Lockette Privacy Policy
Last Updated: January 2025
Our Core Promise: Lockette is designed with privacy as a fundamental principle.
We use zero-knowledge cryptography to verify your age without storing, transmitting, or accessing
your personal identity information.
1. Information We Collect
Lockette collects minimal data necessary for the service to function:
1.1 Information We DO Collect
- Anonymous Device Identifier: A one-way cryptographic hash (SHA-256) of your device. This cannot be reversed to identify you or your device.
- Age Verification Status: A boolean (yes/no) indicating whether you meet the required age threshold (e.g., 18+, 21+, 25+).
- Verification Timestamp: When your age was verified.
- Verification Count: How many times your verification has been checked.
1.2 Information We DO NOT Collect
- Your name or identity
- Your date of birth
- Your government ID or document contents
- Your biometric data (fingerprints, face scans)
- Your location (beyond what's needed for the verification moment)
- Your browsing history or app usage
- Contact information (email, phone)
2. How We Use Information
The minimal information we collect is used solely to:
- Verify that you meet age requirements without revealing your identity
- Prevent fraud and abuse of the verification system
- Provide verification status to businesses you choose to interact with
3. Zero-Knowledge Proof Technology
Lockette uses advanced cryptographic techniques called "zero-knowledge proofs" (ZKPs). This technology allows us to mathematically prove that you are above a certain age without revealing:
- Your actual age or birth date
- Any information from your identity document
- Any biometric data used in the verification
The proof is generated entirely on your device and only the cryptographic result (not personal data) is transmitted.
4. Biometric Data
If you use biometric authentication (fingerprint or face recognition):
- Biometric data is processed only on your device
- We use secure hardware (Android Keystore / iOS Secure Enclave)
- Biometric data is never transmitted to our servers
- We never have access to your biometric data
5. Data Sharing
We do not sell, rent, or trade your personal information. We share only:
- Age verification status: A simple yes/no answer to businesses you choose to verify with
- Legal requirements: If required by law (e.g., court order)
6. Data Security
We protect data using industry-leading security measures:
- All data is encrypted in transit (TLS 1.3)
- Server infrastructure uses enterprise-grade security
- Regular security audits and penetration testing
- Zero personally identifiable information stored on servers
7. Data Retention
- Verification status: Retained until you request deletion or the verification expires
- Device hash: Retained only while your verification is active
You can request deletion of all data associated with your device at any time.
8. Your Rights
You have the right to:
- Access: Know what data we have about your device (which is minimal)
- Deletion: Request complete deletion of your verification data
- Portability: Receive your data in a standard format
- Withdraw: Stop using the service at any time
9. Children's Privacy
Lockette is designed specifically to verify adult age status. We do not knowingly collect information from children under 13. If you believe we have information about a child, please contact us immediately.
10. International Users
Our services are available globally. By using Lockette, you consent to the processing of your minimal data in accordance with this policy. We comply with:
- GDPR (European Union)
- CCPA (California)
- Other applicable privacy regulations
11. App Store Data Disclosures
For transparency with app store requirements:
Apple App Store (iOS)
- Data Used to Track You: None
- Data Linked to You: None
- Data Not Linked to You: Device identifier (hashed, anonymized)
Google Play Store (Android)
- Data Collected: Device identifier (hashed)
- Data Shared: None
- Data Encrypted in Transit: Yes (TLS 1.3)
- Data Deletion: Available upon request
12. Changes to This Policy
We may update this privacy policy periodically. We will notify you of significant changes through the app or our website. Continued use of Lockette after changes constitutes acceptance of the updated policy.
13. Contact Us
For privacy inquiries or to exercise your rights:
- Email: privacy@lockette.dev
- Website: https://lockette.dev/privacy-policy.html
© 2025 Lockette. All rights reserved.
This privacy policy is effective as of January 2025.