhood (the “Community”). This policy describes what information the application collects, how it is used, and the choices you have about it.

Royale is not a public service. Accounts are created only by a Community administrator. You cannot sign up from the application itself.

Information we collect

We only collect information that is necessary to operate the Community’s access-control, visitor, and notification workflows:

  • Account information. Your full name, phone number, role (resident or guard), unit number, and household membership. These are provisioned by the Community administrator at onboarding.
  • Authentication data. A 6-digit PIN that you choose. PINs are stored as salted hashes on the server and are never retrievable in plain text.
  • Visitor and vehicle information you enter. Names, reasons for visits, car plate numbers, and expiry times for the passes you create.
  • Entry-gate photos.When manual registration is used at the gate, the security guard captures a photo of the visitor’s identification document and, where applicable, the vehicle’s car plate. These photos are stored with the corresponding registration record.
  • Activity logs. QR pass scans, vehicle entries, manual registrations, and emergency alerts, each stamped with a timestamp, the user who recorded it, and the unit number involved.
  • Device push tokens. An anonymous token issued by Apple (APNs) or Google (FCM) and delivered to us through Expo Push, used solely to send you notifications related to your unit.
  • Language preference. Your selected interface language.

We do not collect precise location, browsing activity, advertising identifiers, contacts, microphone input, health data, or any other information not listed above. We do not operate advertising or tracking SDKs.

How we use your information

  • Authenticating you to the Community’s portal.
  • Creating and validating visitor passes and vehicle allow-lists for your unit.
  • Keeping a record of gate activity for safety and audit purposes.
  • Delivering push notifications about passes, registrations, and emergency events relevant to your unit.
  • Allowing security personnel to verify entries at the gate and respond to emergency assist requests.

We never sell or rent your information. We do not use your information for advertising, profiling, or automated decision-making of any kind.

Who can see your information

  • Other members of your unit can see the visitor passes, vehicle allow-lists, and household members of that unit.
  • Security personnel (guards) can see incoming passes they are asked to verify, plate numbers, and registration photos at the moment of entry, together with the historical activity log for their duty.
  • The Community administrator can see all information in order to provision accounts, manage units, and oversee operations.
  • Infrastructure providers that we use to operate the service: Convex (database and backend hosting), Apple (APNs push), Google (FCM push), and Expo (push-notification dispatch). These providers process data strictly on our behalf.

How long we keep it

Account information is retained while your account is active. Activity logs, passes, and registration photos are retained for as long as the Community determines is appropriate for security and audit purposes, typically not more than twenty-four (24) months from the date of the event, after which they are deleted or anonymised. Push tokens are deleted when you uninstall the application or turn off notifications.

Your choices

  • Sign out. You can sign out of the application from the profile screen at any time. Signing out removes your credentials from the device.
  • Update your PIN. You can change your PIN at any time from the profile screen.
  • Turn off notifications. You can disable push notifications from your device settings or from the profile screen.
  • Request account removal. You can request deletion of your account and the personal data associated with it by emailing support@theroyaleneighbour.com. We will remove your account and associated personal data within 30 days of verifying your request, except where we are required by law or by a legitimate security interest of the Community to retain certain logs (in which case they will be anonymised).

Security

Authentication tokens are transmitted over HTTPS and stored on your device in the operating system’s secure credential store (Keychain on iOS, Keystore on Android). PINs are stored as salted hashes. Photos and structured data are stored at our backend provider using encryption in transit and at rest. While we take reasonable measures to protect your information, no system can be guaranteed to be completely secure.

Children

The application is not directed to children under 13 and we do not knowingly create accounts for them. If you believe a child’s information has been provided without authorisation, please contact us.

Changes to this policy

We may update this policy from time to time. The “Last updated” date above reflects the most recent change. Meaningful changes will be communicated in the application or by the Community administrator.

Contact

For any privacy question or request, contact support@theroyaleneighbour.com.