Contact

Gatekeeper Privacy Policy

Effective date: 7 June 2026

1. Overview

Gatekeeper is an internal mobile application developed by Level23 B.V. ("Level23", "we", "us") for both Android and iOS. It lets authorised Level23 staff open the company's gate and front door from their phone, in-car head unit (Android Auto / CarPlay), or smartwatch (Wear OS / watchOS). The app is distributed via the Google Play Store and the Apple App Store and is provided free of charge. This page explains what data the application collects, why, and what we do with it. The same policy applies to the Android and iOS versions of the app.

2. Data we collect

Each time the user triggers the gate or door, the app sends the following to an internal Level23 access-control API over HTTPS:

  • A per-install device identifier. A UUID generated by the app on first launch and stored locally in the app's private storage (SharedPreferences on Android, the Keychain on iOS). The API uses this to look the device up in our internal whitelist. The identifier is regenerated on app uninstall or factory reset.
  • The device name as configured in the operating system (e.g. "Teye's Pixel 8"). This is sent so that, if a request comes from a device that is not yet whitelisted, our operators can recognise who is holding it without having to ask the user to type a name.
  • Which action was requested (gate or door) and, if it was fired automatically by the geofence, a geofence=1 marker.

The app does not collect contacts, calendar, photos, microphone, call logs, SMS, browsing history, advertising IDs, or any analytics events. There are no third-party analytics or advertising SDKs.

3. Location data (geofence feature)

Gatekeeper has an optional "Geofence" feature, off by default, that the user can enable from the app's main screen. When enabled it automatically opens the gate when the device enters a small radius (approximately 300 metres) around the Level23 office.

To make this work we request the platform's location permission at the moment the user toggles the feature on — including the "Allow all the time" / "Always" level needed to fire the trigger while the app is closed (on Android this corresponds to ACCESS_FINE_LOCATION, ACCESS_COARSE_LOCATION and ACCESS_BACKGROUND_LOCATION; on iOS this corresponds to the "When In Use" and "Always" Location Services authorisations). Before the system prompt appears, the app shows an in-app disclosure dialog explaining what the data is used for.

Location data is read on-device only, via the operating system's geofencing API (Google Play Services on Android, Core Location on iOS). Coordinates are never transmitted to our servers, to Google, to Apple, or to any third party. The only thing that leaves the device when the geofence triggers is the same gate-open request described in section 2, with an extra geofence=1 marker so our operators can tell automatic opens apart from manual taps. Auto-open only fires between 06:00 and 23:00 Europe/Amsterdam time.

The user can disable the feature at any time from the same toggle, which instantly removes the geofence registration from the operating system.

4. How we use the data

The data described above is used exclusively to:

  • verify the request is coming from an authorised Level23 device;
  • actuate the physical gate or door hardware accordingly;
  • log the request server-side for security auditing.

We do not use the data for advertising, profiling, or any commercial purpose. We do not sell or rent the data.

5. Data sharing

We do not share user data with third parties. The only network endpoint the app talks to is an internal API, hosted and operated by Level23 itself. On-device system frameworks (Google Play Services on Android, Core Location on iOS) are used purely to read the device's own position; no location data is sent to Google or Apple as part of that.

6. Data retention

Gate-open server logs are retained for up to 90 days for security and audit purposes, then automatically deleted. The device identifier and device name persist in our whitelist only for as long as the device is authorised to use the gate; we remove them when an employee leaves the company or asks us to.

7. Security

All communication with our API uses HTTPS. Each request additionally carries an opaque shared secret in the request body and in an HTTP header. The device identifier is stored in the application's private, sandboxed storage — SharedPreferences on Android, the Keychain on iOS — which is not readable by other apps on the device.

8. Your rights

You can stop the app from collecting any data at any time by:

  • Toggling the Geofence switch off — instantly stops all location collection.
  • Revoking the location permission via system settings — on Android: Settings → Apps → Gatekeeper → Permissions; on iOS: Settings → Privacy & Security → Location Services → Gatekeeper.
  • Uninstalling the app — removes the locally stored device identifier and stops all data collection by the app.

To have your device removed from our server-side whitelist or to request a copy or deletion of any server-side logs that mention your device, contact us at the address below.

9. Children

Gatekeeper is an internal tool for Level23 employees only. It is not directed at children and we do not knowingly collect any data from anyone under the age of 18.

10. Changes to this policy

We may update this Privacy Policy from time to time. The effective date at the top of this page reflects the latest revision. Material changes will be announced inside the app on the next release.

11. Contact

Questions about this Privacy Policy, requests for access or deletion, or anything else relating to Gatekeeper can be sent to info@level23.nl.